On Tue, Jul 31, 2018 at 07:24:58AM -0700, Noah Meyerhans wrote: :On a well-maintained system, u-u is trivial to disable if that's the :admin's desire. On a non well-maintained system, u-u is essential for :the safety of the user, the cloud provider, and the internet at large. Stongly agree. If a user doesn't know how to disable u-u when launching a cloud image I do wonder their ability to decide disabling upgrades is infact the right thing. :If there are changes we can make to the configuration we install in :cloud environments, those can be discussed, but as far as I'm concerned :the basic default availability of u-u is beyond debate. : :> Some vendors upgrade during restart, but it lengthens boot time, which :> matters when VM is run for short time (common use case for clouds). No :> consensus was found - but we should check what Ubuntu does. Unfortuantely I use Ubuntu images more than I'd like to admit ... they do upgrade on boot. If your upgrades are slow, your image is likely out of date. This again is trivially managed by cloud-config bits passed in at launch. It is reasonable to disable this if you have deployment scripts that need to install packages and you handle the update issue there so multiple things aren't racing for package db locks. This is easy enough to do if needed but I'd enourage updating and upgrading to be the default for the same safety and security reasons Noah mentioned above. -Jon
Attachment:
signature.asc
Description: PGP signature