[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: linux-headers installation by default on debian cloud images



Hi Ross,

Thanks for the explanation. I'll look into making the kernel upgrade process smooth for us before anything else then. Thanks!

On Mon, Oct 16, 2023 at 11:55 AM Ross Vandegrift <rvandegrift@debian.org> wrote:
Hi Amy,

On Mon, Oct 16, 2023 at 11:22:12AM -0700, Amy Crate wrote:
> We have some teams in GCP that would like to make use of the
> linux-headers-cloud-amd64 package. Sometimes they are using an image for
> longer than the default kernel on that image has a linux-headers package in
> the repositories, but would still like to be able to use the image without
> a kernel upgrade & reboot. For this reason we'd like to include
> linux-headers-cloud-amd64 in our images by default. Any thoughts on this?
> Is there a reason not to include this? Can this be incorporated upstream?

IMO the correct way forward for such users is to upgrade even if that
means reboting.  I think I'm opposed to this change for a few reasons.

>From a policy point of view: our images follow the requirements at [1].
Including kernel headers would be a significant deviation from the
default Debian experience.  I don't think the justification above is
sufficient to override this concern.

>From a practical point of view: it'd increase the size of the images for
one idiosyncratic use case.  Note that the linux-headers-amd64
transitive dependencies include kbuild, gcc, binutils, and a significant
number of shared libraries.

That also increases the mirror traffic for updates and the security
surface area that people's scanners will complain about.

Ross

[1] - https://wiki.debian.org/Teams/DPL/OfficialImages


--
Amelia Crate | Systems Development Engineer | GCP Guest OS Images

Reply to: