[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Administration (+apt-get dist-upgrade) of 100s of machines



Daniel Palmer daniel-at-cardboardbox.org.uk |volatile-lists| wrote:
Georgi Alexandrov wrote:
Or you can:
for i in `seq 10-150`; do ssh root@10.0.0.$i apt-get update && apt-get
-y dist-upgrade &>/var/log/apt-upgrade.log; done


The automatic dist-upgrade is a bad idea in my opinion. Asking for package breakage.

Ok, but what is the alternative? I find that without dist-upgrade, I end up with a constantly growing number of packages in the
"The following packages have been kept back"
category.

Why does dist-upgrade cause "package breakage" and is there a way to avoid this? What exactly is "package breakage"? I've seen it often enough - seeing e.g. that "apt-get dist-upgrade" wants to remove the running kernel or wants to remove some vital package. I suspect that my confusion is because I don't know enough about apt+dpkg. Is there a fool-proof recipe to automate "keeping a machine up to date"?

But yeah, my experience also shows that keeping 100s of machines up to date isn't a trivial matter. That is why I was hoping for an existing, tested software tool to manage this.

If

# DEBIAN_FRONTEND=noninteractive apt-get dist-upgrade -y

is dangerous, what is the safe way of doing this? Won't just

# apt-get upgrade

end up biting me because of all the held-back packages with changed dependencies?

Peter
--
Peter Valdemar Mørch
http://www.morch.com



Reply to: