New on LowEndTalk? Please Register and read our Community Rules.
All new Registrations are manually reviewed and approved, so a short delay after registration may occur before your account becomes active.
All new Registrations are manually reviewed and approved, so a short delay after registration may occur before your account becomes active.
What is the best way to keep all linux servers updated?
Hi,
i have only a few servers here at the moment, but maybe i will soon get more & i need to keep them updated. What is the best solution you know, to keep all servers updated with high comfort?
- simply doing local cron jobs?
- Cockpit Poject?
- Nagios?
- or you have any suggestions for me, whats a nice way to do this job for example for 20 servers or more?
Thanked by 1plumberg
Comments
KernelCare but it costs a few bucks per month
Orchestrator of some type. Puppet/Ansible.
sudo apt upgrade
sudo apt upgrade
... (17X) ...
sudo apt upgrade
puppet is the best, you can use also ansible but if you are behind firewall its better to use puppet
any tutorial/ quick start guide for puppet?
Yea, let a 3rd party root level access to all your machines.
Happy Zero Day.
A simple loop in a bash script with a ssh command does it all for you.
Or use tools like Ansible and subscribe to the debian security mailing list, so you know when to pull a update.
Personally i just update stuff daily myself but i dont see why apt-get update /upgrade cronjob wouldn't do everything you would want outside of some weird niche cases
https://www.linode.com/docs/applications/configuration-management/install-and-configure-puppet/
for a gui, I used puppetboard in the past, there is also foreman but this one is much lighter
https://github.com/voxpupuli/puppetboard
https://wiki.debian.org/UnattendedUpgrades ?
I use
unattended-upgrades
Ansible
Simple. Sign up with a web host from LEB. You will always keep updating your hosting providers.
Updates? Meh. I like to live on the edge.
Horoscopes?
debianubAntuIf they are the same distro, I think you can use parallel-ssh https://github.com/ParallelSSH/parallel-ssh For security updates, I use
unattended-upgrades
I personally like
cron-apt
which is quite versatile and simple to use.With this config I am using it to only download updates and to send me e-mail notifications whenever there is something new available for packages I am actually using.
If you are brave you can of course also install updates via cron-apt.
As I myself want to see what is happening, I rather do something like this to bulk execute commands on all my servers:
I know there are things like ansible & Co. But for my particular use cases I am happy with how it worked the past decades.