"default virt server"
Garrett Holmstrom
gholms at fedoraproject.org
Tue Mar 2 02:19:13 UTC 2010
On 3/1/2010 19:14, Mike McGrath wrote:
> How does Amazon keep their images up to date? On a 0 day kernel exploit,
> the first place I'd turn is the amazon ip space.
EC2 doesn't lend itself well to kernel updates. EBS-backed instances
aren't really problematic because one only needs to update kernel
packages, stop the instances, change kernels+initramfs images to newer
ones that Fedora has presumably already made available, and then restart
them.
Instances that don't have EBS-backed root filesystems can't be stopped,
and termination destroys them utterly. So one has to either rebundle
Fedora's image as one backed by EBS or start up a new instance with the
new kernel+initramfs, move everything over, then terminate the old one.
More information about the cloud
mailing list