F20 System Wide Change: Visible Cloud

[Matthew Miller]

On Mon, Jul 15, 2013 at 11:34:33AM +0100, Daniel P. Berrange wrote:
> What's our update story for cloud images ?

We have the ability to do ad-hoc updates for critical flaws -- we did that
once for F17/F18 in the last few months. But in general, the primary
approach is yum update.

> While you could run 'yum update' when first booting a cloud image, that
> leaves open a window of vulnerability. With an anaconda install you can
> enables the updates repo at time of installation to remove this window
> of vulnerability. So I think we need to solve it for cloud images too
> if we're going to promote them as equal options.

We're helped a little bit by the fact that the default image is reasonably
minimal. One could bring it up with the cloud infrastructure's protections
in place (for example, security groups), run yum update where needed and
install the actual services meant to run in the image, and then remove the
restrictions.

> I'm not suggesting we need to rebuild images for every update, but at a
> minimum, when we issue CVE / security errata that affects an image, I'd
> expect us to also rebuild and publish new cloud images pretty much
> synchronously.

We're definitely not there yet. We're working on a process to automatically
build and upload images -- for F20, this is meant for test releases, but we
could aim to do it in production too for F21. In the meantime, if there are
critical network-exploitable flaws I expect we will do an update "by hand".


-- 
Matthew Miller  ☁☁☁  Fedora Cloud Architect  ☁☁☁  <mattdm at fedoraproject.org>