To RHEL or Not to RHEL?

Tim Flink tflink at redhat.com
Wed May 13 15:09:27 UTC 2015 

On Wed, 13 May 2015 08:45:08 -0400 (EDT)
Kamil Paral <kparal at redhat.com> wrote:

> > * Will need to be more diligent about keeping dev/stg on
> >   updates-testing so that we don't get any nasty surprises in
> > production
> 
> I don't have much advice about the other points, but this one caught
> my attention. Do we really need to use updates-testing for dev/stg?
> That might be quite problematic, because anyone can submit anything,
> no matter how broken, into updates-testing. Wouldn't be a safer
> approach to update dev daily (and stg e.g. every other day) from
> stable updates? And production would be updated weekly or bi-weekly
> (or however often we need it), with the exception of security
> updates. Security updates would be applied to dev/stg immediately and
> after a few jobs were successfully executed, it would be applied to
> production. Would this approach work?

Yeah, I'm not dead set on using updates-testing in that scenario - it
was just the easiest way to express the "test updates on dev/stg before
they make it to production. I probably could have been more specific

Something like that could work as long as we were careful about only
applying non-security updates on prod that had been sufficiently tested
on dev/stg. At the moment, security updates are applied automatically
on our fedora machines via cron job.

The one thing I'd like to improve on if we continue to use fedora is
regular updates. At the moment, I try to apply updates to everything
every couple of weeks but it's not a set schedule and I'd like to
improve that. I'm open to suggestions on what that schedule should be
and how to implement it (reminders to folks with access, cron-ish,
etc.) if we go that route.

> I guess the approach with security updates would be the same, no
> matter whether it's Fedora or RHEL. So the only difference in the
> volume and speed of standard updates.

Yeah, that leads into one of the disadvantages of running Fedora - more
frequent updates and especially more frequent kernel updates that
require a reboot.

> This doesn't mean I'm in favor of running Fedora, I think you have
> much more experienced view on this. I'm just thinking aloud about
> some of the details.

Yeah, it's a good point. Thanks for pointing this out.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 473 bytes
Desc: OpenPGP digital signature
URL: <http://lists.fedoraproject.org/pipermail/qa-devel/attachments/20150513/c7b6c466/attachment-0001.sig>

More information about the qa-devel mailing list