Should I update OS and restart as desired ?

update asap and reboot when convenient later that night, or something.

I use unattended-upgrades which runs at 6am-ish, i think, and updates the system.

I personally reboot once a month to pick up a new linode kernel, unless there is

a vulnerability found, then I reboot when I find out about it.

If you update asap, you probably don't need to reboot even if your system says a reboot is required.

On the other hand, uptimes are irrelevant, and timely reboots are good from a security and sysadmin

standpoint.

I believe the only thing that actually needs a reboot is if you change kernel. IMHO, Ubuntu just wants to reboot because Windows people are used to it, and it does tend to clean up some processes.

I could be wrong though :)

Ubuntu tends to dish out security updates to the kernels every month or so, I reboot then. It's not a bad idea to reboot periodically especially if you've just installed a bunch of software, if you reboot you can check all your services start up properly.

@chesty:

update asap and reboot when convenient later that night, or something.

I use unattended-upgrades which runs at 6am-ish, i think, and updates the system.

I personally reboot once a month to pick up a new linode kernel, unless there is

a vulnerability found, then I reboot when I find out about it.

If you update asap, you probably don't need to reboot even if your system says a reboot is required.

On the other hand, uptimes are irrelevant, and timely reboots are good from a security and sysadmin

standpoint.

Hi Chesty,

Don't you think automated upgrades are a bit risky?

I had have pretty bad experience with auto updates. My local ubuntu was auto update enabled and a few times after the auto update some of the software were not working(compatibility issue) and even once I had to re-install the whole thing!

Don't you think the same thing could be happen to Linode too?

so basically we have a consensus that all guys who brag about their server not being restarted for 3 years are wrong ? :D

I don't think it's about being wrong/right, just do whatever you think is best.

If they're proud that they haven't restarted in 3 years, good for them.

If you feel more comfortable restarting periodically, good for you.

I don't make a habit of restarting but I probably do it ~4-8 times a year. I don't feel it's anything to be upset about, so long as your users are not affected by it.

@minerva:

Hi Chesty,

Don't you think automated upgrades are a bit risky?

I had have pretty bad experience with auto updates. My local ubuntu was auto update enabled and a few times after the auto update some of the software were not working(compatibility issue) and even once I had to re-install the whole thing!

Don't you think the same thing could be happen to Linode too?

I've never had a problem, and if unattended-upgrades cause a problem, then so would a manual upgrade.

@chesty:

@minerva:

Hi Chesty,

Don't you think automated upgrades are a bit risky?

I had have pretty bad experience with auto updates. My local ubuntu was auto update enabled and a few times after the auto update some of the software were not working(compatibility issue) and even once I had to re-install the whole thing!

Don't you think the same thing could be happen to Linode too?

I've never had a problem, and if unattended-upgrades cause a problem, then so would a manual upgrade. But, depending on whether or not someone's using an uptime monitoring service, an unattended-upgrades person might find out later about something breaking than someone who's manually upgrading and checking right away after the upgrade.

Since I'm an Ubuntu newbie, this is my fear every time I execute sudo apt-get update && sudo apt-get upgrade. I think the chances of something breaking with just that are low, but nobody's told me that it's almost impossible for it to happen.

@yaz

I've never had an update && upgrade "fail" (as in the upgrade script itself exits fine). I have had new bugs get introduced in upgraded packages, and been bitten by deprecated things finally getting removed. Doing upgrade of important things with a dev -> staging -> production type workflow and a configuration management system is advisable if you really care about keeping things up and running. The gotcha with that approach is that you need to stay upto date on what version is "current" etc, which can be a lot of work if your application stack has lots of dependencies.

If you're not prepared for failure - by any cause - then you're just one accident away from a real problem.

Your backup strategy should make you safe from any failure, even a failed upgrade.

To me, uptime records just indicates that you haven't upgraded your box in a very long time, not sure I would be proud of that statistic.

The only problems I've had with an update from apt packages that stick in my mind are:

1. A bug in PHP that got into the package manager where if you had open_basedir set it denied access to all PHP files regardless of what path you set (how that got past QA I've no idea)

2. A bug in the Nginx PPA configuration where they removed the https variable that gets passed to fastcgi (which they fixed a release or two later).

People who brag about their extended uptimes are also advertising all the security exploits they're vulnerable to. Three years of uptime means they're telling us they're vulnerable to all the exploits discovered in the past three years.