src update without console access
Per Engelbrecht
per at xterm.dk
Tue Sep 14 03:14:28 PDT 2004
Hi Bill
>> When running 'installworld', 'mergemaster -p' and 'mergemaster'
>> the server needs to be in single-user mode.
>
> Recommended but not needed.
sysctl kern.securelevel value >0 should determin that. That I was told
in a previous mail and fbsd documentation back's it up.
-1, 0 = ok with multi-user
1, 2= single-user only
> I only manage a handful of servers and I've not had to go to the
> colo for any work. I do make sure someone is there >IF< things go
> wrong.
>
> The only time there was a problem was one older mobo that always
> had the control keyboard connected and someone decided to stick
> that on aother machine.
>
>> That is not possible for out customers! They often sit on the
>> other side of the world on a ssh connection and in single-user
>> mode you don't have ssh.That's the problem!
>
> I run the buildworld and buildkernel under nohup so I have a
> complete lot. I start them up, and then log out, and check later
> for any errors.
nohup ? (sounds like a make.conf thing)
> I then install the kernel and hope it comes up. That part has
> never failed for me.
> The problem is that you have no control over what your customers do
> and they could easily modify things and wind up with a non-booting
> kernel.
>
> Perhaps it would be good to set a policy so that customers notify
> you when they are going to reinstall and have them do that only
> when data center operators are there to copy the old kernel back
> to a running one so the customer can sort things out.
Our admin./install-setup (PXE / Java) is quite impressive. Customers can
make cold/warm reboot's, power off/on(!), make reinstalls of same or
other OS's, make backups and can get all kind of informations on their
system(if they don't disable it from their default install). Customers
get a mail on reinstall and reboot events. We have a log (from the PXE
part) where we can see reinstalls and OS version on each node.
All in all our customers are give a lot of options/features that make
their lifes easier and documentation on top of that. My major concern
was the src upgrade part. It's "fix'ed" now.
> When I do the remote updated [almost always after 1AM] I'm down for
> about 2 minutes rebooting the new kernel. Then I perform
> the installworld, then run mergemaster, then a second reboot.
>
> So down time is about two periods of 2 minutes separated by
> a 1/2 hour time frame. I can get to the facility in about
> 20 minutes after 1AM so maybe that's why I never have a problem.
> The machines must know that I can get there to fix them so they
> don't bother breaking :-)
:)
Thank you for your input Bill and thank you to all you guys that replied
on this thread.
respectfully
/per
per at xterm.dk
>
> Bill
>
>
> --
> Bill Vermillion - bv @ wjv . com
More information about the freebsd-isp
mailing list