On Thu, Mar 28, 2013 at 11:38 AM, Nick Khamis <sym...@gmail.com> wrote:
> Hello Everyone, > > Just got a ticket assigned to me where we need to update our production > servers. > > uname -a > Linux noun 3.4.9-gentoo #2 SMP Sat Oct 13 09:35:07 EDT 2012 x86_64 > Intel(R) Xeon(TM) CPU 3.60GHz GenuineIntel GNU/Linux > > eselect > [18] hardened/linux/amd64 * > > I don't think they have been updated since the initial install and > wanted to get a little feedback on some safe practices and methods > that should be performed before and while doing so. > > Thanks in Advance, > > Nick. > > Personally, I would recommend pulling an rsync (databases and such might cause a hiccup with that) of one of them to a nonessential system and testing updating there, building packages (assuming matching use flags, etc, across your systems), documenting the pitfalls you run into as you go. After you're up to date there, run through and test it again from a base copy, then test the actual services to ensure changes to them don't hose your environment's configuration, and once that's good, it then depends entirely on what failover, or downtime allowances you have available. If you have no failover to rely on, and can't afford enough downtime to update the system in place from the packages you've built, clone each off, update, then migrate the changes that've occured in the time between... time consuming, and requires a lot of care, but doable. -- Poison [BLX] Joshua M. Murphy