Patching best practice
Hi People,
We patch Linux servers every month, Dev/Test servers on the First week of the month and let the system run for a week (to observe issues) and then patch prod and the subsequent week on DR servers.
In the recent case, The patches were updated on Dev/Test and observed the system for a week and then applied the patch on prod next week, when the team update the patches on prod there were some additional updates got in which was not installed really in dev/test that created trouble.
What is the easy way to update the patches with the updates available as on some particular date to prod?
Please note, we automated the patch installation through the satellite server.
And please share the what is the best practice for linux patching.
Cheers
Salai
Responses
Active Contributor
195 points
Hi, We also us a Satellite server (6.3.2) to patch our test/dev then prod in a similar way, A mixture of RHEL5.11, 6.9 & 7.5.
Once our test/dev env is patched we then pause the nightly sync plan until the prod env is also patched, that we we keep both environments at the patch patch level. (Unless a critical patch is released in the meantime whereby we start again before patching prod)
Kind Regards Jonathan
You should be using Content Views in Satellite 6 to control what content is available to your servers. You publish a version of your content view, and only the updates available when you publish are visible to servers using that content view. You then promote the version through your lifecycle environment to ensure all systems get the same updates. With content views, you don't have to disable content sync.
Welcome! Check out the Getting Started with Red Hat page for quick tours and guides for common tasks.