Overcloud RPM security updates

Solution Verified - Updated -

Issue

  • Could you please confirm if it is advisable/supported to update the operating system's packages on the overcloud independent from the "stack update"?

  • Do we need to sync the container's update (via director) with the operating system's update or can we apply "yum update" on the nodes anytime an update is provided?

  • The main reason for this is security, as the container's update causes downtime and/or some sort of disruption on the environment, we would like to apply security patches more often (like weekly) into the nodes (not on the containers), and then apply the container's update less often (monthly).

  • Is this a supported scenario?

Environment

  • Red Hat OpenStack Platform 13.0 (RHOSP)
  • Red Hat OpenStack Platform 16.1 (RHOSP)
  • Red Hat OpenStack Platform 16.2 (RHOSP)
  • Red Hat OpenStack Platform 17.1 (RHOSP)

Subscriber exclusive content

A Red Hat subscription provides unlimited access to our knowledgebase, tools, and much more.

Current Customers and Partners

Log in for full access

Log In

New to Red Hat?

Learn more about Red Hat subscriptions

Using a Red Hat product through a public cloud?

How to access this content