... | @@ -101,10 +101,36 @@ those services directly in needrestart. |
... | @@ -101,10 +101,36 @@ those services directly in needrestart. |
|
|
|
|
|
At the moment the only blacklisted packages for unattended_upgrades are:
|
|
At the moment the only blacklisted packages for unattended_upgrades are:
|
|
|
|
|
|
- openvswitch-switch
|
|
- Open vSwitch (`openvswitch-switch` and `openvswitch-common`, [bug
|
|
- openvswitch-common
|
|
34185](https://bugs.torproject.org/34185)): to upgrade manually, empty the server, restart, OVS,
|
|
|
|
then migrate the machines back.
|
|
|
|
|
|
|
|
1. on the Ganeti master, list the instances on the Ganeti node:
|
|
|
|
|
|
|
|
INSTANCES=$(gnt-instance list -o name --no-headers --filter "pnode == \"$NODE\"")
|
|
|
|
|
|
See ([bug #34185]https://bugs.torproject.org/34185)
|
|
2. on the Ganeti master, empty the Ganeti node:
|
|
|
|
|
|
|
|
gnt-node migrate -f $NODE
|
|
|
|
|
|
|
|
2. on the Ganeti node where OVS needs to be upgraded:
|
|
|
|
|
|
|
|
service openvswitch-nonetwork.service restart
|
|
|
|
|
|
|
|
3. on the Ganeti master, migrate all the instances back:
|
|
|
|
|
|
|
|
gnt-instance migrate -f $INSTANCES
|
|
|
|
|
|
|
|
the instance list comes from the first step
|
|
|
|
|
|
|
|
Note that this might be fixed in Debian bullseye, [bug 961746](https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=961746) in
|
|
|
|
Debian is marked as fixed, but will still need to be tested on our
|
|
|
|
side first.
|
|
|
|
|
|
|
|
- Grub (`grub-pc`, [bug 40042](https://gitlab.torproject.org/tpo/tpa/team/-/issues/40042)) has been known to have issues as
|
|
|
|
well, so it is blocked. to upgrade, make sure the install device is
|
|
|
|
defined, by running `dpkg-reconfigure grub-pc`. this issue might
|
|
|
|
actually have been fixed in the package, see [issue 40185](https://gitlab.torproject.org/tpo/tpa/team/-/issues/40185).
|
|
|
|
|
|
### Kernel upgrades and reboots
|
|
### Kernel upgrades and reboots
|
|
|
|
|
... | | ... | |