Date: Tue, 14 Sep 2004 12:18:39 +0200 (CEST) From: "Per Engelbrecht" <per@xterm.dk> To: <freebsd-isp@freebsd.org> Subject: Re: src update without console access Message-ID: <63183.62.242.151.142.1095157119.squirrel@mailbox.wingercom.dk> In-Reply-To: <20040913143550.GC45085@wjv.com> References: <20040913143550.GC45085@wjv.com>
next in thread | previous in thread | raw e-mail | index | archive | help
Hi Bill >> When running 'installworld', 'mergemaster -p' and 'mergemaster' >> the server needs to be in single-user mode. > > Recommended but not needed. sysctl kern.securelevel value >0 should determin that. That I was told in a previous mail and fbsd documentation back's it up. -1, 0 = ok with multi-user 1, 2= single-user only > I only manage a handful of servers and I've not had to go to the > colo for any work. I do make sure someone is there >IF< things go > wrong. > > The only time there was a problem was one older mobo that always > had the control keyboard connected and someone decided to stick > that on aother machine. > >> That is not possible for out customers! They often sit on the >> other side of the world on a ssh connection and in single-user >> mode you don't have ssh.That's the problem! > > I run the buildworld and buildkernel under nohup so I have a > complete lot. I start them up, and then log out, and check later > for any errors. nohup ? (sounds like a make.conf thing) > I then install the kernel and hope it comes up. That part has > never failed for me. > The problem is that you have no control over what your customers do > and they could easily modify things and wind up with a non-booting > kernel. > > Perhaps it would be good to set a policy so that customers notify > you when they are going to reinstall and have them do that only > when data center operators are there to copy the old kernel back > to a running one so the customer can sort things out. Our admin./install-setup (PXE / Java) is quite impressive. Customers can make cold/warm reboot's, power off/on(!), make reinstalls of same or other OS's, make backups and can get all kind of informations on their system(if they don't disable it from their default install). Customers get a mail on reinstall and reboot events. We have a log (from the PXE part) where we can see reinstalls and OS version on each node. All in all our customers are give a lot of options/features that make their lifes easier and documentation on top of that. My major concern was the src upgrade part. It's "fix'ed" now. > When I do the remote updated [almost always after 1AM] I'm down for > about 2 minutes rebooting the new kernel. Then I perform > the installworld, then run mergemaster, then a second reboot. > > So down time is about two periods of 2 minutes separated by > a 1/2 hour time frame. I can get to the facility in about > 20 minutes after 1AM so maybe that's why I never have a problem. > The machines must know that I can get there to fix them so they > don't bother breaking :-) :) Thank you for your input Bill and thank you to all you guys that replied on this thread. respectfully /per per@xterm.dk > > Bill > > > -- > Bill Vermillion - bv @ wjv . com
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?63183.62.242.151.142.1095157119.squirrel>