You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
I'm very often getting the *** System restart required *** notification when I login to an Ubuntu instance.
My suggestion is to add an (optional) task to the security role to periodically reboot the server, maybe once per month. This would allow security patches added via unattended-upgrades to be applied without having to reboot manaully.
Curious as to whether others using this repo have a restart job in their system already, and how they've implemented it?
The text was updated successfully, but these errors were encountered:
In a clustered system (i.e. where multiple instances all serve web traffic), one could configure automatic restarts after apt-get operations that prompt a restart, like kernel upgrades. While one server is down, the others can handle traffic.
However, this particular Ansible configuration assumes a single web server providing all functionality for a system. Accordingly, automating a restart would equate to scheduling unsupervised downtime. Depending on where in the world your userbase is, it can be tricky to pick a sensible default for everyone.
I personally just manage such downtime manually, since not all of Ubuntu's prompts to restart the system are necessarily required (for security reasons or otherwise).
A bit of a non-answer, I realize, but it's a data point that I hope is helpful!
@DavidCain thanks for your response! Since writing this issue I realized that there's a setting to configure unattended-upgrades to auto-restart the server if there's a security upgrade and reboot is required for that patch to work.
I'm thinking that because this is security related we should reboot the server automatically if that's necessary for the security update to work. This would only happen when a security patch requires a reboot. Let me know what you think?
I'm very often getting the
*** System restart required ***
notification when I login to an Ubuntu instance.My suggestion is to add an (optional) task to the security role to periodically reboot the server, maybe once per month. This would allow security patches added via unattended-upgrades to be applied without having to reboot manaully.
Curious as to whether others using this repo have a restart job in their system already, and how they've implemented it?
The text was updated successfully, but these errors were encountered: