[PVE-User] Boot disk corruption after Ceph OSD destroy with cleanup

Thomas Lamprecht t.lamprecht at proxmox.com
Tue Mar 26 09:03:13 CET 2019


On 3/22/19 3:17 PM, Eneko Lacunza wrote:
> Hi Alwin,
> 
> El 22/3/19 a las 15:04, Alwin Antreich escribió:
>> On Fri,On a point release, a ISO is generated and the release info is needed
>> On a point release, a ISO is generated and the release info is needed
>> for that.
>>
>> The volume of package updates alone makes a separate announcment of
>> changes sensless. The changelog shows what changed from one version to
>> the other and with an 'apt update' and 'apt list --upgradable' one can
>> see what packages have upgrades. And if needed, with a little bit of
>> shell scripting you can get all the changelogs directly from the repo
>> server.
> It was just a suggestion. I suppose it's just fine to leave server-destroying bugs fixed and unannounced to your users :)
> 

You already get emails if upgrades are available for your server, at least
if you correctly configured an email address during installation, or after
installation for the root at pam user in DC -> Users tab.

We provide the channels to get this information, even notice actively on new
updates available, on grave issues, which affect all, or most user we also
make additional posts over our various channels (e.g., the apt transport bug,
meltdown/spectre, ...).

So no, it wasn't unannounced, it's documented publicly in our changelog and
bugzilla, as Alwin mentioned, and if you configured the servers correctly
you got an email about pending updates.

Looking a our full stack as a complex Linux Distribution there are coming
multiple bugs (including security and logic flaws) to light per week,
depending on your setup, what specific technologies you use, and the
environment your servers are exposed (e.g., public internet, vs. contained
LAN) a lot of them may be possible server destroying if you include take-over
possibilities, or the fact that not all admins can trust  their VMs and CTs
running on their system, and simple logic flaws, be it in our own stack, or
an upstream component we use. 

Making a separate announcement would then be effectively a mirror of the
changelog (which is already there), as quite some package releases may
include a fix which is relevant for a certain set of setups. And there would
be many that one would do hard to read them all, and remember them all, also
the real big fish would then have a higher chance to go unnoticed. Easier to
just upgrade once packages are released, on which event you get already
notified about..

So while I understand your pain here, I'd rather have users update frequently,
as all updates are important, and us using the time to fix more bugs and add
features, than to write announcements for every update, which is indirectly
already available to read.

cheers,
Thomas




More information about the pve-user mailing list