eksa-admin node should include unattended-upgrades
Closed this issue · 4 comments
displague commented
The EKS-A Admin node is running Ubuntu 20.04. We should ensure the latest updates are installed and continue to be installed through use of the unattended-upgrades package.
cprivitere commented
Adding the following to the cloud-init should do it.
in packages:
- unattended-upgrades
packages_update: true
packages_upgrade: true
package_reboot_if_required: true
in runcmd:
- sed 's,// "${distro_id}:${distro_codename}-updates";, "${distro_id}:${distro_codename}-updates";,' /etc/apt/apt.conf.d/50unattended-upgrades
- sed 's,//Unattended-Upgrade::Automatic-Reboot "false";,Unattended-Upgrade::Automatic-Reboot "true";,' /etc/apt/apt.conf.d/50unattended-upgrades
displague commented
We'll also want to ensure (somehow) that the node isn't rebooted while the cluster is coming up for the first time.
Maybe we can disable it at install and at
schedule the enablement for a few hours later.
cprivitere commented
Options:
- disable autoreboot
- Set reboot time to 2AM
- Do your at scheme.
- Calculate the autoreboot time to be 2 hours (or some other offset) from current time.
cprivitere commented
Looks like the upfront upgrade (package_upgrade: true) may be a bad idea. Just had it hang and never complete.