Best practice to keep my droplet up-to-date?

December 10, 2014 1.8k views

I've got 6 Ubuntu droplets, but I only ssh into two of them regularly to do code pulls. On those two droplets, I often see that I've got updates available, so I run a quick apt-get update && apt-get upgrade && apt-get dist-upgrade, and I get on with my work. But my other droplets aren't serviced as often, until this week, one I hadn't updated since the day POODLE broke out.

My question is this: what's the best way to keep my droplets up-to-date without manual oversight?

My first thought was to run a daily cronjob. Is that a bad idea?

1 Answer

Ubuntu provides a tool for just this purpose and it allows a bit more configuration than just a cron job to run the apt-get commands. The example you provide here would usually do the trick if added to a cron job but any package requesting user input would leave you with a stalled update.

There is one thing to keep in mind when doing automatic updates on your droplets. Since droplets are booted using an external kernel image, before you reboot any of your droplets you will want to ensure that you have the correct kernel installed. The way to do this is simply to view the files in /lib/modules

ls /lib/modules

and then, in the control panel ensure that the matching kernel version is selected. You can find this option by clicking on your droplet, then on settings, then kernel and selecting the appropriate version.

Have another answer? Share your knowledge.