Hello, the question is in the title. I’m asking this because in past (this summer), I had a VPS, based on openvz technology, and the kernel was terribly old (2.6.18) and I had Ubuntu 11.10 but I was unable to upgrade to 12.04 LTS directly because of the kernel. (I was able to bypass this by doing a “apt-add-repository ppa:izx/ovz-libc” but i searched a couple of hours). I decided to quit because mysql server 5.5 never wanted to install (even with 512 ram, so probably because of the old kernel), and your VPS, even with 256 mb, installs it without problem. Also, is there a kernel by OS or the server runs its own kernel and VPS inherits it (like openvz)?
This textbox defaults to using Markdown to format your answer.
You can type !ref in this text area to quickly search our full set of tutorials, documentation & marketplace offerings and insert the link!
After making the case to a client to start using DigitalOcean, I’m embarrassed to discover that providing the latest kernels to users isn’t much of a priority. Indeed, as Colin stated earlier, ‘this is a biggie guys’.
I too tried to follow to procedure at https://www.digitalocean.com/community/tutorials/how-to-update-a-digitalocean-server-s-kernel-using-the-control-panel but was unable to upgrade the kernel after going from debian wheezy to jessie. I don’t know if it’s something I’m doing wrong, or if it’s simply not supported.
This is mind blowing. We can’t update kernels on our own? A patched kernel should be deployed within hours of a vulnerability - not weeks or months.
This is possibly the largest oversight of any vendor I’ve ever seen. Even no-named web hosts have this capability. Good luck when millions of droplets fall victim to a kernel exploit only to find out DigitalOcean isn’t concerned about patching kernels.
Bad news for your lawyers, too. You’ve documented that you know about this issue and you’re not prioritizing it. It’s been two years since this has been made public but still no movement.
My business is adding several servers a month - they will no longer be at DigitalOcean. Anyone at least slightly concerned with security should be removing their DigitalOcean servers immediately. With two CentOS kernel exploits just in the past two weeks, it’s completely unacceptable to rely on your platform to patch it when there are several already working alternatives provided by CentOS itself.
Again - my mind is blown…
Become a contributor for community
Get paid to write technical tutorials and select a tech-focused charity to receive a matching donation.
DigitalOcean Documentation
Full documentation for every DigitalOcean product.
Resources for startups and SMBs
The Wave has everything you need to know about building a business, from raising funding to marketing your product.
The developer cloud
Scale up as you grow — whether you're running one virtual machine or ten thousand.
Get started for free
Sign up and get $200 in credit for your first 60 days with DigitalOcean.*
*This promotional offer applies to new accounts only.