General best practices for apt-get upgrade and dist-upgrade

February 8, 2014 5.3k views
I did a sudo apt-get upgrade on a fresh Ubuntu 12.04.3 and there was a long list of updates and then this: Setting up grub-common (1.99-21ubuntu3.14) ... Installing new version of config file /etc/grub.d/00_header ... Installing new version of config file /etc/grub.d/30_os-prober ... Installing new version of config file /etc/grub.d/20_linux_xen ... Installing new version of config file /etc/grub.d/10_linux ... Setting up grub2-common (1.99-21ubuntu3.14) ... Setting up grub-pc-bin (1.99-21ubuntu3.14) ... Setting up grub-pc (1.99-21ubuntu3.14) ... /usr/sbin/grub-setup: warn: Attempting to install GRUB to a partitionless disk or to a partition. This is a BAD idea.. However it completed without errors and I rebooted - the VPS seems to be running fine. Was that really a bad idea or not? What are best practices with regard to apt-get upgrade and dist-upgrade? (I saw a similar question but it wasn't related to real GRUB warnings)
3 Answers
Regarding kernel version - in find your droplet and in Settings you can adjust kernel version. I assume the drop down list is at the same time a list of supported kernels. To be on the safe side it's probably better to upgrade your kernel there. (Although I didn't spot that problem while upgrading kernel). Anyway I hope someone will find this info useful.
Neither apt-get upgrade or apt-get dist-upgrade upgrade the kernel. Both commands only update the software packages already installed on your server (and do not upgrade the OS).

One should consult the official Debian/Ubuntu documentation and ESPECIALLY your clould/vps hosting company's OS-instance update/upgrade/support policies and requirements.

SAFE: The "apt-get upgrade" command will normally only install updates (or fixes) to currently installed packages. This is the safest command for keeping the server's software, security patches, and minor changes current. The apt-get upgrade process will NOT generally install new releases, where major changes (including removal of packages or GRUB update is required). For example, when a new Linux kernel (linux-image-3.x.x-xx-generic, etc.) is available, the package will not get installed. A number of cloud hosting providers upgrade their servers automatically using this basic "upgrade" process.

SOME RISKS: The "apt-get dist-upgrade" command is for upgrading from one stable Debian/Ubuntu distribution to the next. It also upgrades packages and settings in a more complex and comprehensive way, including deleting, or deleting and replacing, some packages. In order to install an updated "new" kernel, or new release, you will need to run this command. You are occasionally notified of the opportunity to do this when you run apt-get upgrade and it reports that certain packages have been "keep back". HOWEVER: (1) Ubuntu officially recommends running "do-release-upgrade" instead of "dist-upgrade" because the former has the ability to handle system configuration changes sometimes needed between releases; and (2) Doing dist-upgrade/do-release-upgrade may not be supported by your cloud hosting company because of hypervisor/cloud-vps-instance configuration and management restrictions. Serious situations can arise, regarding Grub for example, and you need to make certain you have console access in case something happens. If you perform these types of advanced software/kernel-version upgrades, you may find that your hosting company will not provide support, leaving you in isolation with no way to go back, and an uneasy path forward. A dist-upgrade situation recently plagued certain Debian/Ubuntu cloud instances because of a Grub update question popping up during the upgrade process which could not be confidently answer. In response, some providers said that they DID NOT support dist-upgrades of their servers !

BEST PRACTICE: "Best Practice" is NOT to do either a "dist-upgrade" or "dist-upgrade". This level of upgrade is seldom if ever needed, and not at all required to keep your system up to date, secure, and running smoothy. If you must move to a later release, follow the advice of "prezzy_dent" below, and do it through the DigitalOcean settings (if possible), or upon their advice only.

Stepping over that well-known, and much feared, "line of no return" is always a concern in server administration. Always use a test server. Make images and file-level full-system backups before every operation. Images should be tested periodically by restoring them to a "new" server. Multiple types of backups are best, and will let you sleep better at night!

I hope this helps.

Have another answer? Share your knowledge.