Recently on twitter, and else where I have noticed system admins to claim with proud "Linode server running for xxxx number of days" etc.

Why is it so ? I mean is it something to be proud on ? Because I have to restart my ubuntu probably 3 times in a month because it required a restart after OS update.

Or should I don't update ? Whats the catch ? I am confused

update asap and reboot when convenient later that night, or something.

I use unattended-upgrades which runs at 6am-ish, i think, and updates the system.
I personally reboot once a month to pick up a new linode kernel, unless there is
a vulnerability found, then I reboot when I find out about it.

If you update asap, you probably don't need to reboot even if your system says a reboot is required.
On the other hand, uptimes are irrelevant, and timely reboots are good from a security and sysadmin
standpoint.

I believe the only thing that actually *needs* a reboot is if you change kernel. IMHO, Ubuntu just wants to reboot because Windows people are used to it, and it does tend to clean up some processes.

I could be wrong though

_________________
--
Chris Bryant

Ubuntu tends to dish out security updates to the kernels every month or so, I reboot then. It's not a bad idea to reboot periodically especially if you've just installed a bunch of software, if you reboot you can check all your services start up properly.

_________________
Paid support
How to ask for help
1. Give details of your problem
2. Post any errors
3. Post relevant logs.
4. Don't hide details i.e. your domain, it just makes things harder
5. Be polite or you'll be eaten by a grue

Hi Chesty,

Don't you think automated upgrades are a bit risky?

I had have pretty bad experience with auto updates. My local ubuntu was auto update enabled and a few times after the auto update some of the software were not working(compatibility issue) and even once I had to re-install the whole thing!

Don't you think the same thing could be happen to Linode too?

_________________
Ubuntu 10.4 LTS, Apache2, LAMP, n00b

Online Shopping

so basically we have a consensus that all guys who brag about their server not being restarted for 3 years are wrong ?

I don't think it's about being wrong/right, just do whatever you think is best.

If they're proud that they haven't restarted in 3 years, good for them.

If you feel more comfortable restarting periodically, good for you.

I don't make a habit of restarting but I probably do it ~4-8 times a year. I don't feel it's anything to be upset about, so long as your users are not affected by it.

I've never had a problem, and if unattended-upgrades cause a problem, then so would a manual upgrade.

But, depending on whether or not someone's using an uptime monitoring service, an unattended-upgrades person might find out later about something breaking than someone who's manually upgrading and checking right away after the upgrade.

Since I'm an Ubuntu newbie, this is my fear every time I execute sudo apt-get update && sudo apt-get upgrade. I think the chances of something breaking with just that are low, but nobody's told me that it's almost impossible for it to happen.

_________________
Amateur, eager to learn.
My hematology, oncology, and chemotherapy regimen wiki

@yaz

I've never had an update && upgrade "fail" (as in the upgrade script itself exits fine). I `have` had new bugs get introduced in upgraded packages, and been bitten by deprecated things finally getting removed. Doing upgrade of important things with a dev -> staging -> production type workflow and a configuration management system is advisable if you really care about keeping things up and running. The gotcha with that approach is that you need to stay upto date on what version is "current" etc, which can be a lot of work if your application stack has lots of dependencies.

If you're not prepared for failure - by any cause - then you're just one accident away from a real problem.

Your backup strategy should make you safe from any failure, even a failed upgrade.

To me, uptime records just indicates that you haven't upgraded your box in a very long time, not sure I would be proud of that statistic.

_________________
Either provide enough details for people to help, or sit back and listen to the crickets chirp.
Security thru obscurity is a myth - and really really annoying.

The only problems I've had with an update from apt packages that stick in my mind are:
1. A bug in PHP that got into the package manager where if you had open_basedir set it denied access to all PHP files regardless of what path you set (how that got past QA I've no idea)
2. A bug in the Nginx PPA configuration where they removed the https variable that gets passed to fastcgi (which they fixed a release or two later).

_________________
Paid support
How to ask for help
1. Give details of your problem
2. Post any errors
3. Post relevant logs.
4. Don't hide details i.e. your domain, it just makes things harder
5. Be polite or you'll be eaten by a grue

People who brag about their extended uptimes are also advertising all the security exploits they're vulnerable to. Three years of uptime means they're telling us they're vulnerable to all the exploits discovered in the past three years.