New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Discussion on security updates #349

Open

1 of 3 tasks

mcapuccini opened this issue Mar 16, 2018 · 0 comments

Assignees

Labels

Member

mcapuccini commented Mar 16, 2018 •

edited

I thought to open this issue to follow discussion on image security updated. Pointers:

Current status:

We update images daily, however scripts won't import them
We have unattended upgrades cron job on each node

Basic devel idea (to incorporate on kn apply):

Trigger unattended upgrades on boot time
Check if reboot is needed (ssh ubuntu@master '[ -f /var/run/reboot-required ]')
If reboot is needed inform user, and ask to run kn image-update

Drawback: user will need to destroy and recreate cluster when getting warning (and caring about security)

Advanced ideas:

kn reboot to reboot the cluster
Modify image CI so that a new image is created only when reboot is needed

@carmat88, @andersla please feel free to add on this.

The text was updated successfully, but these errors were encountered:

mcapuccini added the Epic label

mcapuccini assigned mcapuccini, andersla and carmat88

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment