[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Xen-users] Yum repo for XCP (ex: XCP acpi shutdown)

On Tue, Oct 25, 2011 at 10:38 PM, Fajar A. Nugraha <list@xxxxxxxxx> wrote:
On Wed, Oct 26, 2011 at 12:33 PM, Grant McWilliams
<grantmasterflash@xxxxxxxxx> wrote:
> On Tue, Oct 25, 2011 at 7:45 AM, George Shuklin <george.shuklin@xxxxxxxxx>
> wrote:
>> NEVER upgrade XCP by CentOS packages.

> Why aren't those packages masked in the repo configs like the kernel is?

Probably because the repos are disabled in the first place.

They're disabled because Citrix doesn't want to support XCP. They provide updates to Xenserver.Â

> Having a server OS with no upgrade path is a very bad idea. Zero day
> exploit? How about zero month or zero year exploit? I'd like to hope that
> this gets changed at some point.

How would you "upgrade" (for example) XenServer? Or a vmware vsphere
node? IMHO the same methods and policy should also apply to xcp.

The exact same way you'd upgrade ANY other server on the planet. And yes those same methods should be applied to XCP. You can currently upgrade but you have to pull all your nodes down, put in a CD (my nodes don't even have optical disks, why would they?) and upgrade via a CD. That means the only time you get any security updates is once every 6 months or a year and only when you can physically access the nodes.

Grant McWilliams

Some people, when confronted with a problem, think "I know, I'll use Windows."
Now they have two problems.


Xen-users mailing list



Lists.xenproject.org is hosted with RackSpace, monitoring our
servers 24x7x365 and backed by RackSpace's Fanatical Support®.