Option to automatically reboot Ubuntu for security updates

d19dotca

@imc67 Same here. Was really fast tonight for security updates.

DanTheMan

Mine was really noticable faster too. Running Ubuntu 18.04 OS here.
Reboot and apps up and running in less than a minute. Like 40 to 45 seconds in total.

Keep up the good work Cloudron staff

jdaviescoates

Wow. 🤯

It's WAY faster now.

Like, lightning fast.

I just did a reboot to finish a Ubuntu security update and everything was back up and running in less than 60 seconds.

I almost couldn't believe it!

Thanks!

Lonkle

Same here, less than a minute now. Still looking forward to live patches. But I reboot a lot to change the way apphealthmonitor.js works (making it more accurate) and I need to reboot after every change so this is just a godsend.

d19dotca

Guess that “sync” was the problem then, though weird if it’s been in there for years already without issues. Maybe something just incompatible after certain updates were applied which caused sync to take so long.

robi

@DanTheMan
Likely due to improvements in 18.04.4 and above.

@Lonk
To avoid having to reboot the box, you can run your tests in a docker container using the sysbox-runc for full OS (machine image) capability in a docker container.

Then just reboot the sysbox container.
See requirements: https://github.com/nestybox/sysbox-ee/blob/master/docs/distro-compat.md

Lonkle

@robi Interesting feature. Could save development time. Thanks!

warg

Is there any news on this? What shall we do if the only sysadmin is on vacation/sick for 4 weeks? A automatic reboot in case it's needed for security updates would be good.

nebulon

I guess it may make sense to add an optional automatic reboot in such cases, although this may cause downtime in unexpected timeslots if apps are used in multiple timezones, especially if reboot takes longer.

warg

Yep. For those cases it shouldn't be too bad: The fixed timeslots/dates can be communicated/planned accordingly and if it's on demand and no admin is available, the users can get told that they should be worried only if downtime is >1h or something like that. That's at least better than no patched server and in worst case coming home and finding a disaster .

robi

This can be automated today with ctfreak which can reboot a system if certain conditions are met. Would be good to document such options.

potemkin_ai

@nebulon just for information - livepatch doesn't mean you don't have to reboot - it just lets you postpone that moment as convenient.

For sync - a good practice on old good *nix is to issue sync twice before reboot - to make sure the buffers dumped for sure.

On the reboot automation using third-party apps - it's doable; everything is, but why, if you can just add it inside of the system?