This article describes an unattended upgrade of Ubuntu.
Ubuntu has a feature called unattended upgrade enabled by default, which automatically updates and upgrades OS packages.
As a system administrator, you need to be careful to understand the features of unattended upgrades.
For example, suppose you have a server operating in a single configuration in a production environment. If unattended upgrades are the default and you have not set the service to start automatically, you run the risk of disrupting the service.
In the past case, the service was down, so I investigated the cause. Since the startup time was short when the ʻuptime` command was executed, it was judged that the server was restarted, and the following logs were confirmed from the syslog.
Feb 20 09:14:48 <host name> systemd[1]: Stopped Unattended Upgrades Shutdown.
The OS was restarted about 3-4 minutes after the above log, but since the service was not set to start automatically after that, it caused the service downtime.
In this article, we will also explain how to set up automatic service startup in consideration of unattended upgrades.
Stopping an unattended upgrade does not solve the underlying problem. The mechanism of unmanned upgrade is as follows. (Ubuntu version of this article is 18.04)
/etc/apt/apt.conf.d/20auto-upgrades
If you refer to the file /etc/apt/apt.conf.d/20auto-upgrades, the default settings are as follows.
APT::Periodic::Update-Package-Lists "1";
APT::Periodic::Unattended-Upgrade "1";
If ** Update-Package-Lists ** is 1, the list of packages will be updated automatically. If ** Unattended-Upgrade ** is 1, the package will be upgraded automatically.
It can be disabled by setting the value to 0.
You can also check the history of package updates from the /var/log/apt/history.log file.
/etc/apt/apt.conf.d/50unattended-upgrades
If you want to restart the OS according to the schedule with automatic upgrade enabled, you can set the schedule in the file /etc/apt/apt.conf.d/50unattended-upgrades. The following is an example of rebooting at 23:00 if there is an upgrade.
/etc/apt/apt.conf.d/50unattended-upgrades// Automatically reboot *WITHOUT CONFIRMATION*
// if the file /var/run/reboot-required is found after the upgrade
Unattended-Upgrade::Automatic-Reboot "true";
// If automatic reboot is enabled and needed, reboot at the specific
// time instead of immediately
// Default: "now"
Unattended-Upgrade::Automatic-Reboot-Time "23:00";
** Automatic-Reboot ** defaults to ** false ** and ** Automatic-Reboot-Time ** is commented out. To enable the setting, set ** Automatic-Reboot ** to ** true ** and set ** Automatic-Reboot-Time ** to any time.
There are several ways to automatically start the service. Broadly speaking, you can set it with the systemctl of the OS function, or you can use the MW package.
For example, for a node application, there is a daemon process manager called ** PM2 **. In this article, I will explain how to set up a service that is executed only once with systemctl.
When setting with systemct, create a startup script and deploy the following files under / etc / systemd / system.
[Unit]
Description = Node.js
After=local-fs.target
ConditionPathExists=/root
[Service]
ExecStart=/root/node_start.sh
Restart=no
Type=oneshot
RemainAfterExit=yes
[Install]
WantedBy=multi-user.target
Next, execute the following command to register with systemctl.
# systemctl daemon-reload
CoreOS has similar functionality. You can prevent the OS from starting automatically by stopping the following services.
# systemctl status update-engine