document updates and puppet run at boot time
This commit is contained in:
@@ -11,8 +11,9 @@ Allowed parameters are
|
||||
- 'halfhourly': every 30 minutes
|
||||
- 'daily': once a day (default)
|
||||
- 'weekly': every Monday
|
||||
- 'boot_only': only shortly after bootup
|
||||
|
||||
The actual automatic Puppet Agent run is always on the same random time. Check `systemctl list-timers pli-puppet-run.timer` for the exact time on a specific node.
|
||||
The actual automatic Puppet Agent run is always on the same random time (except for `boot_only`). Check `systemctl list-timers pli-puppet-run.timer` for the exact time on a specific node.
|
||||
|
||||
For `daily` and `weekly` the time window is configured in Hiera with `puppet_client::exec_time`, the default is:
|
||||
```
|
||||
|
||||
@@ -4,11 +4,19 @@ The automatic updates are controlled in Hiera (excluding RHEL7):
|
||||
|
||||
| Hiera key | default | comments |
|
||||
|-------------------------------------|------------|-------------------------------------------------------------------------------|
|
||||
| `base::automatic_updates::interval` | `weekly` | valid are `daily`, `weekly` and `never` which disables the automatic updates |
|
||||
| `base::automatic_updates::interval` | `weekly` | valid are `daily`, `weekly`, `boot_only` and `never` which disables the automatic updates |
|
||||
| `base::automatic_updates::type` | `security` | `security` installs only security updates whereas `all` installs all updates |
|
||||
| `base::automatic_updates::exclude` | `[]` | list of packages not to update, wildcards like "*" are allowed |
|
||||
| `base::automatic_updates::kernel` | `false` | define if new kernel packages also should be installed automatically |
|
||||
|
||||
For system-wide installed Flatpak packages there is a separate key for automatically updating them:
|
||||
|
||||
| Hiera key | default | comments |
|
||||
|------------------------------|------------|-------------------------------------------------------------------------------|
|
||||
| `flatpak::updates::interval` | `weekly` | valid are `daily`, `weekly`, `boot_only` and `never` which disables the automatic updates |
|
||||
|
||||
|
||||
|
||||
Note that the updates run on midnight, for `weekly` from Sunday to Monday. There is no automatic reboot, e.g. for kernel updates.
|
||||
|
||||
---
|
||||
|
||||
@@ -1,38 +0,0 @@
|
||||
``profile::dnf_automatic``
|
||||
==========================
|
||||
|
||||
This profile configures automatic package updates using ``dnf-automatic``
|
||||
|
||||
It is used by ``role::base`` and there configured with the ``base::automatic_updates::*`` hiera keys.
|
||||
|
||||
Parameters
|
||||
----------
|
||||
|
||||
=============================== ======== ================================================
|
||||
**Name** **Type** **Default**
|
||||
------------------------------- -------- ------------------------------------------------
|
||||
interval Enum
|
||||
type Enum
|
||||
exclude Array
|
||||
incldue_kernel Boolean
|
||||
=============================== ======== ================================================
|
||||
|
||||
|
||||
``interval``
|
||||
~~~~~~~~~~~~
|
||||
How often should the automatic updates be installed. Valid options are ``never``, ``daily`` and ``weekly``. ``never`` disables it altogether.
|
||||
|
||||
|
||||
``type``
|
||||
~~~~~~~~
|
||||
What type of package updates should be installed automatically, either ``security`` for only security updates or ``all`` for all updates.
|
||||
|
||||
|
||||
``exclude``
|
||||
~~~~~~~~~~~
|
||||
List of packages which shall not be updated automatically. Wildcards like * are allowed. The kernel is excluded by default.
|
||||
|
||||
``incldue_kernel``
|
||||
~~~~~~~~~~~~~~~~~~
|
||||
Marks if also the kernel package should be automatically updated. Note that the necessary reboot to run the new kernel needs to be done manually.
|
||||
|
||||
Reference in New Issue
Block a user