About applying upgrades
Cloud66 Update Packages Policy
Cloud 66 aims to make it easier to build immutable infrastructure. Building servers and stacks from scratch is much better than modifying existing server configurations and tinkering with settings until things start to work.
Of course everyone knows that, the reasons they don’t do it is that it’s difficult, time consuming and can be unpredicatble. That’s why we want to make building stacks from scratch as easy and as quick as possible. So in all cases of upgrade, our first recommendation is to build a new stack and redirect your traffic to the new stack using our Elastic Address.
We are always working to make it easier to build a new stack, move your data and switch your traffic arround but it might not always be what you want to do or as easy as you would like it to be. So here is what we suggest as alternatives and exceptions.
Based on that our workflow is such that when a new server is created we automatically update all the packages to the latest. After the server is created we only auto-install packages that are marked as
security updates. So Cloud66 doesn’t typically update other packages because it doesn’t want to risk breaking or damaging your already running app (which doesn’t apply when the server is newly created).
In order to deal with the upgrades you have a few options:
- Leave the package updates, safest bet or if you're concerned about your app stability.
- Update the packages yourself through
sudo apt-get -y upgradeor
dist-upgradepackage (if there is a new feature you're after or just want to be running the latest)
- Update the packages indirectly through scaling up a new server, and then dropping the old one (the new server will always get the latest packages installed on it)
Some package updates (and security ones) require server-reboot. So again by scaling up we restart your new servers automatically to ensure everything is neat and clean! Alternatively you can reboot your servers manually or via the toolbelt should you wish!
Upgrade package types
In the event of a security vulnerability on any of the components we deploy on the servers, we aim to be as quick as possible to roll out the recommended patches for Ubuntu, Ruby and Rails.
From the _Deploy_ menu, choose _Deploy with Options_. By selecting _Apply security upgrades_, Cloud 66 will perform operating system security package upgrades and set up unattended upgrades for your stack. Unattended upgrades will automatically check for and install the latest Ubuntu security packages on a daily basis.
Note that some security packages may require a server restart. We don’t automatically restart your server, and it is at your discretion to do so. If the file
/var/run/reboot-required exists, your server does in fact require a restart. To see which packages contributed to the requirement for a restart, please see
The recommended way to upgrade your passenger to the latest one is:
- Scale up a new web server and drop the old one, so the scaled up one will automatically have the latest version supported by Cloud 66.
Docker and Weave
It is best to keep your Docker and Weave versions up to date as they are released quite frequently with bug/security fixes
- Update your manifest file (Configuration Files -> Manifest.yml) and change the Docker and Weave version to the latest ones.
2. Click on DEPLOY and choose Deploy with options
3. Go to the More options tab and tick the Apply Docker upgrades check box.
Upgrading in-place involves downtime as the docker engine and local files are all upgraded. To have zero down-time you'd have to clone your stack and use Failover groups to switch to the new one.
About manual upgrades
If you need to upgrade any part of your stack the best course of action is always to build a new one. However, if that is not desired or possible, you can always perform manual upgrades.
We detect the version of all the components we have configured or deployed on your servers on a regular basis and after each deployment. If you upgrade any part of your stack manually, the upgrade will be detected by Cloud 66. This helps with the future automated upgrades.