How to do server updates on Google Compute Engine?

0
votes

I want to be able to keep up on server updates/patches on my Google Compute Engine instance.

In comparison, when logging into an Amazon EC2 server over a terminal, they tell you there are updates available and you simply do # yum install updates. Done!

Upon login to Google's Compute Engine (GCE), there is no indication. When doing a # yum install updates, it goes out to check and always comes back with no updates.

From what I can gather, it may be necessary to check more or better repositories -- ???

Here's what I get when doing a yum install updates on the CentOS GCE now (default):

yum install updates

Loaded plugins: downloadonly, fastestmirror, security

Loading mirror speeds from cached hostfile

  • base: mirror.anl.gov

  • epel: mirrors.tummy.com

  • extras: centos.chi.host-engine.com

  • updates: mirror.thelinuxfix.com

Setting up Install Process

No package updates available.

Error: Nothing to do

What am I not understanding here?

What is the best practice to be sure that the updates/patches are kept up on?

Thanks in advance to he/she who populates the answer(s).

2
linuxcentosrepositoryyumgoogle-compute-engine

2 Answers

1
votes

The short answer is run yum update as root.

The longer answer, for automatic updates or notifications, it looks like the current guidance is towards yum-updatesd. This is a package which can send email and/or write to logs if updates are needed. It can also, optionally download them or apply the updates.

There is also a package named yum-cron which will download and apply updates and email the root user with the details of what was performed. A web search on either of these package names will provide you more information about their use.

Just to clarify some confusion that it appears you are having, when you run yum install updates you are asking yum to install a package that is literally named "updates".

The error message yum shows when you try to install a package literally named "updates" unfortunately can be easily parsed as "there are no updates available" instead of the intended "there is no package named 'updates' available." It might be worth making a feature request or sending a patch to ask the yum maintainers to clarify that error message.

0
votes

This is an old question but thought I'd still answer here in case it helps someone GCE CentOS images should already come preconfigured with automatic upgrades enabled. From the GCE Documentation

Automatic updates Compute Engine does not automatically update the operating system or the software on your instances. However, the CentOS package manager is preconfigured by the operating system vendor to automatically apply security patches and system upgrades on your CentOS instance.

These automatic updates from the operating system vendor do not upgrade instances between major versions of the operating system. The updates apply system upgrades only for minor versions. CentOS instances can automatically update their installed packages in addition to the security patches and system upgrades.

Also in case of RHEL/Debian while GCE doesn't automatically update outdated packages the OS itself has a feature to auto-upgrade itself and install critical updates. For e.g. in Debian that would be via the unattended-upgrades tool which should already be enabled