I manage around 30 Ubuntu servers using puppet. I've seen many references to cron-apt and apticron as approaches to keeping their packages up to date but I haven't been able to find a way to centrally manage the process. With cront-apt/apticron I would still need to log in to each host and run aptitude update to perform the update. Not to mention review notifications from all 30 machines whenever a core package is updated.
There has to be a better way. Any suggestions?
Best Answer
Landscape might be of interest to you. This is the "official" management tool for managing large Ubuntu deployments, and Canonical is probably very keen to get your dollars for its use.
RE-EDIT:
First, a disclaimer; I haven't used mirroring for Debian or Ubuntu, so I am not familiar with the software.
Second, it appears that apt-mirror would be "too heavy" a solution, my apologies. The original idea was that you would have a separate test machine (or test environment, probably a virtual machine?) to deploy the update on. Once you are satisfied with the performance of the update, you would pull/put the package into your "deploy" mirror (there would be the local mirror from the official sources, and a secondary mirror for just updates that you wish to deploy). The remote machines would then run an update at a pre-set time and pull it from your "deploy" mirror onto each machine, a cron job consisting of:
Unfortunately, as I began to read through the details, it seems that
apt-mirrorwill pull all kinds of stuff and not just the packages you are after. So, I'm going to abandon this idea, although the concept has some merit.