Differences
This shows you the differences between two versions of the page.
| Both sides previous revision Previous revision Next revision | Previous revision Next revision Both sides next revision | ||
|
tutorial:adm:server_os_updates [2019/12/17 07:53] fiserp [Solving issues] |
tutorial:adm:server_os_updates [2020/01/06 12:45] fiserp [Things to consider] |
||
|---|---|---|---|
| Line 6: | Line 6: | ||
| Each organization has some sort of schedule to apply OS patches: weekly, monthly, quarterly, never (not a good one), etc. You can patch the OS according to your strategy, but we recommend to perform patching at least once every three months. IdM relies on packages and libraries from the operating system and if those are not patched, security of the whole IdM solution also deteriorates. | Each organization has some sort of schedule to apply OS patches: weekly, monthly, quarterly, never (not a good one), etc. You can patch the OS according to your strategy, but we recommend to perform patching at least once every three months. IdM relies on packages and libraries from the operating system and if those are not patched, security of the whole IdM solution also deteriorates. | ||
| - | ==== Things to consider ==== | + | ===== Things to consider |
| Before applying updates, there are few things to consider: | Before applying updates, there are few things to consider: | ||
| * Impact on users | * Impact on users | ||
| Line 15: | Line 15: | ||
| * LRTs run usually at night so it is not entirely necessary to stop the IdM, but you have to make sure you have enough time to perform the patching (and possible rollback) before jobs start to execute. | * LRTs run usually at night so it is not entirely necessary to stop the IdM, but you have to make sure you have enough time to perform the patching (and possible rollback) before jobs start to execute. | ||
| * Restarting IdM cancels the LRT that was currently running, LRT **will not pick up automatically** after IdM goes up again. | * Restarting IdM cancels the LRT that was currently running, LRT **will not pick up automatically** after IdM goes up again. | ||
| - | * Nightly LRTs usually read HR system data. This means there are dependecies between them (e.g. synchronize identities, then contracts and/or time slices, then run recompute on them and finally run HR processes which enable/disbale | + | * Nightly LRTs usually read HR system data. This means there are dependecies between them (e.g. synchronize identities, then contracts and/or time slices, then run recompute on them and finally run HR processes which enable/disable |
| * Impact on end systems connected to IdM | * Impact on end systems connected to IdM | ||
| * There is no direct impact on other systems. | * There is no direct impact on other systems. | ||
| Line 34: | Line 34: | ||
| * Define use-cases that are important for your deployment. Before and after the update, test if those use-cases work. | * Define use-cases that are important for your deployment. Before and after the update, test if those use-cases work. | ||
| - | ==== Performing the OS update ==== | + | ===== Performing the OS update ===== |
| + | Following list can be used as a basis for the maintenance checklist. Feel free to customize it to better suit your needs. | ||
| - Preparations | - Preparations | ||
| - Prepare testing use-cases. | - Prepare testing use-cases. | ||
| Line 75: | Line 76: | ||
| < | < | ||
| - | ==== Resolving issues ==== | + | ===== Resolving issues |
| For maintenance actions, it is necessary to: | For maintenance actions, it is necessary to: | ||
| * Know how long each task will take and to measure the task duration when actually performing them. | * Know how long each task will take and to measure the task duration when actually performing them. | ||