Table of Contents
Updating FreeBSD Servers
All four physical hosts run FreeBSD. Upgrade them in this order:
- mustafar
- hoth
- geonosis
- bane
This order matters: start with the least critical server so any issues are caught early.
OS Patches
SSH into the server and become root:
ssh mustafar su -
Check for available updates:
freebsd-rustdate check-fetch
Fetch and install patches:
freebsd-rustdate fetch freebsd-rustdate install
Packages
Review automatically installed packages – decide what to keep and what to remove:
pkg noauto
Then update and upgrade all packages:
pkg update pkg upgrade
Before Rebooting
Before restarting, check who is currently connected:
root@mustafar:~ # sockstat -4 USER COMMAND PID FD PROTO LOCAL ADDRESS FOREIGN ADDRESS root sshd-sessi 79454 7 tcp4 172.20.200.90:22 172.20.96.2:40808 root sshd-sessi 78971 7 tcp4 172.20.200.90:22 172.20.96.2:40808 root sshd 47125 7 tcp4 *:22 *:* root nfsd 34681 7 tcp4 *:2049 *:* ntpd ntpd 3208 21 udp4 *:123 *:* ntpd ntpd 3208 22 udp4 172.20.200.90:123 *:* ntpd ntpd 3208 25 udp4 127.0.0.1:123 *:* ?? ?? ?? ?? udp4 *:2049 *:*
If you need more detail on connections:
root@mustafar:~ # netstat -4 Active Internet connections Proto Recv-Q Send-Q Local Address Foreign Address (state) tcp4 0 108 mustafar.ssh 172.20.96.2.40808 ESTABLISHED udp4 0 0 localhost.ntp *.* udp4 0 0 mustafar.ntp *.*
When you've confirmed it's safe to reboot:
shutdown -r now
The -r flag tells the system to reboot.
Jails and VMs
Some servers have jails and VMs that need attention after reboot.
Jails (bane, geonosis)
Jails on bane and geonosis start automatically on boot.
VMs (bane)
VMs on bane need to be configured for auto-start. For example, to enable scontrol-01:
root@bane:~ # sysrc vm_list="scontrol-01" root@bane:~ # cat /etc/rc.conf| grep vm_list vm_list="scontrol-01"
Confirm auto-start is enabled:
root@bane:~ # vm list NAME DATASTORE LOADER CPU MEMORY VNC AUTO STATE mitte-dev-01 default uefi 1 4G - No Stopped scontrol-01 default uefi 2 4G - Yes [1] Running (5469)