Codex.org

I recently started working with RightScale to manage servers in various cloud environments. The servers that I am working with are in the Amazon EC2 cloud, but RightScale provides an interface to manages servers in multiple cloud spaces.

The underlying operating system for the servers that I am managing are running CentOS. While I prefer RedHat, CentOS is fine. I understand the reason for going with both, and when cost is an issue CentOS commonly wins out. The version is CentOS version 5.4.

The problem is that the servers are not getting updates. Based on the RightScale blog, you should be able to choose a RightScale supported frozen image of the CentOS mirrors from any given day, and they will have the most up to date patches to that day. As the servers do not maintain state between reboots, this means you can set the repo for a specific date, and the patches would be consistent for multiple machines no matter when they were booted.

This is the concept. The problem is that there was a glitch in the way that RightScale was updating the CentOS mirrors. As such, there is a length of time, approximately March of 2011 to Oct 13, 2011, where none of the CentOS mirrors were being updated. I am glad to say that working with RightScale support we were able to get them to correct this. The reporting of the glitch was actually documented in a forum discussion, but we also received it during a phone session we had with them.

One would think this would be all well and good, and that you could just choose the release date you wanted to use and be on your merry way. Wrong. Due to the way that the CentOS mirrors work, once a new release is available, they quit releasing updates into the older streams. This means that you have to change the repos to point to the 5/ mirror path instead of 5.4/ . To do this I have created a RightScript that takes to inputs and uses them to update the repo files.

You should run it early on in the process. I put it as my second or third script.

#!/usr/bin/env python

import re
import os
import sys
import subprocess

repoDir = "/etc/yum.repos.d/"

BASE_REPO_VERSION = os.getenv("BASE_REPO_VERSION", "5.4")
NEW_REPO_VERSION = os.getenv("NEW_REPO_VERSION", "5")

# Go through the list of repos, and change the Version from 5.x to base of 5 to get updates.
try:
	for filename in os.listdir(repoDir):
		if re.search("\.repo$", filename):
			try:
				os.rename (repoDir + "/" + filename, repoDir + "/" + filename + ".base")
			except Exception, e:
				sys.stderr.write("Error renaming file: %s\n" % (e))
			try:
				o = open( repoDir + filename, "w")
				data = open( repoDir + filename + ".base").read()
				o.write( re.sub(BASE_REPO_VERSION, NEW_REPO_VERSION, data))
				o.close()
			except Exception, e:
				sys.stderr.write("Error writing modified repo: %s\n" % (e) )
				sys.exit(1)

except Exception, e:
	sys.stderr.write("Error Listing Directory Contents: %s\n"  %  (e))
	sys.exit(1)

# Now we need to update the server with running patches.
# Done.
try:
	sysUpdate = subprocess.Popen(['yum', '--exclude', "kernel'*'", '-y', 'update'], shell=False, stdout=subprocess.PIPE, stderr=subprocess.PIPE)
	sysUpdateOutput = sysUpdate.communicate()
	retcode = sysUpdate.returncode
	if retcode != 0:
		sts.stderr.write("Yum update returned an error\n%s\n%s" % (stdout, stderr))
	else:
		print ("Output from yum command:\n%s\n" % (stdout))

except Exception, e:
	print ("Output from yum command:\n%s\n" % (stdout))
	sys.stderr.write("Error Running yum update: %s\n" % (e))
	sys.exit(1)