You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@cloudstack.apache.org by nv...@apache.org on 2022/04/26 01:41:15 UTC
[cloudstack-documentation] branch main updated: Add documentation for live patching systemVMs (#267)
This is an automated email from the ASF dual-hosted git repository.
nvazquez pushed a commit to branch main
in repository https://gitbox.apache.org/repos/asf/cloudstack-documentation.git
The following commit(s) were added to refs/heads/main by this push:
new 28c6828 Add documentation for live patching systemVMs (#267)
28c6828 is described below
commit 28c6828528a8f38e2b2dca6eb01b688053e67e08
Author: Pearl Dsilva <pe...@gmail.com>
AuthorDate: Tue Apr 26 07:11:10 2022 +0530
Add documentation for live patching systemVMs (#267)
* Add documentation for live patching systemVMs
* add more details
* address comments
---
source/upgrading/upgrade/_sysvm_restart.rst | 43 +++++++++++++++++++++++++++--
1 file changed, 41 insertions(+), 2 deletions(-)
diff --git a/source/upgrading/upgrade/_sysvm_restart.rst b/source/upgrading/upgrade/_sysvm_restart.rst
index 8f01fb2..0376ce3 100644
--- a/source/upgrading/upgrade/_sysvm_restart.rst
+++ b/source/upgrading/upgrade/_sysvm_restart.rst
@@ -15,9 +15,48 @@
.. sub-section included in upgrade notes.
-Once you've upgraded the packages on your management servers, you'll
+From Apache CloudStack version 4.17.0 onward, there is support to live patch
+system VMs, namely, SSVM, CPVM, Routers. Live patching provides support
+for zero-downtime upgrades, wherein, the System VM software is updated to the
+latest code version without having to destroy and recreate them / restart them.
+
+With this feature, users will have a choice wherein they can use the existing system VM template with the latest
+software by using the live patch feature, or can follow the usual workflow of restarting the
+system VM to use the latest system VM template. Live Patching system VMs serves to be especially
+useful in cases when the code version has upgraded but the template hasn't. In such a scenario users
+will no longer need to restart the system VMs to use the latest code.
+
+When one attempts to live-patch the system VMs, it pretty much mimics the patching process
+that happens when booting up the System VMs but with having to shut down the system VMs.
+This will update the software packages, which were previously bundled in the systemvm.iso i.e.,
+agent.zip and cloud-scripts.tgz and restart the services that are present in the /var/cache/cloud/enabled_svcs file
+in the system VMs.
+
+.. note::
+
+ The following services will be restarted once a system VM is live patched:
+
+ +---------------------+-------------------------------+
+ | **System VM** | **Services** |
+ +---------------------+-------------------------------+
+ | SSVM | cloud, apache2, portmap |
+ +---------------------+-------------------------------+
+ | CPVM | cloud |
+ +---------------------+-------------------------------+
+ | VRs | haproxy, apache2, dnsmasq |
+ +---------------------+-------------------------------+
+
+ With respect to VRs, a network restart without cleanup is initiated to during live patching to ensure all rules
+ are re-applied.
+
+ **NOTE:** In case there is an absolute need to upgrade the system VM template due to availability of
+ security patches or update in a package provided by the template, then the old workflow of recreating the system
+ VM will need to be followed, which would mean noticible downtime.
+
+In addition to the support for live patching, users still have the facility to follow the legacy workflow
+of restarting the system VMs once the packages on the management servers have been upgraded. Here you'll
need to restart the system VMs in order for those VMs to be rebuilt
-from the new systemVM template version.
+from the new system VM template version.
.. note::