During operations for T177920 we detected via unattended-upgrades several machines which are waiting a Linux kernel upgrade.
According to @chasemp :
All debian things are now sitting on a sleeper kernel update which has killed us in the past
Should kernel updates be blacklisted for unattended?
(update-initramfs: Generating /boot/initrd.img-4.4.0-1-amd64 vs linux-image-4.9.0-0.bpo.3-amd64 too ?)
Nodes which probably requires the upgrade:
- tools-flannel-etcd-xx
- tools-worker-xxxx
- tools-static-xx
So, some decision should be made about this. Probably the options are:
- left all kernel without upgrade, i.e. left things untouched, do nothing.
- prevent unattended-upgrades from upgrading kernel, i.e. add blacklist
- let unattended-upgrades upgrade the kernel but don't reboot nodes
- be brave, let unattended-upgrades upgrade the kernel and do reboot the nodes