ATIX AG
  • Services
    • Consulting
      • Linux Platform Operations​
      • Infrastructure Automation
      • Container Platforms and Cloud
      • DevOps Processes, Tooling and Culture
      • Cloud Native Software Development
    • Products
      • orcharhino
        • About orcharhino
        • Support
        • orcharhino operation
      • Hangar
        • About Hangar
        • Hangar Roadmap
        • Hangar Community
    • Technologies
      • Ansible
      • AWX and Ansible Automation Platform
      • Docker
      • Foreman
      • GitLab
      • Istio
      • Kubernetes
      • Linux Distributions
      • OpenShift
      • Puppet
      • OpenVox
      • Rancher
      • Rundeck
      • SaltStack
      • SUSE Manager
      • Terraform
  • Trainings
    • Ansible Training
    • Container Training
    • Docker Training
    • Git Training
    • Go Training (Golang)
    • Istio Training
    • Kubernetes Training
    • OpenShift Training
    • orcharhino Training
    • Puppet Trainings
    • Terraform Training
  • Events
    • Webinars
  • Blog
  • Company
    • About Us
    • References
    • Corporate values
    • Social engagement
    • Newsroom
    • Newsletter
    • Contact us
  • Career
  • Search
  • Menu Menu

Errata for Debian-based systems in orcharhino

orcharhino Training

This course is designed for participants who have little or no experience with orcharhino. You will learn the core functions of deployment, patch and lifecycle management, and configuration management through hands-on exercises. Other training content includes the maintenance of the orcharhino as well as the use of plugins.

Find out more

Release 4.0.0 from orcharhino not only brought a completely revised interface, but also another long-awaited feature: the errata management of Debian or Ubuntu hosts.

We are thus setting a new milestone in orcharhino development. We have been working continuously on expanding Debian/Ubuntu support for over a year now. You can find a brief overview of this here.

The perfect day for the presentation of the newly integrated errata support for Debian-based systems was of course the Open Source Automation Day last October.

Excursus:

Errata are, so to speak, leaflets that offer a solution to a known problem. With an erratum you want to provide the admin with information about which packages need to be updated to eliminate a (security) problem.

In the Debian world, the concept of errata is not very common. The common motto here is the regular automatic installation of all updates to “debian-security” (or ubuntu-security). However, this approach is questionable, especially for servers in a mission-critical environment. Because you should think very carefully about whether you really want to automatically install or renew packages like “nginx” or “openssl” on all productive web servers of a web application overnight.

Since the release of orcharhino 4.0.0, the admin now has full control over the Debian / Ubuntu systems managed by orcharhino. He can now specifically decide which servers should receive which security updates and at what time. Errata support for Debian / Ubuntu systems allows us to provide significant support to every admin via a uniform interface.

Configuring the Debian/Ununtu Errata feature is extremely simple: Debian/Ubuntu security updates are provided via the “debian-security” (or “ubuntu-securtiy”) repository. You now add the errata to this repository by setting the “Errata URL: https://dep.atix.de/dep/api/v1/debian”. The errata information for Debian or Ubuntu is prepared via this URL and made available in a machine-readable format for orcharhino. The number of errata in a repository is now displayed on the overview page of the repositories present in a product.

The errata will be processed the next time the repository is synchronized.

In addition, a calculation is automatically made as to whether an existing Debian / Ubuntu host is affected by an errata. This clarifies the question of whether this errata needs to be installed on the host in order to solve the (security) problem that has arisen.

In the orcharhino Management UI you can display a list of all errata. This can also be limited to applicable or installable errata for the existing Debian/Ubuntu hosts.

If you select an erratum directly, you will receive additional information such as detailed description, affected packages, corresponding CVE (Common Vulnerabilities and Exposures), affected hosts, etc. This overview list can also be used to install errata on one or more affected hosts initiate.

If you select the affected host, it will display the errata for the Debian / Ubuntu host. Of course, the installation of one or more erratums can also be started here. orcharhino checks whether the installation requires the creation of an incremental Content View version. This contains all the erratum packages. The Erratum can now be installed on the host using the RemoteExecution plugin that is available as standard in version 4.0.0.

By managing errata for Debian-based systems in orcharhino, we have succeeded in completing Debian / Ubuntu support. Of course, we will continue to develop this further and report on it.

You might also like
ATIX’s Debian/Ubuntu Erratum Service is now open source!
Live patching und ForemanLive Patching & Foreman—how it fits together
Central administration of Linux systems
openshift foremanInstalling OpenShift through Foreman
Navigating the XZ Security Vulnerability: A Comprehensive Guide ATIX BlogNavigating the XZ Security Vulnerability: A Comprehensive Guide
Install OLVM and configure it as a compute resource for orcharhino

Bernhard Suttner
+ postsBio
  • Bernhard Suttner
    https://atix.de/en/blog/author/bernhard-suttner/
    Live Patching & Foreman—how it fits together
  • Bernhard Suttner
    https://atix.de/en/blog/author/bernhard-suttner/
    Foreman Birthday 2020
  • Bernhard Suttner
    https://atix.de/en/blog/author/bernhard-suttner/
    OSAD TechDay: Foreman Developer Day at ATIX
  • Bernhard Suttner
    https://atix.de/en/blog/author/bernhard-suttner/
    Improvisation is everything – FrOSCon 2019
Expertise that Drives your IT Forward

🎓 Webinars – Live & On-Demand
Knowledge on your schedule. Practical insights on DevOps, Open Source & IT automation.
👉 Explore now »

ISO Certified Certificate
Newsletter
Never miss anything again. Sign up for the ATIX newsletter!
Sign up now
Blog
  • Blog Start Page
  • ATIX Insights
  • Cloud Native
  • Container Plattformen und Cloud
  • DevOps
  • Hangar
  • Infrastructure Automation
  • Linux Platform Operations
  • orcharhino
Privacy & Legal

Privacy Policy

Imprint

Terms and Conditions

B2B

Twitter     Facebook    LinkedIn    Xing     Youtube     mastodon=

© Copyright – ATIX AG

Scroll to top