Should I upgrade my FreeBSD 8.0 server to 8.3 or 9.0 ?

sfara

sfara

Hello guys,

I run a production server at work using FreeBSD 8.0 and it's time to upgrade... Should I go for 8.3 or directly to 9? What would be the safest way to go? I will of course backup everything but my question is which of these upgrades is likely to finish successfully using freebsd-update(8)? Problem is, if I have to reinstall everything in case something goes wrong I'm in a lot of trouble since our whole stuff runs on this machine. God I wish there were long time supported versions like in Ubuntu!
 
I'd suggest you move to 8.3, cause I don't know how freebsd-update(8) works. Once that works you can update to 9 as well. I have updated machines from 8.x to 9.x more than once by building the sources.

As far as to your long-time-support comment, I've been running machines from FreeBSD-6 to FreeBSD-9 following the -STABLE branch for the last 6-7 years without having to reinstall any of them and will keep on as long as they are not hacked. I wouldn't expect for my distro to be more long-time-supportive than that :).
 
sfara said:
God I wish there were long time supported versions like in Ubuntu!
Click to expand...
You mean, like 2 years?

Extended
Selected releases (normally every second release plus the last release from each -STABLE branch) will be supported by the Security Officer for a minimum of 24 months after the release, and for sufficient additional time (if needed) to ensure that there is a newer Extended release for at least 3 months before the older Extended release expires.
Click to expand...
http://www.freebsd.org/security/#sup
 
Thanks for the answer. Isn't there some kind of way to test that everything is building/installing right before I actually do the upgrade? You know, just to be safe. I mean, jumping 3 versions is pretty risky... A lot has changed in 2 years.
 
You don't need to rebuild anything for a minor upgrade. Only major upgrades require a rebuild.
 
sfara said:
Well, i meant the ports, kernel ... for the actual upgrade i will use free-update.
Click to expand...

The ports only need to be rebuilt for a major upgrade.
http://www.daemonology.net/blog/2007-11-11-freebsd-major-version-upgrade.html

The kernel is updated by freebsd-update IF you are running the generic kernel.

Considering 8.0 -> 8.3 is (I think) only a minor upgrade, and 8.3 has extended support until 2014 I would suggest that this might be the easiest route. After 2014 your machine will be at least 2 years old, probably more, and you will most likely want to upgrade your hardware then. EDIT: seeing as 8.0 was EOL in 2012, your machine will then be at least 4 years old.
 
sfara said:
8.3 it is then! Thanks for the answers.
Click to expand...

Did you have taken the recent security incident into account? Because of this, you might want to consider to delete the whole /usr/ports and to check-it-out again using the said-to-be-safe SVN method, and finally to rebuild all the ports of course.
 
That incident had nothing to do with the ports tree. Only the packages are questionable if you downloaded them in that time period. Stuff you had built from ports isn't effected.
 
As the previous respondents said, you should be able to get to 8.3 pretty easily with freebsd-update.

But if it were my system, I would want to update the ports (they are what, 3 years old?). Once your kernel and world are at 8.3, and if you have the disk space, you can create a jail to build the ports you need into updated packages. That way you won't have your server down while they are building, and once they are built it should be quick and easy to install them.
 
SirDice said:
That incident had nothing to do with the ports tree. Only the packages are questionable if you downloaded them in that time period. Stuff you had built from ports isn't effected.
Click to expand...

Are you sure? How then, shall I understand the following:

We unfortunately cannot guarantee the integrity of any packages available for installation between 19th September 2012 and 11th November 2012, or of any ports compiled from trees obtained via any means other than through svn.freebsd.org or one of its mirrors. Although we have no evidence to suggest any tampering took place and believe such interference is unlikely, we have to recommend you consider reinstalling any machine from scratch, using trusted sources.
Click to expand...
 
Well, yeah. Distfiles are usually downloaded from upstream providers (and thus aren't touched). There could have been patches added to a port obviously but that would have been noticed quite quickly. And there's no mention of that.
 
In order to test your update you could take a tar-file of your / filesystem (the base system + /usr/local/*) on some external disk, create a ufs filesystem on a vm (or on a separate box) using a bootable media and install the standard FreeBSD boot manager, extract the tar-file from the external disk into the newly created machine, boot it and perform freebsd-update(8) operations there. As far as the ports are concerned, the jail mentioned earlier would be adequate, but you have to update your machine first, so why not test the whole upgrade procedure in the vm then.
 
After you updated a major version, you will need to rebuild all ports.
 
For a temporary fix you can install the port misc/compat8x so you don't have to rebuild your ports right away. With that port installed your installed software that was compiled for 8.X will continue to work on 9.1.
 
Also, when performing a major version upgrade with freebsd-update(8), it leaves the old shared libraries on your system as long as you do not invoke a third # freebsd-update install, which removes them. So you can rebuild your ports at your own pace before you do that.

I'm not sure if there will ever be any problems using older shared libraries on a newer kernel, but I'm confident that such an upgrade path to the next version is always possible. For this reason I would always recommend upgrading to the last minor version before doing a major version upgrade... e.g. upgrading from 8.0 to 8.3 first, and only then to 9.*.
 
You must log in or register to reply here.
Back
Top