Package updates and charm responsibilities

[Mark Shuttleworth]

On 10/04/14 12:00, Stuart Bishop wrote:
> On 10 April 2014 17:42, John Meinel <john at arbash-meinel.com> wrote:
>> All hooks are run sequentially (we explicitly take out a lock across all
>> hooks that want to run on a machine), just so that charms can do whatever
>> they want with apt without stepping on each other's toes.
>>
>> I would think "install" is the most likely hook to actually do update and
>> install. I'm not sure about a charm ever doing "upgrade" since that would
>> upgrade other packages, right?
> Right. I'm wondering if that is the responsibility of the charm, or of
> other management systems like Landscape or configuring unattended
> security updates.
>
> At the moment I do have a charm that does an upgrade, and it does
> upgrade everything. I suspect I should remove that line.

Yes, I would suggest that charms should focus on their specific
workload, not the system as a whole.

That said, there can be bad results if, for example, the package listing
is out of date. If you try to apt-get a package, and the package listing
is way out of date, you'll be told the package cannot be found (because
newer versions have replaced it in the archive). Updating the package
*listing* is non-destructive, so an "apt-get update" is perfectly
reasonable. After that, a charm can "apt-get install foo" and know it
will get the current version.

>> There isn't a process in juju today that does regular "keep my machines up
>> to date" but you do have "juju run sudo apt-get update" if you want to do it
>> manually.
> There is 'upgrade-charm'. I could argue that upgrade-charm should do a
> full update, so the new version of the charm is running with all the
> dependencies it was tested with. But I can argue the other way too :D

Is it possible to use APT to upgrade just a single piece of software and
its dependencies? If so, that would be appropriate, yes.

Mark