I'm managing a collection of Debian and Ubuntu virtual machines, including services like NFS, proxy servers, load balancers, and XRDP. I need an efficient patch management setup that can:
- Provide a dashboard or summary showing which OS and software need updates.
- Allow patching of individual VMs or just specific software, as well as the option to deploy updates across all VMs at once.
- Offer detailed auditing capabilities.
- Possibly be agent-based.
How do you handle patch management in your environment?
4 Answers
Landscape by Ubuntu could be a solid choice for your setup; it's specifically designed for managing Ubuntu systems.
I've heard good things about NinjaOne for Debian and Ubuntu environments, especially if you're looking for enterprise support and reporting features. Typically, you might find tools like Red Hat Satellite in production, but that won't suit your needs. Some folks also combine custom solutions with Prometheus and Grafana for monitoring, but building those out can take quite a bit of time and effort.
We've had success using Ansible with Tower to automate patch management. We set it up to run playbooks periodically to check for updates and handle patching.
If you're interested, Foreman and Katello (which is the upstream for Red Hat Satellite) can manage updates for Debian-based systems as well. It won't have all the features of Satellite, but it does a decent job with package lifecycle management.
Related Questions
Can't Load PhpMyadmin On After Server Update
Redirect www to non-www in Apache Conf
How To Check If Your SSL Cert Is SHA 1
Windows TrackPad Gestures