6.4->6.5 is a minor update. yum update, reboot that is all. Just works. Done it, thanks to ansible, to 24 machines today in about 30 minutes after I QA'ed the packages on my staging machine, DO droplet and laptop.
Between 6.x and 7.0 is another story and I wouldn't do this with any distro. Risk is too high. Just build new kit, test it then migrate services and data over piecemeal.
Debian screwing up dovecot configuration terribly between 6 and 7 is a fine example of why you shouldn't do this.
I've managed about 60 CentOS/RHEL machines, 30+ Debian machines, 20 FreeBSD machines and 200 Solaris machines and I've never done a major release in place upgrade.
And you can take the reboot as a very strong suggestion, depending on your needs and whether there are kernel exploits to worry about (Oracle's purchase of ksplice is yet another reason I hate them). Much of the time (on select systems!) I get away with just restarting the services. Reboots really do bring peace of mind though.
Well I'm not sure it has anything to do with vulnerabilities or not. They do a large feature add on minor updates between 6.x and 6.x+1 which may or may not add new modules etc.
I design stuff to be resilient to host reboots. Then again we have a lot of kit to play with.
Nope. I only run non critical stuff on DO like my personal email and web which to be honest I don't care if someone cracks or breaks. Once I've changed my ISP I'll move it all in house and use an old ThinkPad as a server (built in UPS and console!). We have colo dedicated kit and VMWare (die!) for the production stuff - it's the only way.
DO turn SELinux off on their kernels and take ages to update so I can't really take them seriously for production to be honest. Also they appear to be VC backed which is usually a sign of shortcuts taking priority over proper due diligence.
Then again for $5/month, pay peanuts, get monkeys. Not bad monkeys for the money. I've paid 3x the amount and got worse monkeys.
Between 6.x and 7.0 is another story and I wouldn't do this with any distro. Risk is too high. Just build new kit, test it then migrate services and data over piecemeal.
Debian screwing up dovecot configuration terribly between 6 and 7 is a fine example of why you shouldn't do this.
I've managed about 60 CentOS/RHEL machines, 30+ Debian machines, 20 FreeBSD machines and 200 Solaris machines and I've never done a major release in place upgrade.