Update PVE - is it safe on production? How to backup?

[subjectx]

Greetings,

I'm not running that much behind updates on my production PVE 6.3-6, but there is quite alot of line of updates available.

Main concern is, that something will break with update to 6.4.

How can I backup everything in case of shit and fan scenario? Maybe how can I create image of whole OS?

There is a script lurking around with some config files copying, but what about whole OS on which PVE runs? I imagine that it would take me lots of time to restore whole machine with OS reinstall if something goes south..

 

[Moayad]

Hi,

Are you using a subscription repository [0]?

Generally, there is no error during the upgrade because we already test it multiple times and with different situations, before we published the PVE 4 [1].

Could you please provide us the full output of apt update && apt dist-upgrade between [CODE][/CODE] to see what is the packages that need an upgrade in your node. However, you can test the upgrade from PVE 6.3.X to PVE 4 in a test cluster as VMs with the same configuration files, etc.


[0] https://www.proxmox.com/en/proxmox-ve/pricing
[1] https://forum.proxmox.com/threads/proxmox-ve-6-4-available.88336/

 

[subjectx]

Greetings,

thank you for quick reply.

No, I do not have a subscription (yet).

apt list --upgradable:

apt-utils/stable-updates 1.8.2.3 amd64 [upgradable from: 1.8.2.2]
apt/stable-updates 1.8.2.3 amd64 [upgradable from: 1.8.2.2]
base-files/stable 10.3+deb10u9 amd64 [upgradable from: 10.3+deb10u8]
bind9-host/stable 1:9.11.5.P4+dfsg-5.1+deb10u5 amd64 [upgradable from: 1:9.11.5.P4+dfsg-5.1+deb10u3]
corosync/stable 3.1.2-pve1 amd64 [upgradable from: 3.1.0-pve1]
curl/stable 7.64.0-4+deb10u2 amd64 [upgradable from: 7.64.0-4+deb10u1]
debian-archive-keyring/stable 2019.1+deb10u1 all [upgradable from: 2019.1]
dnsutils/stable 1:9.11.5.P4+dfsg-5.1+deb10u5 amd64 [upgradable from: 1:9.11.5.P4+dfsg-5.1+deb10u3]
groff-base/stable 1.22.4-3+deb10u1 amd64 [upgradable from: 1.22.4-3]
iputils-ping/stable 3:20180629-2+deb10u2 amd64 [upgradable from: 3:20180629-2+deb10u1]
libapt-inst2.0/stable-updates 1.8.2.3 amd64 [upgradable from: 1.8.2.2]
libapt-pkg5.0/stable-updates 1.8.2.3 amd64 [upgradable from: 1.8.2.2]
libavahi-client3/stable 0.7-4+deb10u1 amd64 [upgradable from: 0.7-4+b1]
libavahi-common-data/stable 0.7-4+deb10u1 amd64 [upgradable from: 0.7-4+b1]
libavahi-common3/stable 0.7-4+deb10u1 amd64 [upgradable from: 0.7-4+b1]
libbind9-161/stable 1:9.11.5.P4+dfsg-5.1+deb10u5 amd64 [upgradable from: 1:9.11.5.P4+dfsg-5.1+deb10u3]
libbsd0/stable 0.9.1-2+deb10u1 amd64 [upgradable from: 0.9.1-2]
libcfg7/stable 3.1.2-pve1 amd64 [upgradable from: 3.1.0-pve1]
libcmap4/stable 3.1.2-pve1 amd64 [upgradable from: 3.1.0-pve1]
libcorosync-common4/stable 3.1.2-pve1 amd64 [upgradable from: 3.1.0-pve1]
libcpg4/stable 3.1.2-pve1 amd64 [upgradable from: 3.1.0-pve1]
libcurl3-gnutls/stable 7.64.0-4+deb10u2 amd64 [upgradable from: 7.64.0-4+deb10u1]
libcurl4/stable 7.64.0-4+deb10u2 amd64 [upgradable from: 7.64.0-4+deb10u1]
libdns-export1104/stable 1:9.11.5.P4+dfsg-5.1+deb10u5 amd64 [upgradable from: 1:9.11.5.P4+dfsg-5.1+deb10u3]
libdns1104/stable 1:9.11.5.P4+dfsg-5.1+deb10u5 amd64 [upgradable from: 1:9.11.5.P4+dfsg-5.1+deb10u3]
libgstreamer-plugins-base1.0-0/stable 1.14.4-2+deb10u1 amd64 [upgradable from: 1.14.4-2]
libirs161/stable 1:9.11.5.P4+dfsg-5.1+deb10u5 amd64 [upgradable from: 1:9.11.5.P4+dfsg-5.1+deb10u3]
libisc-export1100/stable 1:9.11.5.P4+dfsg-5.1+deb10u5 amd64 [upgradable from: 1:9.11.5.P4+dfsg-5.1+deb10u3]
libisc1100/stable 1:9.11.5.P4+dfsg-5.1+deb10u5 amd64 [upgradable from: 1:9.11.5.P4+dfsg-5.1+deb10u3]
libisccc161/stable 1:9.11.5.P4+dfsg-5.1+deb10u5 amd64 [upgradable from: 1:9.11.5.P4+dfsg-5.1+deb10u3]
libisccfg163/stable 1:9.11.5.P4+dfsg-5.1+deb10u5 amd64 [upgradable from: 1:9.11.5.P4+dfsg-5.1+deb10u3]
libjs-jquery/stable 3.3.1~dfsg-3+deb10u1 all [upgradable from: 3.3.1~dfsg-3]
libjs-underscore/stable 1.9.1~dfsg-1+deb10u1 all [upgradable from: 1.9.1~dfsg-1]
libldb1/stable 2:1.5.1+really1.4.6-3+deb10u1 amd64 [upgradable from: 2:1.5.1+really1.4.6-3]
liblwres161/stable 1:9.11.5.P4+dfsg-5.1+deb10u5 amd64 [upgradable from: 1:9.11.5.P4+dfsg-5.1+deb10u3]
liblz4-1/stable 1.8.3-1+deb10u1 amd64 [upgradable from: 1.8.3-1]
libnss-systemd/stable 241-7~deb10u7 amd64 [upgradable from: 241-7~deb10u6]
libnvpair3linux/stable 2.0.4-pve1 amd64 [upgradable from: 2.0.3-pve2]
libpam-systemd/stable 241-7~deb10u7 amd64 [upgradable from: 241-7~deb10u6]
libproxmox-acme-perl/stable 1.1.0 all [upgradable from: 1.0.7]
libpve-access-control/stable 6.4-1 all [upgradable from: 6.1-3]
libpve-cluster-api-perl/stable 6.4-1 all [upgradable from: 6.2-1]
libpve-cluster-perl/stable 6.4-1 all [upgradable from: 6.2-1]
libpve-common-perl/stable 6.4-3 all [upgradable from: 6.3-5]
libpve-http-server-perl/stable 3.2-3 all [upgradable from: 3.1-1]
libpve-storage-perl/stable 6.4-1 all [upgradable from: 6.3-7]
libpython3.7-minimal/stable 3.7.3-2+deb10u3 amd64 [upgradable from: 3.7.3-2+deb10u2]
libpython3.7-stdlib/stable 3.7.3-2+deb10u3 amd64 [upgradable from: 3.7.3-2+deb10u2]
libpython3.7/stable 3.7.3-2+deb10u3 amd64 [upgradable from: 3.7.3-2+deb10u2]
libquorum5/stable 3.1.2-pve1 amd64 [upgradable from: 3.1.0-pve1]
libssl1.1/stable 1.1.1d-0+deb10u6 amd64 [upgradable from: 1.1.1d-0+deb10u5]
libsystemd0/stable 241-7~deb10u7 amd64 [upgradable from: 241-7~deb10u6]
libudev1/stable 241-7~deb10u7 amd64 [upgradable from: 241-7~deb10u6]
libuutil3linux/stable 2.0.4-pve1 amd64 [upgradable from: 2.0.3-pve2]
libvotequorum8/stable 3.1.2-pve1 amd64 [upgradable from: 3.1.0-pve1]
libx11-6/stable 2:1.6.7-1+deb10u2 amd64 [upgradable from: 2:1.6.7-1+deb10u1]
libx11-data/stable 2:1.6.7-1+deb10u2 all [upgradable from: 2:1.6.7-1+deb10u1]
libx11-xcb1/stable 2:1.6.7-1+deb10u2 amd64 [upgradable from: 2:1.6.7-1+deb10u1]
libzfs4linux/stable 2.0.4-pve1 amd64 [upgradable from: 2.0.3-pve2]
libzpool4linux/stable 2.0.4-pve1 amd64 [upgradable from: 2.0.3-pve2]
linux-libc-dev/stable 4.19.181-1 amd64 [upgradable from: 4.19.171-2]
openssl/stable 1.1.1d-0+deb10u6 amd64 [upgradable from: 1.1.1d-0+deb10u5]
proxmox-backup-client/stable 1.1.8-1 amd64 [upgradable from: 1.0.10-1]
proxmox-ve/stable 6.4-1 all [upgradable from: 6.3-1]
proxmox-widget-toolkit/stable 2.5-6 all [upgradable from: 2.4-6]
pve-cluster/stable 6.4-1 amd64 [upgradable from: 6.2-1]
pve-container/stable 3.3-5 all [upgradable from: 3.3-4]
pve-docs/stable 6.4-2 all [upgradable from: 6.3-1]
pve-firewall/stable 4.1-4 amd64 [upgradable from: 4.1-3]
pve-firmware/stable 3.2-4 all [upgradable from: 3.2-2]
pve-i18n/stable 2.3-1 all [upgradable from: 2.2-2]
pve-kernel-5.4/stable 6.4-2 all [upgradable from: 6.3-7]
pve-kernel-helper/stable 6.4-2 all [upgradable from: 6.3-7]
pve-manager/stable 6.4-8 amd64 [upgradable from: 6.3-6]
pve-qemu-kvm/stable 5.2.0-6 amd64 [upgradable from: 5.2.0-3]
python3.7-minimal/stable 3.7.3-2+deb10u3 amd64 [upgradable from: 3.7.3-2+deb10u2]
python3.7/stable 3.7.3-2+deb10u3 amd64 [upgradable from: 3.7.3-2+deb10u2]
qemu-server/stable 6.4-2 amd64 [upgradable from: 6.3-8]
spl/stable 2.0.4-pve1 all [upgradable from: 2.0.3-pve2]
systemd-sysv/stable 241-7~deb10u7 amd64 [upgradable from: 241-7~deb10u6]
systemd/stable 241-7~deb10u7 amd64 [upgradable from: 241-7~deb10u6]
udev/stable 241-7~deb10u7 amd64 [upgradable from: 241-7~deb10u6]
zfs-initramfs/stable 2.0.4-pve1 all [upgradable from: 2.0.3-pve2]
zfs-zed/stable 2.0.4-pve1 amd64 [upgradable from: 2.0.3-pve2]
zfsutils-linux/stable 2.0.4-pve1 amd64 [upgradable from: 2.0.3-pve2]

 

[Moayad]

Hi,

thank you for the output, I want to see the sources as well so please post the full output

 

[subjectx]

Ahh, sorry

Hit:1 http://ftp.si.debian.org/debian buster InRelease
Hit:2 http://ftp.si.debian.org/debian buster-updates InRelease
Hit:3 http://security.debian.org buster/updates InRelease
Hit:4 http://download.proxmox.com/debian/pve buster InRelease

 

[Faris Raouf]

Just my additional input on this.

I am also terrified of problems during upgrades. So far, I have experienced none at all, and that's even including upgrading from 5.x to 6.x.
Despite this, I'm still nervous about doing upgrades. I think it is a mental problem of some kind

I have two methods to help me out:

First, I have a pair of very similar servers to my production ones, on which I test all upgrades before doing it on the production ones. They are the same make and general specification as the production ones, and my theory is that if something goes smoothly on the test systems, it will go smoothly on the production ones.

Secondly, I don't upgrade the moment a new version comes out. I wait a little while in case unexpected problems are reported. For example I'll be doing the 6.3 to 6.4 upgrade this weekend, I hope. I would have done it much sooner, but I've been prevented from doing so by matters outside my control.

On top of this, of course I make backups of the VMs, the content of /etc/, and the content of (errr....wherever else it is that PVE config files are stored - I don't remember off-hand). And all node disks are in mirrored arrays at the very least.

I have also taken to making backups of the MBRs of all VMs.

I'm sure that in case of disaster, despite everything I do, the one thing I've not done will be what trips me up.

Still, I have to say again, in the (at least) two years+ I've been using Proxmox, not one single upgrade has gone wrong. Not one.

I do strongly suggest you take out a subscription though.

EDIT: Updated last night and Rebooted for new kernel. All went well. Again. Just like it has countless times before