I am planning to use katello/satellite 6 for patching and here is what
workflow i am planning to apply.
- sync repos from RHN
- create CV for those repos ( rhel6.6 common rpms, rhel6.6 rpms, puppet
- create CCV for above CV ( RHEL 6.6 Stable release )
- promote it for dev -> stage -> production …
when for new updates sync from RHN again …
create copy (CV copy) of "RHEL 6.6 Stable release", now sync rhel6.6 common
rpms, rhel6.6 rpms again from RHN,
publish ( Change child CV versions ) CCV ( RHEL 6.6 stable release ) again
… and push from dev -> stage -> prod …
Now this is possible for Quaterlly release or 6 month release cycle… how i
can apply critical patches immediately ? Let say i have vulnerability in
glibc and i only want to update (add in CV ) glibc … how can i update only
glibc and dependencies ??
i dont see currently this option and this is very critical for us…
does anyone have any better model for suggestion ?