Maybe you find this way dangerous, but I update my 25+ FreeBSD machines mostly this way.
With a little work before build new ports ... at another machine update takes normaly including ports ~25min
Before you try this with a machine on the other side of the world test it with a spare machine or a VM
1. generate a kernel template that works on 'every machine' regardless if I can get a little more speed at machine X if module Z is removed.
To have a better overview betweeen the kernel versions for example 7.0 and 7.1 I configure my kernels this way.
Include GENERIC and unconfigure parts I don't need with the
no prefix
Code:
#!/bin/sh
#==========================================================
# use this script to generate a new kernel config
# usage:
# $> mkdir SAVE_PLACE/kernconf
# $> cd /usr/src/sys/${arch}/conf
# $> mk_kern_template.sh > SAVE_PLACE/kernconf/MYKERNEL
# $> ln -s SAVE_PLACE/kernconf/MYKERNEL MYKERNEL
# $> cd /usr/src/
# $> make buildkernel KERNCONF=MYKERNEL
# $> make installkernel KERNCONF=MYKERNEL KODIR=/boot/MYKERNEL
#
# in MYKERNEL: include the following line before the cpu options
#
# include GENERIC <- include the GENERIC kernel config,
# allready done by this script, but check
# for duplicates
# # nocpu I486_CPU
# # nocpu I586_CPU
# # nocpu I686_CPU
# ident MYKERNEL <- replace MYKERNEL with your kernel name
#
# Now the easy part, uncomment the nocpu, nooptions, nodevice you don't want
# to have in the kernel.
# Keep this file at a save place, and you can easily create a diff between
# FreeBSD releases to adjust your kernel config
#
# 2006-08-07 olli hauer
#==========================================================
REL=$(sysctl -n kern.osrelease)
cat << _EOF
#==========================================================
# \$Id\$
#
# Kernel Config for FreeBSD ${REL}
# This config overrides the default settings from GENERIC
# with the 'no' prefix, so we can track differences of
# the kernel config between FreeBSD versions easier
#
include GENERIC
_EOF
Now I build this kernel at a fast machine, we will rsync it later to the remote machines
2. collect all the files we need for the OS update
Code:
#> mdconfig -a -t vnode -f ./7.1-RELEASE-i386-disc1.iso
md0
#> mount_cd9660 /dev/md0 /cdrom/
#> mkdir /space/7.1-RELEASE
#> rsync -a --exclude=install.sh /cdrom/7.1-RELEASE/base /space/7.1-RELEASE/
#> rsync -a /cdrom/7.1-RELEASE/src /space/7.1-RELEASE/
#> rsync -a /cdrom/7.1-RELEASE/manpages /space/7.1-RELEASE/
#> umount /cdrom
#> mdconfig -d -u 0
Note:
exclude install.sh from base we will replace it with this script to exclude the /etc directory
-> save it as update.sh in the /space/7.1-RELEASE/base directory
Code:
#!/bin/sh
#
# $FreeBSD: src/release/scripts/base-install.sh,v 1.6.32.1 2008/11/25 02:59:29 kensmith Exp $
#
# This is a modified script to update quickly a already installed system
# but excludes the /etc directory.
# to update /etc extract first the sources to /usr/src
# and do first a mergemaster -p
# then a mergemaster
if [ "`id -u`" != "0" ]; then
echo "Sorry, this must be done as root."
exit 1
fi
#DESTDIR=/backup/testupdate
DESTDIR=/
# remove schg flags from files and dircetories
SCHGDIRS="bin lib libexec sbin usr/bin usr/lib usr/libexec usr/sbin var/empty"
echo "You are about to extract the base distribution into ${DESTDIR:-/} - are you SURE"
echo ""
echo "*******************************************"
echo " host: $(hostname) "
echo "*******************************************"
echo ""
echo -n "you want to do this over your installed system (y/n)? "
read ans
if [ "$ans" = "y" ]; then
echo "remove schg flag from"
for DIR in ${SCHGDIRS}; do
find /${DIR}/ -flags schg -maxdepth 1 | xargs chflags -v noschg
done
cat base.?? | tar --unlink -xpzf - --exclude ./etc -C ${DESTDIR:-/}
fi
3. Now it is time to rsync all the parts wee need to the remote machines
Code:
#> rsync -a /boot/kernel/ remote1:/boot/kernel.71/
#> rsync -a /space/7.1-RELEASE/ remote1:/space/7.1-RELEASE/
4. if you like to save some infos from the remote machine before you continue
Code:
#> mkdir -p /space/upgrade_save/remote1/local
#> cd /space/upgrade_save/remote1/
#> rsync -a remote1:/etc .
#> rsync -a remote1:/usr/local/etc local/
#> ssh remote1 pkg_info -qoa > pkg_info.remote1
5. Update the remote machine
!Attention! shutdown -k kicks off everyone except root, do not use if you logged in remote via other account and the su!
Code:
#> ssh remote1
#> shutdown -k now "system update in progress"
#> for i in `find /usr/local/etc/rc.d/ -type f`; do $i stop; done
#> mv /usr/src /usr/src.old
#> cd /space/7.1-RELEASE/src/ && ./install.sh
#> cd /usr/src/
#> mergemaster -p
#> cd /space/7.1-RELEASE/manpages/ && ./install.sh
#> nextboot -k kernel.71
#> cd /space/7.1-RELEASE/base/ && ./update.sh
6. reboot the machine (cross the fingers
7. login again to the machine
Code:
#> shutdown -k now "system update in progress"
#> cd /boot
#> mv kernel kernel.oldrelease
#> mv kernel.71 kernel
#> cd /usr/src
#> mergemaster -i
#> rm /var/run/nologin
#> shutdown -r now
8. system update with freebsd-update
Code:
#> mv /var/db/freebsd-update /var/db/freebsd-update.oldrelease
#> freebsd-update fetch
#> freebsd-update install
9. do some checks for your specific setup ...
Maybe you want to for sshd the new 1024 bit keys instead the old 768 bit then it is time to throw the old one away and restart sshd.
To cleanup old libs...
Hint:
A line with the following 'WITHOUT_KERBEROS=true' will remove also all kerberos parts from the system, so to be save rename /etc/make.conf
#> cd /usr/src
#> make clean-old
If you want to replace all ports with fresh ports build at another machine
# remote machine
#> mv /usr/ports/packages/All /usr/ports/packages/.All.oldrelease
#> pkg_info -qoa | sort > /usr/ports/packages/.pkg_info.oldrelease
# from build machine
#> rsync -av /space/prebuildpackages/All remote1:/usr/ports/packages/
# remote machine
#> pkg_delete -a
#> cd /usr/ports/packages/All/
#> pkg_install ./packagename
to see what we are mybee missing
#> pkg_info -qoa | sort > /usr/ports/packages/.pkg_info.new
#> diff -u /usr/ports/packages/.pkg_info.oldrelease /usr/ports/packages/.pkg_info.new