1
00:00:00,000 --> 00:00:04,170
Pulling back updates and patches. So as

2
00:00:04,170 --> 00:00:06,330
a system administrator or system

3
00:00:06,330 --> 00:00:09,840
engineer, one of your responsibility is

4
00:00:09,840 --> 00:00:12,630
that you need to update your system or

5
00:00:12,630 --> 00:00:15,540
install patches that are vulnerable to

6
00:00:15,540 --> 00:00:18,240
the system, and keep your system updated.

7
00:00:18,660 --> 00:00:22,140
So we often run a system updates,

8
00:00:22,140 --> 00:00:26,340
command, yum updates and yum upgrades

9
00:00:26,340 --> 00:00:28,200
to apply those patches, to keep the

10
00:00:28,200 --> 00:00:31,320
system updated. But sometimes what

11
00:00:31,320 --> 00:00:33,600
happens is, when you do the updates,

12
00:00:33,750 --> 00:00:35,760
there are or there could be some

13
00:00:35,760 --> 00:00:38,520
compatibility issues. Those

14
00:00:38,520 --> 00:00:41,670
compatibility issues could occur with

15
00:00:41,670 --> 00:00:44,400
your database, or your application that

16
00:00:44,400 --> 00:00:46,440
you're running. Maybe the new updates

17
00:00:46,440 --> 00:00:48,420
are not compatible with the application

18
00:00:48,420 --> 00:00:50,400
version you are running. So that time,

19
00:00:50,640 --> 00:00:54,300
you need to find a way to rollback. And

20
00:00:54,300 --> 00:00:56,430
in this lecture, this is what I'm going

21
00:00:56,430 --> 00:00:58,650
to cover, how we could get into that

22
00:00:58,650 --> 00:01:01,620
problem and how we could fix it. Now,

23
00:01:01,620 --> 00:01:05,430
first thing first is, if you are using a

24
00:01:05,430 --> 00:01:08,400
virtual machine, which I think you most

25
00:01:08,400 --> 00:01:12,210
likely you are, and most of the

26
00:01:12,300 --> 00:01:15,390
corporate environment platform will now

27
00:01:15,390 --> 00:01:18,420
run on virtual machine. So the best

28
00:01:18,420 --> 00:01:21,930
thing, and the best practice to have a

29
00:01:21,930 --> 00:01:24,570
virtual machine and do the updates is

30
00:01:24,570 --> 00:01:27,450
that you create a virtual machine

31
00:01:27,450 --> 00:01:31,290
snapshot before you apply any updates or

32
00:01:31,290 --> 00:01:34,800
patches, or download any packages

33
00:01:35,100 --> 00:01:39,390
from from the repositories or even third

34
00:01:39,390 --> 00:01:42,090
party vendors. So if you have a virtual

35
00:01:42,090 --> 00:01:44,100
machine, what do you need to do? You

36
00:01:44,130 --> 00:01:46,170
create, you take a snapshot of the

37
00:01:46,170 --> 00:01:48,780
existing machine. And if something goes

38
00:01:48,780 --> 00:01:51,810
wrong, you can always revert back. So

39
00:01:51,810 --> 00:01:54,390
that's the best option you have if you

40
00:01:54,390 --> 00:01:56,970
are running a virtual machine. Now, if

41
00:01:56,970 --> 00:01:59,880
you are running a physical machine, then

42
00:01:59,910 --> 00:02:01,830
of course, you do not have the option to

43
00:02:01,830 --> 00:02:03,570
create a snapshot and you're out of

44
00:02:03,570 --> 00:02:06,360
luck. Most of the time when developers

45
00:02:06,660 --> 00:02:10,800
are testing their code, they also rely

46
00:02:10,800 --> 00:02:13,470
heavily on snapshots. And of course,

47
00:02:13,470 --> 00:02:15,930
snapshots happen on virtual machines not

48
00:02:15,930 --> 00:02:18,180
in physical machine. So now coming down

49
00:02:18,180 --> 00:02:20,010
to physical machine. If you have a

50
00:02:20,010 --> 00:02:21,990
physical machine, then you're going to

51
00:02:21,990 --> 00:02:25,770
have that problem to not revert back to

52
00:02:25,770 --> 00:02:27,570
anything, then what do you do? Well

53
00:02:27,630 --> 00:02:31,620
rollback a package or patch is that you

54
00:02:31,620 --> 00:02:34,230
first install yum install package

55
00:02:34,230 --> 00:02:36,570
name. That's how you install a new

56
00:02:36,570 --> 00:02:39,390
package. And then you can run yum

57
00:02:39,390 --> 00:02:42,900
history undo followed by the ID of that

58
00:02:42,900 --> 00:02:45,600
package name that was installed. So this

59
00:02:45,600 --> 00:02:47,730
is mostly you will do when you have a

60
00:02:47,730 --> 00:02:52,860
physical machine. So you run a rollback

61
00:02:52,980 --> 00:02:56,771
on update. Meaning when you want to rollback an

62
00:02:56,771 --> 00:02:58,830
update instead of just a

63
00:02:58,830 --> 00:03:01,440
package. So there is one package, let's

64
00:03:01,440 --> 00:03:05,010
say NTP package, you install that

65
00:03:05,010 --> 00:03:07,890
package, but you wanted to remove that

66
00:03:07,890 --> 00:03:10,980
package or you updated that package. But

67
00:03:10,980 --> 00:03:13,890
now you want to downgrade that update

68
00:03:13,920 --> 00:03:16,200
that is very easy to do it on one

69
00:03:16,230 --> 00:03:20,400
specific package or one specific patch.

70
00:03:21,060 --> 00:03:23,430
But now when you are talking about

71
00:03:23,430 --> 00:03:27,330
rolling back an update, this is a huge

72
00:03:27,330 --> 00:03:29,790
thing because update could include

73
00:03:30,630 --> 00:03:34,650
100s to 1000s updates to your packages

74
00:03:34,650 --> 00:03:37,200
that you have installed. So based on the

75
00:03:37,200 --> 00:03:39,870
recommendation, this is exactly the

76
00:03:39,930 --> 00:03:42,180
entire recommendation from Redhat or

77
00:03:42,180 --> 00:03:44,970
CentOS or in many Linux flavors. And

78
00:03:44,970 --> 00:03:47,670
that is, downgrading a system to minor

79
00:03:47,670 --> 00:03:50,130
version. When you do the update, for

80
00:03:50,130 --> 00:03:54,000
example, RHEL 7.1 to 7.0, it is

81
00:03:54,000 --> 00:03:57,060
not recommended at all, as this might

82
00:03:57,060 --> 00:03:59,610
leave the system in undesired or

83
00:03:59,670 --> 00:04:03,540
unstable state. So if you want to read

84
00:04:03,540 --> 00:04:05,490
this statement again, please read it

85
00:04:05,490 --> 00:04:08,820
again, that doing the downgrade from 7.1

86
00:04:08,820 --> 00:04:11,880
or 7.5 to an older version,

87
00:04:12,270 --> 00:04:13,860
definitely not recommended.

88
00:04:14,430 --> 00:04:17,940
You could do the downgrade, if you have

89
00:04:17,940 --> 00:04:19,440
a virtual machine, if you have taken a

90
00:04:19,440 --> 00:04:21,269
snapshot, then you could definitely go

91
00:04:21,269 --> 00:04:23,279
back and revert back to the oldest

92
00:04:23,279 --> 00:04:25,980
snapshot, that is perfectly fine. But if

93
00:04:25,980 --> 00:04:29,370
you have already updated your system and

94
00:04:29,370 --> 00:04:31,710
your system has updated version, then

95
00:04:31,710 --> 00:04:33,330
please I would definitely recommend it

96
00:04:33,330 --> 00:04:35,550
do not touch it. And at that point, I

97
00:04:35,550 --> 00:04:37,560
would say just go ahead and install

98
00:04:37,560 --> 00:04:40,200
fresh to the version that you want to

99
00:04:40,200 --> 00:04:41,430
have it compatible with your

100
00:04:41,430 --> 00:04:44,640
application. So if you still decide to

101
00:04:44,640 --> 00:04:49,500
rollback, an update or an upgrade, then

102
00:04:49,500 --> 00:04:51,330
here are a step. Now there are two

103
00:04:51,330 --> 00:04:52,830
things that you also have to keep in

104
00:04:52,830 --> 00:04:56,970
mind right here. One is, there are two type

105
00:04:56,970 --> 00:05:00,960
of system update you could do. One

106
00:05:00,960 --> 00:05:04,200
is actual update and one is the upgrade.

107
00:05:04,620 --> 00:05:06,690
You could do yum update, what exactly

108
00:05:06,690 --> 00:05:09,240
this command do? This command actually

109
00:05:09,270 --> 00:05:12,690
update and will preserve the old

110
00:05:12,690 --> 00:05:16,890
updates. Whereas upgrade, yum upgrade

111
00:05:16,920 --> 00:05:21,360
will delete obsolete packages. So when

112
00:05:21,360 --> 00:05:23,970
you run the yum update, it will keep the

113
00:05:24,000 --> 00:05:26,070
older packages with the system. It is not

114
00:05:26,070 --> 00:05:29,160
going to remove them. When you run yum

115
00:05:29,220 --> 00:05:32,640
upgrade, you will upgrade to the newer

116
00:05:32,700 --> 00:05:36,510
version, and it will actually remove old

117
00:05:36,840 --> 00:05:40,170
packages. So then if you have

118
00:05:40,170 --> 00:05:42,360
already ran the yum upgrade, then most

119
00:05:42,360 --> 00:05:43,620
likely, you're not going to have the

120
00:05:43,650 --> 00:05:46,080
option to rollback at all, at this

121
00:05:46,080 --> 00:05:49,410
point. So let's see if you have done the

122
00:05:49,410 --> 00:05:51,330
yum update. Great. Now what's the next

123
00:05:51,330 --> 00:05:53,370
step? Next step is you will do the same

124
00:05:53,370 --> 00:05:55,560
thing as if you were doing this for one

125
00:05:55,560 --> 00:05:58,410
specific package, is that you run yum

126
00:05:58,530 --> 00:06:02,460
history space, undo space, the ID of

127
00:06:02,460 --> 00:06:04,920
that specific task that you did. And that

128
00:06:04,920 --> 00:06:08,220
specific task is yum update. And it will

129
00:06:08,220 --> 00:06:11,250
actually remove all those updates that

130
00:06:11,250 --> 00:06:13,860
it has applied, and it will revert back

131
00:06:13,860 --> 00:06:16,020
to the older version. And of course,

132
00:06:16,020 --> 00:06:18,150
hopefully this works, but there is no

133
00:06:18,150 --> 00:06:23,010
guarantee that it will actually be or

134
00:06:23,010 --> 00:06:24,570
leave the system in the stable

135
00:06:24,570 --> 00:06:26,640
condition. Anyway, good luck with that.

136
00:06:26,850 --> 00:06:29,310
But let's try on a Linux machine how we

137
00:06:29,310 --> 00:06:32,160
could go and rollback a patch or package

138
00:06:32,400 --> 00:06:35,340
and how we can rollback an update. So

139
00:06:35,340 --> 00:06:38,130
before you start doing any downloads or

140
00:06:38,130 --> 00:06:41,280
updates or upgrades to your system, I

141
00:06:41,280 --> 00:06:43,230
would recommend you take a snapshot

142
00:06:43,260 --> 00:06:45,030
of your virtual machine, if you are using

143
00:06:45,030 --> 00:06:46,860
a virtual machine. My virtual

144
00:06:46,860 --> 00:06:48,540
environment is running on Oracle

145
00:06:48,540 --> 00:06:50,610
VirtualBox platform. So what I'm going

146
00:06:50,610 --> 00:06:52,710
to do is, this is my machine that is

147
00:06:52,710 --> 00:06:54,810
running. So I'm going to take a snapshot

148
00:06:54,810 --> 00:06:57,120
by clicking here. And I'm going to name

149
00:06:57,120 --> 00:06:58,980
the snapshot, most of the time I name it

150
00:06:58,980 --> 00:07:01,830
with the date when it was taken, and I

151
00:07:01,830 --> 00:07:06,060
click OK. This is going to take the

152
00:07:06,060 --> 00:07:12,540
exact same snapshot, the exact same, the

153
00:07:12,540 --> 00:07:14,760
state of the machine that it is right

154
00:07:14,760 --> 00:07:17,970
now. So if I wanted to change anything

155
00:07:18,000 --> 00:07:20,370
afterwards from this point on, I could

156
00:07:20,370 --> 00:07:22,470
always come back to this state by

157
00:07:22,470 --> 00:07:24,780
clicking here and go to revert to

158
00:07:24,780 --> 00:07:27,570
snapshot to this one. So now I have

159
00:07:27,570 --> 00:07:30,390
taken snapshot, now let's move on to

160
00:07:30,390 --> 00:07:32,910
doing our package install, and let's move

161
00:07:32,910 --> 00:07:35,940
on to doing our yum update or upgrade

162
00:07:35,940 --> 00:07:40,080
whatever that we have to do. So let me

163
00:07:40,230 --> 00:07:42,810
log into my Linux machine, I have the

164
00:07:42,810 --> 00:07:45,090
Linux machine right here, and I will go

165
00:07:45,090 --> 00:07:47,490
over each of this command to show you

166
00:07:47,490 --> 00:07:50,580
how you can rollback a package or

167
00:07:50,580 --> 00:07:53,550
patch or you can rollback an entire

168
00:07:53,550 --> 00:07:58,800
update. So I'm logged in as root, and I

169
00:07:58,800 --> 00:08:01,530
am going to install a package as an

170
00:08:01,530 --> 00:08:04,170
example in my Linux machine and that

171
00:08:04,170 --> 00:08:07,680
package I will use screen. A screen is

172
00:08:07,680 --> 00:08:10,500
just a package that allows you to record

173
00:08:10,500 --> 00:08:14,970
session or do certain functions on while

174
00:08:14,970 --> 00:08:17,520
you are Putting in, into your Linux

175
00:08:17,520 --> 00:08:20,010
machine. Anyway so when we run this

176
00:08:20,250 --> 00:08:24,930
command, yum install screen, it will go

177
00:08:24,930 --> 00:08:27,690
online and check for any dependency, it

178
00:08:27,690 --> 00:08:30,300
found the package, and it says the total

179
00:08:30,300 --> 00:08:34,200
download size is 552k, installed sizes

180
00:08:34,200 --> 00:08:36,690
91k. Is this okay? Do want to go

181
00:08:36,690 --> 00:08:39,126
ahead install it? Yes, I want to go ahead install it.

182
00:08:39,126 --> 00:08:41,186
[No audio]

183
00:08:41,186 --> 00:08:45,840
All right. It's going in to, is actually

184
00:08:45,840 --> 00:08:48,600
going to the repository checking if

185
00:08:48,600 --> 00:08:50,549
there are any dependencies. Okay, so it

186
00:08:50,549 --> 00:08:52,620
says installed. So I could verify if it

187
00:08:52,620 --> 00:08:54,809
has installed by running command rpm

188
00:08:55,110 --> 00:08:58,230
-qa and grep for screen.

189
00:08:58,279 --> 00:09:00,150
[No audio]

190
00:09:00,150 --> 00:09:03,960
And it came up with exactly the the

191
00:09:03,960 --> 00:09:05,970
package that it has installed, this is the

192
00:09:05,970 --> 00:09:09,900
one. Okay so now, now we we have

193
00:09:09,930 --> 00:09:11,880
downloaded the package, perfect, but now

194
00:09:11,880 --> 00:09:15,240
we want it to downgrade or remove their

195
00:09:15,240 --> 00:09:18,390
package. Or if the package already

196
00:09:18,390 --> 00:09:20,430
exists then of course downgrade because

197
00:09:20,430 --> 00:09:23,460
it doesn't, it isn't compatible with the

198
00:09:23,490 --> 00:09:25,500
application that we're running. So at

199
00:09:25,500 --> 00:09:28,860
this point, I will run a yum history

200
00:09:28,860 --> 00:09:32,190
command, and this command would tell me

201
00:09:32,220 --> 00:09:34,290
that the latest one, the command that I

202
00:09:34,290 --> 00:09:38,850
ran is right here. As root I ran at this

203
00:09:38,850 --> 00:09:42,120
time, at this date, and I used to install,

204
00:09:42,990 --> 00:09:46,920
and it altered one package. So the ID is

205
00:09:46,920 --> 00:09:49,620
17. So if I want to downgrade or remove

206
00:09:49,620 --> 00:09:55,590
it I would do yum history undo and

207
00:09:56,460 --> 00:10:00,810
prosper sorry, the ID that the task ID.

208
00:10:01,590 --> 00:10:04,770
So hit enter. And it's saying that it's

209
00:10:04,770 --> 00:10:07,950
going to remove this package screen,

210
00:10:08,370 --> 00:10:10,080
remove one package, and then you go

211
00:10:10,080 --> 00:10:14,160
ahead and hit yes. And now it is

212
00:10:14,160 --> 00:10:15,840
completed. Now you could go ahead and

213
00:10:16,110 --> 00:10:20,820
rpm -qa, and grep for screen to see

214
00:10:20,880 --> 00:10:23,760
if it still there. It is not there, it

215
00:10:23,760 --> 00:10:25,440
has a gnome-screen, which is not

216
00:10:25,440 --> 00:10:27,750
exactly one that I'm looking for. Anyway,

217
00:10:27,930 --> 00:10:30,810
so if you had an older version of the

218
00:10:30,810 --> 00:10:33,870
package, then it would not have removed

219
00:10:33,870 --> 00:10:36,420
it, it would have downgraded it to the

220
00:10:36,420 --> 00:10:40,530
older version. Okay, so now this is

221
00:10:40,560 --> 00:10:43,860
about a single package or a single patch

222
00:10:43,980 --> 00:10:46,740
that you apply. Now, let's talk about

223
00:10:46,770 --> 00:10:49,890
when you, when you perform an update to

224
00:10:49,890 --> 00:10:52,950
your system. Then of course, as I said

225
00:10:52,950 --> 00:10:55,440
before, this is not recommended, I

226
00:10:55,440 --> 00:10:57,060
wouldn't recommend you guys try that

227
00:10:57,090 --> 00:11:00,600
unless you actually have a proper

228
00:11:00,600 --> 00:11:03,690
support from Redhat or whichever the

229
00:11:03,690 --> 00:11:05,430
Linux operating system you're using.

230
00:11:06,030 --> 00:11:08,250
Okay, so if I'm doing updates, or let's

231
00:11:08,250 --> 00:11:11,070
run the update, yum update, as I said,

232
00:11:11,070 --> 00:11:13,320
always use yum update instead of

233
00:11:13,350 --> 00:11:18,540
upgrade, because upgrade will remove the

234
00:11:18,540 --> 00:11:20,640
obsolete packages or delete obsolete

235
00:11:20,640 --> 00:11:22,590
packages the older packages, so you

236
00:11:22,590 --> 00:11:25,230
cannot rollback anymore. So let's do

237
00:11:25,230 --> 00:11:30,630
yum update, hit enter. This is going to

238
00:11:30,900 --> 00:11:33,330
get a list of everything that needs to

239
00:11:33,330 --> 00:11:35,940
be updated. I have a total updates and

240
00:11:35,940 --> 00:11:39,840
needs to be updated is 159 packages, the

241
00:11:39,840 --> 00:11:42,750
sizes there, is it okay, yes, go ahead and

242
00:11:42,960 --> 00:11:46,830
install. So I hit Y, and it is going

243
00:11:46,830 --> 00:11:50,520
through the entire list of packages that

244
00:11:50,520 --> 00:11:52,920
needs to be updated. Now at this point,

245
00:11:52,920 --> 00:11:56,460
I am going to fast forward this because

246
00:11:56,460 --> 00:11:58,770
this might take a little longer

247
00:11:58,770 --> 00:12:01,980
depending on your system. And depending

248
00:12:01,980 --> 00:12:04,710
on your Ethernet or internet speed.

249
00:12:04,710 --> 00:12:19,590
[No audio]

250
00:12:19,590 --> 00:12:22,380
Okay, so the updates have been

251
00:12:22,380 --> 00:12:25,680
completed, we could verify it by running

252
00:12:26,250 --> 00:12:31,830
yum history, and lists are all but for

253
00:12:31,830 --> 00:12:34,110
now just put yum history and you'll see

254
00:12:34,110 --> 00:12:38,160
right up there on the top number 19. The

255
00:12:38,160 --> 00:12:42,840
task 19 is to install or update. And

256
00:12:42,840 --> 00:12:44,790
this is the date and it's time that was

257
00:12:44,790 --> 00:12:50,130
done. Now, if you want to undo anything

258
00:12:50,130 --> 00:12:52,680
like that, I will recommend you that you

259
00:12:52,680 --> 00:12:55,260
take a snapshot of your virtual machine

260
00:12:55,290 --> 00:12:58,050
if you are running a virtual machine. If

261
00:12:58,050 --> 00:13:00,510
you are not, then, of course, then you will

262
00:13:00,510 --> 00:13:03,540
have to have a support from many

263
00:13:03,540 --> 00:13:05,280
enterprise level support in the Linux

264
00:13:05,280 --> 00:13:07,590
platform you're running. Okay, so as we

265
00:13:07,590 --> 00:13:10,170
have this list or the history of our

266
00:13:10,380 --> 00:13:12,870
yum command, you notice that the number

267
00:13:12,870 --> 00:13:16,020
19 is the one that we want to undo. So

268
00:13:16,020 --> 00:13:17,760
we will do the same command as if you

269
00:13:17,760 --> 00:13:20,820
were doing to undo a package, yum history,

270
00:13:22,590 --> 00:13:26,130
undo, and the task number is number 19.

271
00:13:26,670 --> 00:13:28,705
So let's run 19 here.

272
00:13:28,705 --> 00:13:32,810
[No audio]

273
00:13:32,810 --> 00:13:36,030
Okay, we are getting the downgrades total packages of

274
00:13:36,030 --> 00:13:39,000
159. You could go ahead and hit Y, it

275
00:13:39,000 --> 00:13:41,850
will downgrade and remove any packages

276
00:13:41,850 --> 00:13:43,920
that were installed there. But I'm not

277
00:13:43,920 --> 00:13:46,410
going to do that. But if you really have

278
00:13:46,410 --> 00:13:48,060
to do because of the compatibility

279
00:13:48,060 --> 00:13:50,370
issue, go ahead and hit Y, and it will

280
00:13:50,370 --> 00:13:52,200
go through the entire process of

281
00:13:52,860 --> 00:13:55,260
downgrading or removing and cleanup

282
00:13:55,260 --> 00:13:59,010
process. So if you run into issue, the

283
00:13:59,010 --> 00:14:02,850
good thing is that you do have, you do

284
00:14:02,850 --> 00:14:06,780
have the snapshot so you could always

285
00:14:06,780 --> 00:14:08,910
revert to that snapshot that you take

286
00:14:08,910 --> 00:14:11,760
if things goes wrong. So that's how you

287
00:14:11,760 --> 00:14:13,950
do the rollback. I hope this lecture

288
00:14:13,950 --> 00:14:15,570
serves this purpose. If you have any

289
00:14:15,570 --> 00:14:19,541
question please send me a message and good luck.