A Linux kernel update is not to be taken lightly—change means risk. Whatever reasons you think you might have, there is really only one that matters. Igor Seletskiy, CEO of CloudLinux, tells you what it is in this blog post.
Bad Reason #1: Stability Improvements
The Linux Kernel is extremely stable. There is very little reason to update your kernel for stability’s sake. Yes, there are always ‘edge cases’ that affect a very tiny percentage of servers. If your servers are stable, then a kernel update is more likely to introduce new issues, making things less stable, not more.
Related Article: Does Live Kernel Patching Slow Systems Down?
Bad Reason #2: Updated Drivers
Yes, you will update Linux device drivers, but most if not all of these updates will be for hardware that you don’t have, and for things you don’t use. Unless you are using cutting-edge hardware released in the last 6-12 months, there is little chance that any updates will significantly improve server performance or stability, especially, if your servers are already stable.
Bad Reason #3: New Kernel Functionality
Occasionally, major updates to the kernel bring in some new functionality. Most likely, it will be years before any software on your system will start using that functionality. And it is almost never the case that it will ‘require’ that new functionality.
So, yes, you will have it, but it will have a zero positive effect on your system performance.
Bad Reason #4: Increased Speed
Linux development community spends an immense amount of time on improving Linux performance. Yet, the reality is that the Linux kernel is already very fast, and the incremental performance increases for most systems will not be noticeable. While some subsystems might see exciting improvements, overall, even major releases typically bring less than a 1% performance improvement for typical workloads, and can often result in a slight performance degradation.
Bad Reason #5: Downtime
It is not enough to just install a new kernel. You must reboot the server for the new kernel to start operating. This means server downtime and extra work. Some servers might not “boot” up, or may take a long time to boot up due to fsck.
Related post: Why you should automate Linux kernel updates
One Good Reason
So, is there a good reason to update your kernel? Yes, there is: for security.
Running a kernel with known vulnerabilities might leave a backdoor that hackers can use to get in or establish themselves on your servers. It might also make you non-compliant with various compliant standards and security best practices. So, keeping your system and kernel secured is important. Luckily, that can be done without upgrading the whole kernel and without rebooting, using live kernel patch services such as KernelCare or Ksplice.
Read our most popular blog posts about live patching technology and find out how it enables your infrastructure security:
- ‘CacheOut’ Attack: update microcode without a reboot and you’re safe
- KernelCare fixes Meltdown and Spectre without reboots!
- Reboot Server Now or Later? (Neither, thanks)
- Custom Kernel Patching with Rebootless Updates