2

I've got a Debian Wheezy VM on Linode and they run it with their own kernel.

As a reputable company, I'm sure they're quick to apply security patches, and all I need to do is reboot to get the new one. However, to notice whether a new one has been released, I have to monitor an RSS feed, which will require a fair bit of looking at as it includes notifications about all kernel releases, not just the one I'm using. Also, using their kernel which is outside of my OS causes pages of warnings about assumptions from things like my firewall script which is trying to check for the existence of certain modules.

I'm already on the Debian Security Announcements email list, which I keep an eye on for my other VMs.

So it seems to me I'd be better switching to a stock Debian kernel, but are there any other advantages to using a host's kernel that I might not be aware of?

artfulrobot
  • 2,949
  • 13
  • 36
  • 60
  • This is mostly an artifact of history. Years ago Xen, the hypervisor Linode uses, could only boot a VM from a kernel outside the virtual machine. The same was true of Amazon AWS. I have no idea why certain other providers, who never had this technical restriction, DO this. – Michael Hampton Feb 20 '15 at 19:15

1 Answers1

2

This seems like a good question to ask Linode. Why do they provide their own custom kernel? Does it somehow work better with their VPS? If you don't hear anything convincing, then it seems completely reasonable to switch to a stock Debian kernel and let apt-get handle the updates.

If they do add value with their kernel, ask them if they can provide it in a deb through an apt repository that you can add to your apt sources list.

Andrew Schulman
  • 8,811
  • 21
  • 32
  • 47