(Re)define what our OS patching processes should look like
The handbook says this about our Ubuntu OS patching strategy:
Infrastructure will look to begin OS upgrades for Ubuntu LTS releases 6 months after their release and attempt to maintain all GCP compute instances on an LTS within the last 5 years of release.
However, with the release of Ubuntu 24.04 right around the corner, we're still deploying Ubuntu 20.04 across the fleet. And it's not clear exactly how this patching should be done, and by whom. The intent of this issue is to outline some possible ways to make these updates easier, and identify the areas of ownership.
The first major obstacle to using anything newer than Ubuntu 20.04, is that we would need to support Chef/Cinc 15+ across our cookbooks. Other discussions have discussed alternatives to Chef such as Ansible and Packer.
Edited by Matt Miller