Ubuntu Live Kernel Patching
Ubuntu's Live Kernel Patching system allows you to quickly and easily apply critical kernel updates without rebooting your Linode. This service is free for up to 3 systems, and it runs on our latest Ubuntu 18.04 LTS image just fine.
You'll want to first ensure your Linode is running GRUB 2, not a Linode kernel. Your new Ubuntu 18.04 image will deploy with GRUB 2, but you can confirm by checking your Linode's configuration profile.
After that, head to the Livepatch page and create an account. You can license up to 3 servers for free, so there is no cost unless you plan to mass deploy Livepatch.
Once you've created an account it's as simple as running the following commands:
sudo snap install canonical-livepatch
sudo canonical-livepatch enable $your_token
You will then receive the following message if everything is running as expected:
Successfully enabled device. Using machine-token: $your_token
If you're ever curious about the status of livepatch run the following. This does support a
--verbose option if you'd like a bit more detail:
Here's some output from my machine to give you an idea of what info status provides.
cpu-model: Intel(R) Xeon(R) CPU E5-2697 v4 @ 2.30GHz
- kernel: 4.15.0-20.21-generic
If you receive the following error when trying to enable
canonical-livepatch then you are not using the correct kernel. You need to head to your configuration profile and change the Kernel option to GRUB 2.
2018/05/12 03:24:10 cannot use livepatch: your kernel "4.15.13-x86_64-linode106" is not eligible for livepatch updates