View All Products
Compute
Storage
Networking
Databases
Services
Developer Tools
Industries
Pricing
Community
Engage With Us
Community Questions Ubuntu Live Kernel Patching
Log in to Ask a Question

Ubuntu Live Kernel Patching

kernel ubuntu ubuntu-1804 livepatch canonical
Linode Staff

Ubuntu's Live Kernel Patching system allows you to quickly and easily apply critical kernel updates without rebooting your Linode. This service is free for up to 3 systems, and it runs on our latest Ubuntu 18.04 LTS image just fine.

You'll want to first ensure your Linode is running GRUB 2, not a Linode kernel. Your new Ubuntu 18.04 image will deploy with GRUB 2, but you can confirm by checking your Linode's configuration profile.

After that, head to the Livepatch page and create an account. You can license up to 3 servers for free, so there is no cost unless you plan to mass deploy Livepatch.

https://www.ubuntu.com/server/livepatch

Once you've created an account it's as simple as running the following commands:
sudo snap install canonical-livepatch
sudo canonical-livepatch enable $your_token

You will then receive the following message if everything is running as expected:

Successfully enabled device. Using machine-token: $your_token

If you're ever curious about the status of livepatch run the following. This does support a --verbose option if you'd like a bit more detail:
canonical-livepatch status

Here's some output from my machine to give you an idea of what info status provides.

client-version: 8.0.1
architecture: x86_64
cpu-model: Intel(R) Xeon(R) CPU E5-2697 v4 @ 2.30GHz
last-check: 2018-05-11T23:05:09.705969833-04:00
boot-time: 2018-05-02T08:33:33-04:00
uptime: 230h36m17s
status:

  • kernel: 4.15.0-20.21-generic
    running: true
    livepatch:
    checkState: checked
    patchState: nothing-to-apply
    version: ""
    fixes: ""

The following pages have some more information on Livepatch and how to set it up.
Live kernel patching from Canonical
Canonical Livepatch Service

Potential issues
If you receive the following error when trying to enable canonical-livepatch then you are not using the correct kernel. You need to head to your configuration profile and change the Kernel option to GRUB 2.

2018/05/12 03:24:10 cannot use livepatch: your kernel "4.15.13-x86_64-linode106" is not eligible for livepatch updates

Distribution Supplied Kernel With KVM

2 Replies

Will this also work on an ubuntu 16.04 linode?

Linode Staff

This should work on every LTS version of Ubuntu back to Ubuntu 14.04. You will need to ensure you're using a distribution supplied kernel, not the kernels supplied by Linode.

Reply

Please enter an answer
Tips:

You can mention users to notify them: @username

You can use Markdown to format your question. For more examples see the Markdown Cheatsheet.

> I’m a blockquote.

I’m a blockquote.

[I'm a link] (https://www.google.com)

I'm a link

**I am bold** I am bold

*I am italicized* I am italicized

Log in to Reply
Community Code of Conduct