Configuring livepatch on-prem patch storage

Livepatch server supports several different drivers for storing patch files downloaded from livepatch.canonical.com:

  1. Local filesystem
  2. Swift
  3. S3 (and compatible implementations, e.g. minio)
  4. Postgresql

The filesystem patch store is easiest to deploy and suits most configurations. However, if there is a need to scale out the livepatch server such as have multiple livepatch servers running to handle the load, the filesystem patch store should not be used.

In case there is a need to scale out livepatch on-prem, use the s3, postgresql or swift patch stores. Any patch store should have enough space for storing livepatches - currently at least 15GB.

Swift patch store

To use the swift patch store, set the ‘patchstore’ charmed operator config key to ‘swift’ for the livepatch application.

Additionally, set these charmed operator configuration options:

  • swift_apikey
  • swift_auth_url
  • swift_container_name
  • swift_domain_name
  • swift_region_name
  • swift_tenant_name
  • swift_username

S3 patch store

The S3 patch store supports services compatible with the S3 API, such as AWS S3 and minio.

To use the s3 patch store, set the ‘patchstore’ charmed operator config key to ‘s3’ for the livepatch application.

Additionally, set these charmed operator configuration options:

  • s3_access_key_id
  • s3_bucket
  • s3_endpoint
  • s3_region
  • s3_secret_key
  • s3_secure

Postgresql patch store

To use the postgresql patch store, set the ‘patchstore’ charmed operator config key to ‘postgres’ for the livepatch application. No further configuration is required as the livepatch server will use the attached postgresql database.