Ubuntu Livepatch Service

Ubuntu kernel Live Patching service

Ubuntu Livepatch patches high and critical linux kernel vulnerabilities removing the immediate need to reboot to upgrade the kernel, instead allowing the downtime to be scheduled.

The ubuntu livepatch offering consists of the client application, the livepatch service hosted by Canonical and an optional on-prem server. The client runs on machines,
periodically checks for available patches, downloads, verifies and installs them.

Canonical livepatch is meant for critical infrastructure, where unscheduled downtime is to be avoided. By applying live kernel patches for high and critical kernel vulnerabilities, upgrades can be scheduled at a suitable time.

Livepatch Client

Livepatch is the client side software that runs on individual machines and periodically checks for the availability of kernel patches. Once a patch becomes available, it is downloaded, verified and applied to the current kernel.

Livepatch On-prem

Complex enterprise environments often follow policies that require a gradual roll-out of updates to reduce risk, or have high-security isolated environments that need to be updated. Livepatch on-prem allows an organization to define a rollout policy and remain in full control of which machines will get updated and when. To keep your machines up-to-date, the on-premises service regularly syncs with Livepatch hosted by Canonical and obtains the latest patches. It then deploys the patches gradually in as many stages as required.

Navigation

Navigation
Level Path Navlink
1 livepatch Livepatch service
2 howitworks How Livepatching works
2 kernels Supported kernels
2 notices Livepatch Security Notices
2 faq FAQ
1 client Livepatch client
2 client/enabling Enabling livepatch
2 client/disabling Disabling livepatch
2 client/status Checking status
2 client/firewall Network requirements
2 client/data Data sent
1 on_prem Livepatch on-prem
2 on_prem/deployment Deployment
2 on_prem/resource_requirements Resource Requirements
2 on_prem/patch_storage Patch Storage
3 on_prem/patch_storage/s3 Using S3 for patch storage
2 on_prem/client Client Configuration
2 on_prem/administration_tool Administration Tool
2 on_prem/firewall Network access
2 on_prem/fetching_patches Fetching Patches
2 on_prem/patch_management Patch Management
2 on_prem/fleet_management Fleet Management
2 on_prem/patch_health Patch Health reports
2 on_prem/upgrading Upgrading a deployment
2 on_prem/scaling On-prem Scalability
2 on_prem/tls TLS
2 on_prem/data Data sent
1 support Getting support
1 Like