Canonical Livepatch Server enables the delivery of Livepatch's to Livepatch clients, allowing reboots of critical infrastructure to be scheduled at a convenient time.
Requirements:
Quick Start:
Install the snap
sudo snap install canonical-livepatch-server
Now we require a Postgres database, for simplicity let's launch Postgres via docker:
docker run \
--name postgresql \
-e POSTGRES_USER=livepatch \
-e POSTGRES_PASSWORD=testing \
-p 5432:5432 \
-d postgres:12.11
Migrate the database, run:
canonical-livepatch-server.schema-tool \
postgresql://livepatch:testing@localhost:5432/livepatch
Update Livepatch with the DSN of our local Postgres, run:
sudo snap \
set canonical-livepatch-server \
lp.database.connection-string=postgresql://livepatch:testing@localhost:5432/livepatch
We can check the server is running via the logs:
sudo snap logs \
canonical-livepatch-server.livepatch -n 100
If you're a customer of Ubuntu Pro and have access to Livepatch on-premise, you can enable on-premise within the snap the same as you would for the charm.
You can obtain your token from: https://ubuntu.com/pro/dashboard
Here is a quick how-to:
Set your token via running:
sudo snap set canonical-livepatch-server token=<Ubuntu Pro token>
Install the server admin tool:
sudo snap install canonical-livepatch-server-admin
Set an environment variable for the admin tool to discover your snap server:
export LIVEPATCH_URL=http://localhost:8080
Set a basic user on the server, for example sake here is one with the username admin and password admin123, note, dollar signs must be escaped and the password but be bcrypt hashed:
sudo snap set canonical-livepatch-server \
lp.auth.basic.users=\
admin:\$2y\$10\$c25NVkdeIMqWdbgR4883YuE/s2CT1mCmGPm5Ma1XbUqGqM26ClTGe
If you'd like to generate your own,
sudo apt-get install apache2-utils
htpasswd -bnBC 10 <username> <password>
Enable basic authentication:
sudo snap set canonical-livepatch-server lp.auth.basic.enabled=true
Login with your admin tool:
canonical-livepatch-server-admin.livepatch-admin login -a admin:admin123
Synchronise hosted patches into your snap server:
canonical-livepatch-server-admin.livepatch-admin sync trigger
To set the server to automatically sync patches from Canonical's servers every 12 hours, you can run the following commands,
sudo snap set canonical-livepatch-server lp.patch-sync.enabled=true
sudo snap set canonical-livepatch-server lp.patch-sync.interval=12h
You are now ready to connect clients to your snap Livepatch instance! Currently the server is set (by default) to use file storage for the patches, you can actually see the patches here:
ls /var/snap/canonical-livepatch-server/common/patches/
Thank you for your report. Information you provided will help us investigate further.
There was an error while sending your report. Please try again later.
You are about to open
Do you wish to proceed?
Snaps are applications packaged with all their dependencies to run on all popular Linux distributions from a single build. They update automatically and roll back gracefully.
Snaps are discoverable and installable from the Snap Store, an app store with an audience of millions.
Snap is available for CentOS 7.6+, and Red Hat Enterprise Linux 7.6+, from the Extra Packages for Enterprise Linux (EPEL) repository. The EPEL repository can be added to your system with the following command:
sudo yum install epel-release
Snap can now be installed as follows:
sudo yum install snapd
Once installed, the systemd unit that manages the main snap communication socket needs to be enabled:
sudo systemctl enable --now snapd.socket
To enable classic snap support, enter the following to create a symbolic link between /var/lib/snapd/snap and /snap:
sudo ln -s /var/lib/snapd/snap /snap
Either log out and back in again, or restart your system, to ensure snap’s paths are updated correctly.
To install canonical-livepatch-server, simply use the following command:
sudo snap install canonical-livepatch-server
Browse and find snaps from the convenience of your desktop using the snap store snap.
Interested to find out more about snaps? Want to publish your own application? Visit snapcraft.io now.