Canonical Livepatch Server enables the delivery of Livepatch's to Livepatch clients, allowing reboots of critical infrastructure to be scheduled at a convenient time.
Requirements:
Quick Start:
Install the snap
sudo snap install canonical-livepatch-server
Now we require a Postgres database, for simplicity let's launch Postgres via docker:
docker run \
--name postgresql \
-e POSTGRES_USER=livepatch \
-e POSTGRES_PASSWORD=testing \
-p 5432:5432 \
-d postgres:12.11
Migrate the database, run:
canonical-livepatch-server.schema-tool \
postgresql://livepatch:testing@localhost:5432/livepatch
Update Livepatch with the DSN of our local Postgres, run:
sudo snap \
set canonical-livepatch-server \
lp.database.connection-string=postgresql://livepatch:testing@localhost:5432/livepatch
We can check the server is running via the logs:
sudo snap logs \
canonical-livepatch-server.livepatch -n 100
If you're a customer of Ubuntu Pro and have access to Livepatch on-premise, you can enable on-premise within the snap the same as you would for the charm.
You can obtain your token from: https://ubuntu.com/pro/dashboard
Here is a quick how-to:
Set your token via running:
sudo snap set canonical-livepatch-server token=<Ubuntu Pro token>
Install the server admin tool:
sudo snap install canonical-livepatch-server-admin
Set an environment variable for the admin tool to discover your snap server:
export LIVEPATCH_URL=http://localhost:8080
Set a basic user on the server, for example sake here is one with the username admin and password admin123, note, dollar signs must be escaped and the password but be bcrypt hashed:
sudo snap set canonical-livepatch-server \
lp.auth.basic.users=\
admin:\$2y\$10\$c25NVkdeIMqWdbgR4883YuE/s2CT1mCmGPm5Ma1XbUqGqM26ClTGe
If you'd like to generate your own,
sudo apt-get install apache2-utils
htpasswd -bnBC 10 <username> <password>
Enable basic authentication:
sudo snap set canonical-livepatch-server lp.auth.basic.enabled=true
Login with your admin tool:
canonical-livepatch-server-admin.livepatch-admin login -a admin:admin123
Synchronise hosted patches into your snap server:
canonical-livepatch-server-admin.livepatch-admin sync trigger
To set the server to automatically sync patches from Canonical's servers every 12 hours, you can run the following commands,
sudo snap set canonical-livepatch-server lp.patch-sync.enabled=true
sudo snap set canonical-livepatch-server lp.patch-sync.interval=12h
You are now ready to connect clients to your snap Livepatch instance! Currently the server is set (by default) to use file storage for the patches, you can actually see the patches here:
ls /var/snap/canonical-livepatch-server/common/patches/
Thank you for your report. Information you provided will help us investigate further.
There was an error while sending your report. Please try again later.
You are about to open
Do you wish to proceed?
Snaps are applications packaged with all their dependencies to run on all popular Linux distributions from a single build. They update automatically and roll back gracefully.
Snaps are discoverable and installable from the Snap Store, an app store with an audience of millions.
Snap can be installed from the command line on openSUSE Leap 15.x and Tumbleweed.
You need first add the snappy repository from the terminal. Leap 15.5 users, for example, can do this with the following command:
sudo zypper addrepo --refresh https://download.opensuse.org/repositories/system:/snappy/openSUSE_Leap_15.5 snappy
Swap out openSUSE_Leap_15.5 for openSUSE_Leap_15.4 or openSUSE_Tumbleweed if you’re using a different version of openSUSE.
With the repository added, import its GPG key:
sudo zypper --gpg-auto-import-keys refresh
Finally, upgrade the package cache to include the new snappy repository:
sudo zypper dup --from snappy
Snap can now be installed with the following:
sudo zypper install snapd
You then need to either reboot, logout/login or source /etc/profile to have /snap/bin added to PATH.
Additionally, enable and start both the snapd and the snapd.apparmor services with the following commands:
sudo systemctl enable --now snapd
sudo systemctl enable --now snapd.apparmor
To install canonical-livepatch-server, simply use the following command:
sudo snap install canonical-livepatch-server
Browse and find snaps from the convenience of your desktop using the snap store snap.
Interested to find out more about snaps? Want to publish your own application? Visit snapcraft.io now.
