How to Setup Automatic Kernel.

How To Setup Automatic Kernel.

This article explains how to set up automatic rebootless kernel updates using the live patching solutions from Canonical and CloudLinux.

 

Canonical Livepatch

Canonical Livepatch is a service that patches the running kernel without having to reboot your Ubuntu system. Livepatch service is free to use, up to three Ubuntu systems. To use this service on more than three computers, you’ll have to subscribe to the Ubuntu Advantage program.

Before installing the service, you need to get a livepatch token from the Livepatch Service site .

Once you have the token install and enable the service by running the following two commands:

sudo snap install canonical-livepatch
sudo canonical-livepatch enable <your-key>

To check the status of the service, run:

sudo canonical-livepatch status --verbose

Later if you want to deregister a machine, use this command:

sudo canonical-livepatch disable <your-key>

The same instructions apply for Ubuntu 20.04 and Ubuntu 18.04.

 

KernelCare

KernelCare is a great option for hosting providers and businesses.

KernelCare runs on Ubuntu, CentOS, Debian, and other popular flavors of Linux. It checks for patch releases every 4 hours and installs them automatically. Patches can be rolled back. KernelCare is free for non-profit organizations.

To install KernelCare run the installation script:

wget -qq -O - https://kernelcare.com/installer | bash

If you are using an IP-based license, nothing else is required to be done. Otherwise, if you are using a key-based license, run the following command to register the service:

/usr/bin/kcarectl --register <your-key>

Where <your-key> is the registration keycode string provided when you sign up for the trial or purchase the product. You can get it on this page .

Below are some useful KernelCare commands:

  • To check if the running kerne is supported by KernelCare:

    curl -s -L https://kernelcare.com/checker | python
  • To deregister a server:

    sudo kcarectl --unregister
  • To check the status of the service:

    sudo kcarectl --info
  • The software will automatically check for new patches every 4 hours. To update manually, run:

    /usr/bin/kcarectl --update

 

Conclusion

The Live Patching technology allows you to apply patches to the Linux Kernel without rebooting.