How can I upgrade my server's kernel without rebooting?

kernel updates canonical-livepatch

This is a loaded question because I'm already aware of, and am very interested in ksplice. The problem is that since they were bought by Oracle, they have been forced to pull numerous server distributions from the offerings. The answer isn't as simple as it once was.

I noticed a question on Unix.SE that states:

You can build your own ksplice patches to dynamically load into your own kernel

Great! But how?!

I've installed the free ksplice package in the repo on my desktop (not ksplice-uptrack which is non-free) and now want to generate and apply updates. What's the process? Are there any scripts out there to automate the process?

Moreover, if all the machinery required for rebootless upgrades is sitting there in the kernel (and ksplice package), why on earth aren't we taking advantage of it by default?

Quite recently kGraft was announced. It seems to be roughly the same result so if you have an answer that involves it, I'd be just as happy with that. It's currently a few months from being released though.

Note 1: I am happy for a solution beside ksplice but it has to deliver the same thing: rolling updates to the kernel that can be applied without rebooting the server.

Note 2: I'll say it again; the main ksplice "service" does not support Ubuntu Server. It used to but it doesn't any more. When I talk about wanting to use ksplice, I'm talking about the open source tools in the ksplice package. Any answer that talks about ksplice-uptrack is probably not what I'm after as this is the part that integrates directly with aforementioned "service".


Solution 1:

All the other answers here are great, but for Ubuntu specifically, Canonical now delivers this service on 16.04.

  • http://blog.dustinkirkland.com/2016/10/canonical-livepatch.html
  • https://www.ubuntu.com/server/livepatch

This uses the live patching technology in the upstream Linux kernel since 4.0 was released.

Solution 2:

I don't know much about ksplice but thought I'd mention it - have you heard about kexec? This might be what you need.

Regarding the question why haven't we adopted this as a default mechanism? Well, overwriting the memory of the current kernel while it's still running can cause potential issues. It also expects hardware devices to be in a well-defined state which isn't always possible.

You can take a look at the IBM developer works article about it to decide if it suits your needs.

Solution 3:

ksplice will allow kernel swap without needing reboot. Uptrack works within ksplice and has a editable config file in /etc/uptrack/uptrack.conf

Solution 4:

There are a couple fully open-source alternatives to Ksplice that have both been submitted for inclusion in the mainline Linux kernel. It's too early to tell which will end up in the kernel, but you can still try them out if you're brave enough:

  • kGraft, which you mentioned already. One of Ubuntu's kernel engineers has a blog post where he tried it out: using kgraft with ubuntu
  • kpatch, currently in development by Red Hat. Its github site has some instructions for trying it out on Ubuntu: https://github.com/dynup/kpatch#ubuntu-1404

You can read more about both of them here: SUSE Posts kGraft, Red Hat Posts Kpatch Patches

Solution 5:

The Arch Linux wiki had instructions: https://wiki.archlinux.org/index.php/ksplice

The only part that seems to be distro specific is how to install ksplice itself. Since you've already figured that out it seems, I think this should get you on your way.

Related

Blank screen after suspend/hibernate on 14.04
Explicit pictures show when searching "gedit" in Ubuntu Dash
mainline kernel now depends on libc6 2.33, non-installable in focal?
How do I arrange my windows automatically?
What filesystem for an external Harddrive (Linux/Mac/Windows) [closed]
How to permanently set environmental variables PATH and M2_HOME in ubuntu for maven3?
Connecting to Ubuntu server via SSH externally
How do I connect to multiple wifi networks?
rkhunter warning about /etc/.java /etc/.udev /etc/.initramfs
Why was aptitude removed in favor of apt-get?
How to speed up search for locally installed applications in Ubuntu 13.10's Unity Dash?
Is there a derivative that uses a Rolling Release model?