Instance with Canonical Livepatch Service requires restart

I'm by no means a sysadmin, so maybe this is a simple oversight. Isn't the whole point of the Livepatch Service to prevent mission-critical servers from having to restart after a kernel update?

Livepatch on the Google Cloud Compute Server in question has been installed since October 18th. Immediately before installing the livepatch service, I performed one last restart.

This is what I'm currently presented with upon login:

login as: ubuntu
Authenticating with public key "key" from agent
Welcome to Ubuntu 16.04.1 LTS (GNU/Linux 4.4.0-45-generic x86_64)

 * Documentation:  https://help.ubuntu.com
 * Management:     https://landscape.canonical.com
 * Support:        https://ubuntu.com/advantage

Get cloud support with Ubuntu Advantage Cloud Guest:
  http://www.ubuntu.com/business/services/cloud

1 package can be updated.
0 updates are security updates.

*** System restart required ***
Last login: Tue Nov  1 09:57:46 2016 from X.X.X.X

If I check the status of the livepatch service, everything looks fine:

ubuntu@server:~$ canonical-livepatch status
kernel: 4.4.0-45.66-generic
fully-patched: true
version: ""

Anything else I need to be doing to prevent these required restarts? Are there other packages that would need a full restart? All packages are managed through Ubuntu's own package manager.


Here you can find a lengthy FAQ about ubuntu live patch: http://blog.dustinkirkland.com/2016/10/canonical-livepatch.html I copied the questions which are of interest for you:

Q: What kinds of updates will be provided by the Canonical Livepatch Service?

A: The Canonical Livepatch Service is intended to address high and critical severity Linux kernel security vulnerabilities, as identified by Ubuntu Security Notices and the CVE database. Note that there are some limitations to the kernel livepatch technology -- some Linux kernel code paths cannot be safely patched while running. We will do our best to supply Canonical Livepatches for high and critical vulnerabilities in a timely fashion whenever possible. There may be occasions when the traditional kernel upgrade and reboot might still be necessary. We’ll communicate that clearly through the usual mechanisms -- USNs, Landscape, Desktop Notifications, Byobu, /etc/motd, etc.

Q: What about non-security bug fixes, stability, performance, or hardware enablement updates?

A: Canonical will continue to provide Linux kernel updates addressing bugs, stability issues, performance problems, and hardware compatibility on our usual cadence -- about every 3 weeks. These updates can be easily applied using ‘sudo apt update; sudo apt upgrade -y’, using the Desktop “Software Updates” application, or Landscape systems management. These standard (non-security) updates will still require a reboot, as they always have.