How to Avoid Server Reboots with Ubuntu Livepatch

If you are the admin of your server then you will face a problem that is faced by every admin out there. The problem is about rebooting an online server. 

But you might think that why I am calling this a problem?

Because whenever you try to reboot the operating system the system shows an important active service that you can’t interrupt.

Everything is going fine and steady after an apt-get upgrade, so what is the need of re-boot?

Well, that is what we are going to discuss in this topic. But not only that. Today we will be focusing on how to avoid server reboots with an Ubuntu Livepatch.

I know that your head is bursting and you can not hold any more questions. Relax and read the whole blog, I will clear all your doubts. Let’s start with the first question.

Why do you need to reboot an operating system?  

Rebooting an operating system is important and necessary. And if you control the administration of your server then you can relate to this point. Even if you constantly upgrade your system with an apt-get upgrade command still things are not always as they seem.

That is why despite everything you have to reboot your operating system once in a while. Let me explain the concept by an example.

Suppose at some point in time the core of the system that is the kernel part becomes vulnerable and is patched and pushed to your server as a new package. Then you will need to install the patched kernel. But the thing is, after the installation, some new files are written on the disk.

But since the old kernel was loaded in RAM memory, therefore some parts of the old kernel still remains in the system. And this means that your server is still vulnerable to the previous security holes. Therefore, as per to remove all the previous versions of the kernel you need to reboot your system.

Sometimes I feel that the fact that every problem has a solution is so true. And now the fact can be said as modern problems have modern solutions. Ubuntu Livepatch is a savior for this rebooting problem. An Ubuntu Livepatch will help you to update all the kernel security patches and close all the security holes without restarting the operating system.

So how will you set up a Livepatch on Ubuntu?

Live Patching available for both enterprise and the Ubuntu community members. And now you know why Live Patching is necessary for you if you are thinking about rebooting your server operating system. 

But before you start live patching make sure that you are using the following entries in the /etc/apt/sources.list:

$ cat /etc/apt/sources.list

deb http://archive.ubuntu.com/ubuntu xenial main restricted universe multiverse

deb http://archive.ubuntu.com/ubuntu xenial-updates main restricted universe multiverse

deb http://security.ubuntu.com/ubuntu xenial-security main restricted universe multiverse

Next, make sure that your system server is updated using the apt-get upgrade command.

$ sudo apt update

$ sudo apt upgrade

Live Patching an Ubuntu is a step by step process. So let’s move according to that.  

Step 1: Generate a Live Patch Key

To get started with your live patching process first, you need to log in to the Ubuntu Website and create your Ubuntu One account.

From there you can generate a key. 

Step 2: Enable Live Patching

Step 3: View Status

Install Snap Daemon (if necessary)

Sometimes there are cases where some particular command might fail to perform and you might get an error code message as  -bash: /usr/bin/snap: No such file or directory. 

The above message indicates that your service provider is working on an Ubuntu operating system that does not include a snap daemon service and sometimes Snap Daemon matters a lot. 

In this case, you have to install the Snap Daemon patch. Install it with

sudo apt update && sudo apt install snapd

Keep updated from your side

Though Live Patch will install all the new necessary security updates, still you need to keep your server and the rest of system updated with a command like,

sudo apt update && sudo apt upgrade

While updating your systems some important packages might ask for a restart as per to apply the latest security fixes. But these reboots are graceful and they don’t disrupt any ongoing process.

You can also do manual reboots to make sure that all the new patched codes are reloaded and applied to your system. Otherwise, there may remain some old files that will run with your server functions despite an upgrade. 

Conclusion 

From the above blog, we can now finally say that rebooting an active sever was difficult before but now Ubuntu Live patch has made it simple as you can reboot your server operating system anytime without interrupting the active procedure.

I hope that this blog has helped those admins who were looking for a solution to this problem (which we have just discussed). So follow the steps mentioned above and keep your server updated.