The Livepatch K8s charm is the easiest and the recommended way to deploy the Livepatch server on K8s. This charm configures and runs the Livepatch server, which serves Livepatch-es and metadata attached to them to the clients. Canonical Livepatch patches high and critical linux kernel vulnerabilities, removing the immediate need to reboot to upgrade the kernel, instead allowing the downtime to be scheduled. It is a part of the Ubuntu Pro offering.
k8s/stable channel of the bundle made for this purpose. For more detailed steps on using the bundle, please see the tutorials on the Livepatch website.
The Livepatch server may be deployed using the Juju command line as follows:
juju deploy canonical-livepatch-server-k8sLivepatch server requires integration with a PostgreSQL charm via the database endpoint. As an example, users can deploy a PostgreSQL database and integrate it with Livepatch as follows:
juju deploy postgresql
juju integrate canonical-livepatch-server-k8s:database postgresql:databaseThere is also an endpoint, named database-legacy, which can be used with PostgreSQL charm's legacy endpoint, db . But it is strongly recommended that users integrate with the database endpoint mentioned earlier.
Livepatch provides an endpoint, named ingress, which can be integrated with ingress resources in K8s clusters, like Traefik. As an example, users can integrate other applications with this endpoint by using Juju as follows:
juju integrate canonical-livepatch-server-k8s:ingress traefik-k8s:ingressLivepatch can be optionally integrated with Loki via the log-proxy endpoint. Users can integrate other applications with this endpoint by using Juju as follows:
juju integrate canonical-livepatch-server-k8s:log-proxy loki-k8s:loggingLivepatch provides observability dashboards on Grafana. For this purpose, there is an endpoint, named grafana-dashboard, which implements the grafana_dashboard interface and can be integrated with Grafana. Users can integrate other applications with this endpoint by using Juju as follows:
juju integrate canonical-livepatch-server-k8s:grafana-dashboard grafana-k8s:grafana-dashboardUsers can integrate Livepatch server with Prometheus to have it scrape the metrics. For this purpose, there is an endpoint, named metrics-endpoint, which implements the prometheus_scrape interface and can be integrated with Prometheus. Users can integrate other applications with this endpoint by using Juju as follows:
juju integrate canonical-livepatch-server-k8s:metrics-endpoint prometheus-k8s:metrics-endpointThis charm uses the following OCI images:
| Image | Purpose |
|---|---|
livepatch-server:latest |
HTTP server |
livepatch-schema-tool:latest |
Database migration tool |
For more detailed instructions on deploying Livepatch server, please see the documentation for this service, available on the Livepatch website.
Please see the Juju SDK documentation for more information about developing and improving charms and Contributing for developer guidance.
The Livepatch K8s charm is free software, distributed under the Apache Software License, version 2.0. See License for more details.