打开Ubuntu 16.04的Live Kernel Patching服务

Canonical has announced the availability of a live kernel patch service for the 16.04 LTS release. “It’s the best way to ensure that machines are safe at the kernel level, while guaranteeing uptime, especially for container hosts where a single machine may be running thousands of different workloads.” Up to three systems can be patched for free; the service requires a fee thereafter. There is a long FAQ about the service in this blog post; it appears to be based on the mainline live-patching functionality with some Canonical add-ons.(lwn.net)

今天Canonical宣布针对16.04的Live Kernel Patch(实时内核补丁)服务可用。这项服务是为了方便用户的服务器能够在不重启或者暂停内核工作的情况下对内核进行安全修复。但是要注意的是,这项服务并不是完全免费的,对于开发者来说,您可以在3台服务器上部署该服务,超过了这个数目则需要购买授权,授权服务的费用见此表格
那么如何打开Ubuntu 16.04的Live Kernel Patching服务呢?
1. 获得Auth key,
打开 https://ubuntu.com/livepatch, 获取一串auth key,形如:d3b07384d213edec49eaa6238ad5ff00
2. 安装实时补丁应用程序snapd

sudo snap install canonical-livepatch

3. 启用实时补丁应用程序 snapd

sudo canonical-livepatch enable d3b07384d113edec49eaa6238ad5ff00

4. 查询实时补丁状态

canonical-livepatch status

That’s it! Just enjoy!
screenshot-from-2016-10-18-07-38-12
更多信息请访问 References模块
References:
https://lwn.net/Articles/703942/
http://blog.dustinkirkland.com/2016/10/canonical-livepatch.html

anyShare分享到:

5 条评论

昵称
  1. fffonion

    装完了,现在我的canonical已获得我的底裤权限 🙂

    1. kiritoalex

      噫 😆

  2. 凯哥自媒体

    天天写这个烧脑不

  3. 故事会在线阅读

    顶一下再说呀,, 😉 虽然看不太懂

    1. 雨宫千鹤

      就是给内核打补丁不用重启就可以生效的一个技术。