Here’s the second part in our “Getting Started With Ubuntu” blog series.
Click here to read the first part, which focuses on SSH, and take a look at part three (“Enhancing Security”) here.
Uptime is important. Not only for bragging rights, of course (higher uptime means a more stable server), but for practical reasons as well. For instance, a high uptime typically indicates that you’ve made services reliably available for your users/website visitors/etc., or perhaps your company has a certain SLA with uptime calculated into it.
GNU/Linux (and other *nix operating systems) typically tend to excel in this- they release patches/updates frequently and rarely ever need a full reboot. However, there’s still the problem of upgrading the kernel (the kernel is the most important software of any OS- it handles the communication of regular software, or “userland/userspace”, and the hardware itself- be it physical or virtual). Every time you upgrade your kernel, you need to reboot the server to use the new kernel, right?
Wrong. Enter Ksplice Uptrack, stage right.
Ksplice Uptrack (commonly referred to as just Ksplice) is a mechanism for enacting kernel patches (notably security patches) on a live system without the need for a reboot.
When ordering your VPS, select the desired Ubuntu version (if you wish to “start fresh” from an existing VPS, backup your files locally and select “Rebuild Virtual Machine” in Cloud Command and select the version of Ubuntu you want). It’s recommended that you go with version 12.04LTS (“Precise Pangolin”) or newer. Once provisioned and you have received the welcome email with your VPS’ IP and root password, log in via SSH.
It’s good practice to apply any available updates regularly, so let’s do that now:
If you get a prompt about changed configuration files, it’s usually sane enough to accept the default option.
To download and install Ksplice, go to their Ubuntu download page and find the version of Ubuntu you’re using. For the sake of example, in this article we are using Ubuntu 12.04 (“Precise Pangolin”). Right-click the button for your version and copy the URL for the shortcut (i.e. “Copy Link Location” in Firefox). For currently supported versions, it will most likely be https://www.ksplice.com/uptrack/dist/precise/ksplice-uptrack.deb.
In your server’s shell (the command-line interface), issue the following:
mkdir -p ~/debs
(replace the URL with the one you copied above if it differs)
dpkg -i ksplice-uptrack.deb
You’ll notice a large screen pop up with a lot of text. This is the Subscription Agreement (think of it sort of like a EULA, or End-User License Agreement- that thing most people click “OK/Agree” on without reading). Be sure to read it! It gives important legal information. To progress through the document, hit the “down” cursor key (one line at a time) or the Page Down key (scroll down a page at a time). When you’ve reached the bottom, hit the Tab key so that <Ok> is highlighted and press Enter.
You’ll then be presented with the choice to agree to the Ksplice agreement. Using tab and enter, select <Yes>.
You’ll then be returned to the shell. But wait!
Errors were encountered while processing: ksplice-uptrack
This is normal; it simply means we need to install some further dependencies before Ksplice can finish installing. To do this, run:
apt-get -fy install
Next we simply apply the Ksplice Uptrack kernel:
uptrack-show – Show the patches that have been applied to your kernel.
uptrack-show –available – Show patches that are available to be installed.
uptrack-remove – Remove a patch from your active kernel.
uptrack-uname -a – Display the active kernel version. Note that Ksplice does not alter the normal uname output, so this is necessary to determine what “actual” kernel version you are running.
uptrack-upgrade – Display (and, if the -y flag is given, install) available updates to your kernel.
We’ll also want to enable new updates installing automatically. This can be done without needing to open an editor (such as vim) via:
sed -i -e ‘s/^\(autoinstall\ =\ \).*$/\1yes/g’ /etc/uptrack/uptrack.conf
And there you have it! Your server is now able to install kernel updates automatically, and without needing to reboot.
Existing Customers get 50% off 1st hosting invoice
w/ Coupon OJ2013
Good for all new hosting plans & upgrades.