Reduce downtime and unplanned work
Livepatch eliminates the need for unplanned maintenance windows for high and critical severity kernel vulnerabilities by patching the Linux kernel while the system runs. Reduce fire drills while keeping uninterrupted service with the Ubuntu Livepatch service for up to 10 years.
Read the GMO Pepabo case study ›
Livepatch is a perfect fit for our needs. There’s no other solution like it, and it’s highly cost-effective. Manually migrating virtual machines, applying kernel updates, and rebooting took an average of 32 hours per server. Multiplied by 80 servers, that was more than 2,500 hours of work.Shinya Tsunematsu, Senior Engineering Lead of Tech Division, GMO Pepabo
Spend less time on unplanned work
According to a study of Dimensional research 64% of IT professionals spend more than 100 hours per year on unplanned work. That’s work that eliminates focus and distracts from one’s goals and business objectives. With 40% of high and critical severity vulnerabilities affecting the Linux kernel, the number of interruptions can be significant. Livepatch reduces the unplanned work that comes from Linux kernel vulnerabilities, making you more effective when managing Ubuntu systems.
Downtime is one of the major pains of every service provider. That is however unavoidable when deploying vulnerability fixes on the Linux kernel the traditional way. That’s because the updated system needs to be rebooted to apply the changes irrespective of your deployment strategy (Kubernetes, OpenStack or bare-metal). Industry leaders achieve high uptime by livepatching and scheduled maintenance.
Follow organisational policy
Livepatch on-prem allows you to define your rollout policy and remain in full control of which machines will get updated and when, as well as provide updates to isolated network environments. To keep your machines up-to-date, the Livepatch on-prem server regularly syncs with Ubuntu Livepatch service and obtains the latest patches. It then applies the policy for releasing patches gradually in as many stages as needed.
Kernel livepatching at a glance
When a high or critical Linux kernel vulnerability is detected a livepatch along with a Livepatch Security Notice are issued. Systems that enable the livepatch client will receive and apply the patch, after it is made available. The livepatch will provide new kernel code replacing the vulnerable one, and will update the rest of the kernel to use the new code.
Livepatch on-prem overview
Livepatch on-prem is designed for complex Enterprise environments that follow their own rollout policy and remain in control of which machines will get updated and when. Livepatch on-prem regularly syncs with the Ubuntu Livepatch service and obtains the latest patches. It then deploys the livepatches gradually in as many stages as required.Read more
Livepatch is used by
How to enable the Ubuntu Livepatch Service
Attach your subscription
sudo ua attach [TOKEN]
Enable Livepatch on your system
sudo ua enable livepatch
Learn more about Livepatch
- Detailed product overview
- System requirements
- Answers to frequently asked questions
Livepatch is like a dream come true, both from a technical and a business standpoint. Our Ubuntu systems now rarely, or never, have to be rebooted. Service is continuous. That makes a big difference for user and customer satisfaction and loyalty.Masaaki Hirose, IT Platform Department, DeNA
Get started with Livepatch today
Livepatch is free to use on your own PC or server. To discuss whether Livepatch is right for your business, talk to our team.