Your submission was sent successfully! Close

You have successfully unsubscribed! Close

Livepatch server administration tool

To perform operations such as promoting patches to tiers and issuing tokens for machines to attach to the livepatch server, an administration tool is provided as a snap:

$ sudo snap install canonical-livepatch-server-admin

For ease of use, it’s recommended to alias the admin command:

$ sudo snap alias canonical-livepatch-server-admin.livepatch-admin livepatch-admin

Authentication

There are two ways for the livepatch administration tool to authenticate with the livepatch server:

  • Ubuntu SSO
  • Username/password

Password authentication

To configure password authentication, username/password hash pairs will need to be generated using the htpasswd tool available in the apache2-utils package:

$ htpasswd -bnBC 10 <username> <password>
username:$2y$10$74ZpDgHaxnUQo.AJZk1cMuSRfef5oK5xq5o/GLbUH/Bbw6W2bmctm

Multiple such pairs can be provided as a comma-separated list:

$ juju config livepatch auth_basic_users="<user1>:<password1,<user2>:<password2>"

When logging in with the client, the username and password will need to be provided:

$ export LIVEPATCH_URL={haproxy url}

$ livepatch-admin login --auth <username>:<password>

Ubuntu SSO authentication

Ubuntu SSO authentication utilizes membership in public launchpad groups to gate access. The launchpad groups that will have administrator privileges are specified using charmed operator configuration:

$ juju config livepatch auth_lp_teams='https://launchpad.net/~<team>'

Multiple teams can be specified as a comma-separated list.

When logging in, user interaction will be necessary:

$ export LIVEPATCH_URL={haproxy url}

$ livepatch-admin login

To login please visit http://127.0.0.1:44035

Last updated 1 year, 9 months ago. Help improve this document in the forum.