How to configure livepatch on-prem patch storage
Livepatch server supports several different drivers for storing patch files downloaded from livepatch.canonical.com:
- Local filesystem
- Swift
- S3 (and compatible implementations, e.g. minio)
- Postgresql
The filesystem patch store is easiest to deploy and suits most configurations. However, if there is a need to scale out the livepatch server such as have multiple livepatch servers running to handle the load, the filesystem patch store should not be used.
In case there is a need to scale out livepatch on-prem, use the s3, postgresql or swift patch stores. Any patch store should have enough space for storing livepatches - currently at least 45GB for all patches, see this guide to filter patches sent to your on-prem instance to specific kernel variants/architectures and lower this requirement.
Swift patch store
To use the swift patch store, set the ‘patchstore’ charmed operator config key to ‘swift’ for the livepatch application.
Additionally, set these charmed operator configuration options:
- swift_apikey
- swift_auth_url
- swift_container_name
- swift_domain_name
- swift_region_name
- swift_tenant_name
- swift_username
S3 patch store
The S3 patch store supports services compatible with the S3 API, such as AWS S3 and minio.
To use the s3 patch store, set the ‘patchstore’ charmed operator config key to ‘s3’ for the livepatch application.
Additionally, set these charmed operator configuration options:
- s3_access_key_id
- s3_bucket
- s3_endpoint
- s3_region
- s3_secret_key
- s3_secure
Postgresql patch store
To use the postgresql patch store, set the ‘patchstore’ charmed operator config key to ‘postgres’ for the livepatch application. No further configuration is required as the livepatch server will use the attached postgresql database.