Canonical Livepatch On-Prem
- By Commercial Systems
Channel | Revision | Published | Runs on |
---|---|---|---|
latest/stable | 51 | 22 Feb 2024 | |
latest/candidate | 51 | 22 Feb 2024 | |
latest/edge | 51 | 22 Feb 2024 | |
ops1.x/edge | 49 | 27 Nov 2023 |
juju deploy canonical-livepatch-server
Deploy universal operators easily with Juju, the Universal Operator Lifecycle Manager.
Platform:
-
auth_basic_users | string
Comma-separated list of <user>:<bcrypt password hash> pairs.
-
auth_lp_teams | string
Comma-separated list of launchpad teams allowed admin access. This is used with SSO authentication.
-
auth_sso_location | string
Default: login.ubuntu.com
Location of the sso service.
-
auth_sso_public_key | string
Public key of the sso service.
-
burst_limit | int
Default: 500
Maximum number of concurrently incoming requests. The amount of request |concurrency_limit - burst_limit| will be queued.
-
concurrency_limit | int
Default: 50
Maximum number of API requests being served concurrently.
-
dbconn_max | int
Default: 15
Maximum number of database connections in the pool. Should be adjusted according to the postgres config and the number of units running.
-
dbconn_max_lifetime | string
Default: 30m
Maximum lifetime of a database connection.
-
filestore_path | string
Default: /livepatch/
If using the file-backed storage instead of object storage, set this to the patch storage folder.
-
http_proxy | string
HTTP proxy that livepatch server should use.
-
https_proxy | string
HTTPS proxy that livepatch server should use.
-
log_level | string
Default: warn
Logging level. Accepts 'debug', 'info', 'warn', 'error'.
-
nagios_context | string
Default: juju
Used by the nrpe subordinate charms. A string that will be prepended to instance name to set the host name in nagios. So for instance the hostname would be something like: juju-myservice-0 If you're running multiple environments with the same services in them this allows you to differentiate between them.
-
nagios_servicegroups | string
A comma-separated list of nagios servicegroups. If left empty, the nagios_context will be used as the servicegroup
-
no_proxy | string
Comma-separated list of domain names not to be proxied.
-
patch_cache_on | boolean
Is the patch cache enabled?
-
patch_cache_size | int
Default: 128
Size of patch lookup cache.
-
patch_cache_ttl | string
Default: 1h
Lifetime of cached patch lookup results.
-
patch_sync_enabled | boolean
Default: True
Determines if this instance of Livepatch Server should sync patches from another instance.
-
patchstore | string
Default: file
Type of patchstore. Supported values: file, swift, s3 and postgres.
-
port | int
Default: 80
TCP port the livepatch server will be listening on.
-
psql_dbname | string
Default: livepatch
Name of the postgresql database to connect to. Should be set to the name of the database used by the existing livepatch server.
-
psql_roles | string
Comma separated list of roles to be granted to the db user. Use this to gain access to the existing livepatch db.
-
report_cleanup_interval | string
Default: 6h
Time between report cleanup runs.
-
report_cleanup_row_limit | int
Default: 1000
Maximum number of rows to remove with a single report cleanup row.
-
report_retention | int
Default: 90
Number of days to retain machine reports for.
-
s3_access_key_id | string
Access key id for s3-like patch storage provider.
-
s3_bucket | string
Bucket name for s3-like patch storage provider.
-
s3_endpoint | string
Endpoint URL for s3-like patch storage provider.
-
s3_region | string
Region name for s3-like patch storage provider.
-
s3_secret_key | string
Secret key for s3-like patch storage provider.
-
s3_secure | boolean
Default: True
Should TLS be used for s3-like patch storage provider.
-
swift_apikey | string
Swift apikey.
-
swift_auth_url | string
Swift auth URL (i.e. keystone, normally ends in /v2.0 ).
-
swift_container_name | string
Name of the container in Swift that contains livepatch files.
-
swift_domain_name | string
Swift domain name.
-
swift_region_name | string
Swift region name.
-
swift_tenant_name | string
Swift tenant.
-
swift_username | string
Swift username.
-
sync_architectures | string
Comma-separated list of architectures to download patches for. When no value is present, all are synced.
-
sync_flavors | string
Default: generic,lowlatency,aws
Comma-separated list of kernel flavors to download patches for.
-
sync_interval | string
Default: 1h
Period between automatic patch snapshot downloads.
-
sync_minimum_kernel_version | string
A minimum kernel version of format "0.0.0" denoting the lowest kernel version to download patches for. When no value is present, all are synced. For example, "5.4.0" will sync "5.4.0" and up.
-
sync_send_machine_reports | boolean
Enable sending reports from local machines during patch synchronization.
-
sync_token | string
Patch snapshot synchronization token.
-
sync_upstream | string
Default: https://livepatch.canonical.com
Livepatch server to download patch snapshots from.
-
url_template | string
Template string to use when making URLs for giving back to the client. e.g. https://livepatch-hosting.com/v1/patches/{filename} This will need to be configured once the url or ip address of the service is known.