Canonical Livepatch On-Prem

  • By Commercial Systems
Channel Revision Published Runs on
latest/stable 51 22 Feb 2024
Ubuntu 22.04 Ubuntu 20.04 Ubuntu 18.04 Ubuntu 16.04
latest/candidate 51 22 Feb 2024
Ubuntu 22.04 Ubuntu 20.04 Ubuntu 18.04 Ubuntu 16.04
latest/edge 51 22 Feb 2024
Ubuntu 22.04 Ubuntu 20.04 Ubuntu 18.04 Ubuntu 16.04
ops1.x/edge 49 27 Nov 2023
Ubuntu 22.04 Ubuntu 20.04
juju deploy canonical-livepatch-server
Show information

Platform:

Ubuntu
22.04 20.04 18.04 16.04

  • auth_basic_users | string

    Comma-separated list of <user>:<bcrypt password hash> pairs.

  • auth_lp_teams | string

    Comma-separated list of launchpad teams allowed admin access. This is used with SSO authentication.

  • auth_sso_location | string

    Default: login.ubuntu.com

    Location of the sso service.

  • auth_sso_public_key | string

    Public key of the sso service.

  • burst_limit | int

    Default: 500

    Maximum number of concurrently incoming requests. The amount of request |concurrency_limit - burst_limit| will be queued.

  • concurrency_limit | int

    Default: 50

    Maximum number of API requests being served concurrently.

  • dbconn_max | int

    Default: 15

    Maximum number of database connections in the pool. Should be adjusted according to the postgres config and the number of units running.

  • dbconn_max_lifetime | string

    Default: 30m

    Maximum lifetime of a database connection.

  • filestore_path | string

    Default: /livepatch/

    If using the file-backed storage instead of object storage, set this to the patch storage folder.

  • http_proxy | string

    HTTP proxy that livepatch server should use.

  • https_proxy | string

    HTTPS proxy that livepatch server should use.

  • log_level | string

    Default: warn

    Logging level. Accepts 'debug', 'info', 'warn', 'error'.

  • nagios_context | string

    Default: juju

    Used by the nrpe subordinate charms. A string that will be prepended to instance name to set the host name in nagios. So for instance the hostname would be something like: juju-myservice-0 If you're running multiple environments with the same services in them this allows you to differentiate between them.

  • nagios_servicegroups | string

    A comma-separated list of nagios servicegroups. If left empty, the nagios_context will be used as the servicegroup

  • no_proxy | string

    Comma-separated list of domain names not to be proxied.

  • patch_cache_on | boolean

    Is the patch cache enabled?

  • patch_cache_size | int

    Default: 128

    Size of patch lookup cache.

  • patch_cache_ttl | string

    Default: 1h

    Lifetime of cached patch lookup results.

  • patch_sync_enabled | boolean

    Default: True

    Determines if this instance of Livepatch Server should sync patches from another instance.

  • patchstore | string

    Default: file

    Type of patchstore. Supported values: file, swift, s3 and postgres.

  • port | int

    Default: 80

    TCP port the livepatch server will be listening on.

  • psql_dbname | string

    Default: livepatch

    Name of the postgresql database to connect to. Should be set to the name of the database used by the existing livepatch server.

  • psql_roles | string

    Comma separated list of roles to be granted to the db user. Use this to gain access to the existing livepatch db.

  • report_cleanup_interval | string

    Default: 6h

    Time between report cleanup runs.

  • report_cleanup_row_limit | int

    Default: 1000

    Maximum number of rows to remove with a single report cleanup row.

  • report_retention | int

    Default: 90

    Number of days to retain machine reports for.

  • s3_access_key_id | string

    Access key id for s3-like patch storage provider.

  • s3_bucket | string

    Bucket name for s3-like patch storage provider.

  • s3_endpoint | string

    Endpoint URL for s3-like patch storage provider.

  • s3_region | string

    Region name for s3-like patch storage provider.

  • s3_secret_key | string

    Secret key for s3-like patch storage provider.

  • s3_secure | boolean

    Default: True

    Should TLS be used for s3-like patch storage provider.

  • swift_apikey | string

    Swift apikey.

  • swift_auth_url | string

    Swift auth URL (i.e. keystone, normally ends in /v2.0 ).

  • swift_container_name | string

    Name of the container in Swift that contains livepatch files.

  • swift_domain_name | string

    Swift domain name.

  • swift_region_name | string

    Swift region name.

  • swift_tenant_name | string

    Swift tenant.

  • swift_username | string

    Swift username.

  • sync_architectures | string

    Comma-separated list of architectures to download patches for. When no value is present, all are synced.

  • sync_flavors | string

    Default: generic,lowlatency,aws

    Comma-separated list of kernel flavors to download patches for.

  • sync_interval | string

    Default: 1h

    Period between automatic patch snapshot downloads.

  • sync_minimum_kernel_version | string

    A minimum kernel version of format "0.0.0" denoting the lowest kernel version to download patches for. When no value is present, all are synced. For example, "5.4.0" will sync "5.4.0" and up.

  • sync_send_machine_reports | boolean

    Enable sending reports from local machines during patch synchronization.

  • sync_token | string

    Patch snapshot synchronization token.

  • sync_upstream | string

    Default: https://livepatch.canonical.com

    Livepatch server to download patch snapshots from.

  • url_template | string

    Template string to use when making URLs for giving back to the client. e.g. https://livepatch-hosting.com/v1/patches/{filename} This will need to be configured once the url or ip address of the service is known.