Frequently Asked Questions Ksplice: Zero Downtime Updates for Oracle Linux
Introduction A: Ksplice Uptrack supports Oracle Linux as a feature of Oracle Linux Premier Support. Ksplice also supports a Ksplice, available as part of Oracle Linux Premier 30-day trial for Red Hat Enterprise Linux. At the end of Support subscription, updates the Linux operating that period, RHEL customers must become Oracle Linux Premier Support customers and use an Oracle Linux system (OS) kernel and key user space libraries while kernel. Take a look at our list of supported kernels for the OS is running without a reboot or any interruption. more details. Note that a reboot is not required to make Only Oracle Linux offers this unique capability, making it this change. possible for you to keep up with important Linux Ksplice also supports the Linux community by providing kernel updates for Ubuntu Desktop and Fedora free of updates without burdening your team with the charge. The currently supported Ubuntu Desktop and operational cost and disruption of rebooting for every Fedora versions supported can be found on the Ksplice Desktop page. update to Linux. If you don’t see the information you need, please feel free to connect with us via Twitter Q: Is CentOS supported? (@OracleLinux), Facebook A: No. Oracle Ksplice does not support CentOS but there are scripts to convert CentOS/RHEL to Oracle Linux (Facebook.com/OracleLinux), or via LinkedIn (Oracle which is then supported under a Premier Support Linux Experts Group). agreement. Q: Do I still neeed to use my Linux distribution’s update manager to install update for my userspace applications? Q: What are the updates that Ksplice delivers? A: For customers with Premier Support on Oracle Linux 6 A: Linux distributions require a reboot about once a month to and Oracle Linux 7, Ksplice will patch critical components stay up to date with important kernel and userspace of running processes and update the packages on disk so security and bugfix updates. Ksplice allows you to apply newly executed processes are also protected these important updates published by your Linux vendor immediately. The remainder of the system should be for the kernel and critical userspace components without updated through yum to apply any fixes. rebooting. For other distributions, Ksplice Uptrack provies security Q: Do I need to reboot to install Ksplice Uptrack? and stability fixes to the running Linux kernel, eliminating A: Ksplice Uptrack works with the unmodified versions of the the need to restart your system to gain the benefits of new kernels we support. Even the initial installation process is versions of Linux. You should continue installing updates completely rebootless so that Ksplice can bring your for your userspace. kernel up to date without any downtime. Q: Should I install new kernel packages if my system has For userspace patching on Oracle Linux 6 and Oracle Ksplice Uptrack? Linux 7, the components that Ksplice patches with zero A: Yes, if you later have to reboot, e.g. for a hardware downtime need to be first upgraded to a Ksplice-aware update, you have the option of booting into the new version and the system restarted. traditionally updated kernel. Q: Which kernels does Ksplice Uptrack support?
O R A C L E F A Q
If you install a new kernel package, your system will run A: We expect to continue to support Ksplice Uptrack for the new kernel the next time you boot your machine. If corrent versions (normal and LTS) of Ubuntu Desktop and you don’t, during the boot process Ksplice Uptrack will Fedora. See our Ksplice Desktop page for the latest automatically install the Ksplice updates you installed versions we currently support as well as instructions for before you shut down your computer, enabling you to stay installing Ksplice Uptracke on your desktop Linux up to date. machine.
Q: Will Ksplice Upgrack work in my company’s virtualized Q: How can I tell what updates are installed on a machine? infrastructure? A: You have a number of ways to see what updates are A: Yes, Ksplice works perfectly in Oracle VM or any other installed. virtualized environment. With the Enhanced Client, run sudo Ksplice all For Oracle VM VirtualBox guests, you must make sure show on the machine to see both kernel and userspace that Enable VT-x/AMD-V is turned on. updates.
Q: Does Ksplice work on a system that has third-party With Uptrack, run sudo uptrack-show. drivers loaded? If you have one of our GUI desktop installations, the A: Yes, Ksplice works fine on systems with third-party drivers installed updates are displayed in the Uptrack Manager loaded. Ksplice cannot provide you with rebootless GUI. updates for your third-party drivers, but Ksplice can keep Visit your web interface. the rest of your kernel completely up to date. Use our API. Q: Do Ksplice updates require a relink of binaries such as the Oracle Database? Q: Can I configure Ksplice Uptrack to install updates automatically? A: No, because Ksplice updates do not change the kernel or system library ABIs, your running system is unaffected. A: Yes, you can enable the autoinstall option in The updates are transparent to both running applications /etc/uptrack/uptrack.conf. See the Uptrack and third-party kernel modules. As a result, they do not User’s Guide for isntructions to enable automatic need to be relinked, recompiled, restared, or otherwise installation of updates. By default, updates will not be made aware of the change. installed automatically.
Q: Does Ksplice Uptrack use cryptography? Please note that enabling autoinstall does not mean the Uptrack client itself is automatically upgraded. You will be A: Yes, all network traffic is encrypted and all updates are notified via e-mail when a new Uptrack client is available. cryptographically signed. It can be upgraded through your package manager. Q: What kinds of information do you collect from my For more details, see the configuration section of the computer? Uptrack User’s Guide. A: To ensure that you get the latest updates that are right for Q: How do I configure Ksplice Uptrack to use my company’s your system, the Ksplice Uptrack software contacts our proxy server? server system with limited information about your computer’s kernel, including the version number of the A: To configure Ksplice Uptrack to use a proxy server, edit Linux kernel that you are running. Ksplice Uptrack also /etc/uptrack/uptrack.conf and set the reports any errors encountered in the operating system https_proxy option to your https proxy. kernel to alert us in case one of our updates causes Show problems. Lastly, so that the Ksplice Uptrack web interface can display which of your systems need # cat /etc/uptrack/uptrack.conf updates, hostname and IP address information is reported … to our server system. [Network] Q: How long will Ksplice Uptrack for Ubuntu Desktop and https_proxy=http://my- Fedora be freely supported? proxy.example.com:80/
2 | [O. FOOTER] ENTER TITLE OF DOCUMENT HERE
O R A C L E F A Q
… Your web interface also summarizes important information # about your machines and will tell you if Ksplice is currently Q: How can I remove updates from my system? working on new updates for your distributions. Q: I manage Uptrack-enabled machines for other people. A: For Oracle Linux running the Ksplice Enhanced Client, all How can they use the service while I still control which userspace and kernel updates can be removed by machines have access? running the following at a command prompt and answering ‘y’ when asked for confirmation: A: You can set access policies for existing individual machines or groups of machines as well as set a default sudo Ksplice all remove –all access policy for new machines. Read more on our On systems using the Uptrack client, you can remove access policies page. Ksplice Uptrack updates from your system using the Q: What happens when I reboot? command line program uptrack-remove. For example, you can remove all Ksplice Uptrack updates from your A: If you boot into the same kernel, by default Ksplice system by typing the following at a command prompt and Uptrack will take care of reinstalling updates upon boot. answering ‘y’ when asked for confirmation: You can toggle the install_on_reboot option in your /etc/uptrack/uptrack.conf to change this sudo uptrack-remove --all behavior. Q: Does Ksplice Uptrack change the output of uname? Show A: Ksplice Uptrack does not change the output of uname. # cat /etc/uptrack/uptrack.conf
Instead, to see what effective kernel a machine is running … use the uptrack-uname utility, which has the same format [Settings] uname uname as and supports the common flags, # Automatically install updates at boot including –r and –a. # time. If this is set, on reboot into the You can also see a machine’s effective kernel on your # same kernel, Uptrack will reinstall the web interface or through our API. # same set of updates that were present Q: How can I monitor my machines? # before the reboot. A: Ksplice has an API with example scripts as well as a Install _on_reboot = no Nagios plug-in for easy integration into your existing … monitoring infrastructure. #
If you boot into a new kernel, Ksplice Uptrack will begin looking for updates for that kernel – the choice is yours!
Oracle Corporation, World Headquarters Worldwide Inquiries 500 Oracle Parkway Phone: +1.650.506.7000 Redwood Shores, CA 94065, USA Fax: +1.650.506.7200
CONNECT WITH US blogs.oracle.com/blogs Copyright © 2017, Oracle and/or its affiliates. All rights reserved. This document is provided for information purposes only, and the contents hereof are subject to change without notice. This document is not warranted to be error-free, nor subject to any other warranties or conditions, whether expressed orally or implied in law, including implied warranties and conditions of merchantability or facebook.com/oracle fitness for a particular purpose. We specifically disclaim any liability with respect to this document, and no contractual obligations are formed either directly or indirectly by this document. This document may not be reproduced or transmitted in any form or by any twitter.com/oracle means, electronic or mechanical, for any purpose, without our prior written permission.
Oracle and Java are registered trademarks of Oracle and/or its affiliates. Other names may be trademarks of their respective owners. oracle.com Intel and Intel Xeon are trademarks or registered trademarks of Intel Corporation. All SPARC trademarks are used under license and are trademarks or registered trademarks of SPARC International, Inc. AMD, Opteron, the AMD logo, and the AMD Opteron logo are 3 | [O. FOOTER] ENTER TITLE OF DOCUMENT HERE trademarks or registered trademarks of Advanced Micro Devices. UNIX is a registered trademark of The Open Group. 0617