canonical livepatch server #25

Supports: xenial bionic focal

Description

Livepatch server is an on-premises server distributing kernel patches to livepatch clients.


Nagios Layer for Juju Reactive Charms

This layer provides the standard boilerplate to relate your charm to the nrpe subordinate (https://jujucharms.com/nrpe).

To use, reference this layer in your layer.yaml file. Add custom nagios checks using the interface provided by the nrpe-external-master interface (https://github.com/cmars/nrpe-external-master-interface) or charm-helpers (http://pythonhosted.org/charmhelpers/).

Future

This layer may provide helpers to make maintaining nagios checks easier.

Contact


Configuration

auth_basic_users
(string) Comma-separated list of <user>:<bcrypt password hash> pairs.
auth_lp_teams
(string) Comma-separated list of launchpad teams allowed admin access. This is used with SSO authentication.
auth_sso_location
(string) Location of the sso service.
login.ubuntu.com
auth_sso_public_key
(string) Public key of the sso service.
burst_limit
(int) Maximum number of concurrently incoming requests. The amount of request |concurrency_limit - burst_limit| will be queued.
500
concurrency_limit
(int) Maximum number of API requests being served concurrently.
50
dbconn_max
(int) Maximum number of database connections in the pool. Should be adjusted according to the postgres config and the number of units running.
15
dbconn_max_lifetime
(string) Maximum lifetime of a database connection.
30m
filestore_path
(string) If using the file-backed storage instead of object storage, set this to the patch storage folder.
/livepatch/
log_level
(string) Logging level. Accepts 'debug', 'info', 'warn', 'error'.
warn
nagios_context
(string) Used by the nrpe subordinate charms. A string that will be prepended to instance name to set the host name in nagios. So for instance the hostname would be something like: juju-myservice-0 If you're running multiple environments with the same services in them this allows you to differentiate between them.
juju
nagios_servicegroups
(string) A comma-separated list of nagios servicegroups. If left empty, the nagios_context will be used as the servicegroup
patch_cache_on
(boolean) Is the patch cache enabled?
patch_cache_size
(int) Size of patch lookup cache.
128
patch_cache_ttl
(string) Lifetime of cached patch lookup results.
1h
patchstore
(string) Type of patchstore. Supported values: file, swift, s3 and postgres.
file
port
(int) TCP port the livepatch server will be listening on.
80
psql_dbname
(string) Name of the postgresql database to connect to. Should be set to the name of the database used by the existing livepatch server.
livepatch
psql_roles
(string) Comma separated list of roles to be granted to the db user. Use this to gain access to the existing livepatch db.
report_cleanup_interval
(string) Time between report cleanup runs.
6h
report_cleanup_row_limit
(int) Maximum number of rows to remove with a single report cleanup row.
1000
report_retention
(int) Number of days to retain machine reports for.
90
s3_access_key_id
(string) Access key id for s3-like patch storage provider.
s3_bucket
(string) Bucket name for s3-like patch storage provider.
s3_endpoint
(string) Endpoint URL for s3-like patch storage provider.
s3_region
(string) Region name for s3-like patch storage provider.
s3_secret_key
(string) Secret key for s3-like patch storage provider.
s3_secure
(boolean) Should TLS be used for s3-like patch storage provider.
True
swift_apikey
(string) Swift apikey.
swift_auth_url
(string) Swift auth URL (i.e. keystone, normally ends in /v2.0 ).
swift_container_name
(string) Name of the container in Swift that contains livepatch files.
swift_domain_name
(string) Swift domain name.
swift_region_name
(string) Swift region name.
swift_tenant_name
(string) Swift tenant.
swift_username
(string) Swift username.
sync_flavors
(string) Comma-separated list of kernel flavors to download patches for.
generic,lowlatency,aws
sync_interval
(string) Period between automatic patch snapshot downloads.
24h
sync_send_machine_reports
(boolean) Enable sending reports from local machines during patch synchronization.
sync_token
(string) Patch snapshot synchronization token.
sync_upstream
(string) Livepatch server to download patch snapshots from.
https://livepatch.canonical.com
url_template
(string) Template string to use when making URLs for giving back to the client. e.g. https://livepatch-hosting.com/v1/patches/{filename} This will need to be configured once the url or ip address of the service is known.