Oracle Ksplice is now available also for Oracle VM Server dom0.
This very interesting and cool utility, available on Oracle
Linux from years, is now ready and able to work also on Oracle VM Server dom0.
Thanks to Oracle Ksplice we can now install dom0 Kernel security
updates without any need to reboot and, so, without any kind of impact to the
VMs running on top; we perfectly know that on Oracle VM we can also
live-migrate VMs.....but, maybe, applying security updates without migrating
tens or hundreds of VMs is much faster.
On this blog-article you can see a brief overview on
how-to configure and use Ksplice for Oracle VM Server dom0.
To enable Ksplice on Oracle VM Server a “key access” is needed
and, the same, can be obtained on www.ksplice.com
website with your own account.
# uptrack-upgrade -y
By executing commands like “uname” and “uptrack-uname” you can
check the installed kernel release and the effective kernel running
# uname -r
# uptrack-uname -r
Once we completed the installation of kernel security updates by
Ksplice, obviously, without rebooting the Oracle VM Server dom0, it’s also
always suggested to keep the system updated for possible future reboots of the
# yum-update -y
So, by “yum” we also keep a consistent
relation between the updated running Kernel, managed by Ksplice, and the possible kernel that will
be picked-up in case of reboots. It's important to know that Ksplice will apply security updates also while rebooting but if the number of updates is too high you should have to wait much more time than expected.
# uptrack-remove olkujtvy
# uptrack-remove irrigrao
And as you can see in the picture above, now
the effective kernel moved from .28 to .27
For further information on Ksplice and Oracle