Kpslice Uptrack – Review

Print Friendly, PDF & Email

Keeping your kernel updated is both important, and yet one of the most overlooked jobs of any admin. Linux kernels are one of those areas that instill fear into the hearts of many – and for good reason. Compiling a custom kernel is not for the feint hearted or casual user.

However, most of use use the standard kernel options that ship with our flavour of linux, and the in-built package managers that ship with the popular linux builds Ubuntu, Fedora, Debian, CentOS/RedHat etc, all offer an easy way to upgrade your kernel to the latest build. For example, using CentOS it’s just a case of yum update kernel.

However, if you are running a server that needs to be on 24/7, then rebooting everytime there are updates is probably going to annoy your users. Plus, if you have a lot of servers, then keeping them all up to date can become a bit of a chore.

Enter Ksplice Uptrack

In their own words – “Ksplice Uptrack is a subscription service that lets you apply 100% of the important kernel security updates released by your Linux vendor without rebooting.”

Ksplice has become an intrinsic part of the security regine at our sister company ziphost.co.uk

So, how does it work?

The answer to the first question is that a simple software package is installed, and configured with a unique access key – this is just a case of editing a config file to paste in the key. Then, you run the uptrack-upgrade command, and the software fetches a list of all new security patches, and asks for permission to install them (you can use an unattended switch so it all just happens automatically too). Your kernel modules are then all updated, without interfering with any custom modules you may have installed – and, most importantly, without rebooting!

It works with all popular Linux OS’s, and other hosting and utility platforms like cPanel, R1Soft, CDP etc. It has rollback capability, dpesn’t impact performance as there is no service daemon running, supports proxy access, and works in virtualised environments.

You get a helpful online control panel, so you can see the status of each machine in you account, showing how many patches are awaiting installation, and you can also receive email updates each time a new patch is made available. And the patches are usually available within hours of the Linux distro’s update being released by the vendor.

Does it work well?

Fantastic! I get an email from ksplice whenever a security alert is published – I update all of my servers in about 5 minutes – job done. And at only $3.95 a month per server it’s small beer to know your server is patched up to the hilt! You can even run it via a cron job if you like.

Find out more by visiting the Ksplice website at http://www.ksplice.com

Tags:

No comments yet.

Leave a Reply

Bot test * Time limit is exhausted. Please reload the CAPTCHA.