Ksplice gives Linux users 88% of kernel updates without rebooting

Have you ever wondered why some updates or installs require a reboot, and others don’t? The main reason relates to kernel-level (core) services running in memory which either have been altered by the update to include new data that can’t be “squeezed in” to its existing footprint, or are currently attached to multiple separate processes which cannot be accounted for without a reboot. Ksplice has figured out a way around that issue in a majority of the cases.

A recent examination of Linux kernel updates suggests 88% of those which today fall under the “must reboot” category due to the types of programs they affect, could be converted into rebootless forms using Ksplice.

The Ksplice website includes a How It Works page. It explains that the lifecycle of Linux bugs (with Ksplice) operates like this:

1. A dangerous bug or security hole is discovered in Linux.
2. Linux developers create a fix or patch which corrects the problem, but may require a reboot.
3. Ksplice software analyzes the fix, and if possible creates an update “image” which can be implemented on your system without rebooting.
4. The update manager then sees either the Ksplice update, or the regular Linux kernel patch (if it could not be made into a rebootless version), and installs it.

This ability comes from an analysis of the object code used on your system before the patch is applied. This data is compared to the object code of the update. As such, memory variable locations can be isolated in both the pre- and post-versions. And with Ksplice, a type of “difference utility” (where it compares the two to see what’s changed) is run, allowing a full-on inspection of the update to determine if a rebootless version can be created.

If a rebootless version is possible, it creates the image which, when applied, maps the new memory locations as needed, and installs the new compiled code as needed. If it’s not possible, then the update is distributed through the normal Linux update mechanisms, and a reboot is required after applying.

Minimal Interruption

Ksplice says the system is disabled for 0.7 milliseconds while the update is applied, which for most types of applications is an acceptable down-time, especially when compared alongside a hard reboot.

As mentioned, 88% of Linux kernel patches which require a reboot today would not require a reboot with Ksplice. The remaining 12% fall into the category of something expanding, whereby the new data structures in the update have increased in size and cannot physically be squeezed into the quantity of memory allocated for the previous version’s structures.

A Ksplice Uptrack service is available today for Ubuntu 9.04 (Jaunty), which according to the website, provides near 100% uptime and “rebootless updates”. See also their full brochure (PDF 320KB).

Linux Only

This technology is only for Linux at the current time. No features like this are available for Windows. The technology does require a kernel patch, as Ksplice itself must be integrated into the kernel. The installation software (.deb package) handles this for you.

See Ars Technica

Rick’s Opinion
This technique would allow enterprise-level Linux installations a greater percentage of uptime. Many service providers strive for what they call “five 9s” of uptime, which is 99.999% of the time, which over the course of a year means the system would only be down for a grand total of 5m 15s. Some organizations strive for six 9s, which means it would only be down for 31 seconds.

Having the ability to reboot only in 12% of kernel updates, which don’t occur that often today anyway (a few per month) would mean much longer up-time, should a person leave their machine on 24/7.

Ubuntu desktop Linux users would also see benefits as they would not have to reboot nearly as often during the course of the day, which is typically when the Update Manager says “Oh, here’s a host of 15 updates to install”, though these do rarely require an update.

This kind of tool would allow most kernel patches to be rolled out with a greater degree of frequency without interrupting anybody’s system. This means faster turn-around times from security holes and bug fixes, and without a disruption to people’s daily routines. What could be finer?