If you have a server running in production, you probably want to avoid downtime, and you probably want to avoid reboots as much as possible.
But what if I told you that there are ways to reboot without rebooting?
1. “Rebooting” user-space only
If you have an up to date systemd installed, you can run systemctl soft-reboot to restart the user-space. What this will do β in simplified terms β is to shut down all services and restart them, in a similar way as to when you do a reboot, however the kernel will remain running.
The reason this is useful (and very quick) is because it avoids all the hardware parts of a reboot but also the early stages like firmware, bootloader, kernel, initramfs.
The downside is that the kernel won’t be updated, as it keeps running. We can solve this by using something like Live Patching, but instead, in the next section I will show you how to reboot the kernel without rebooting the hardware!
2. “Rebooting” the kernel
In the above section we only restarted the whole user-space, but kept the kernel running. In this section we will also start up a new kernel *on a running system* without a hardware reboot!
In this example, we’ll be using a Debian/Ubuntu based system:
sudo apt update && sudo apt install kexec-toolsThis will give us kexec, which will allow us specify a kernel, initramfs and cmdline to use:
kexec -l /boot/vmlinuz --initrd=/boot/initrd.img --reuse-cmdlineWe specified the Kernel image, initramfs image and told it to reuse the current cmdline (see /proc/cmdline).
Now we *could* run kexec -e to execute the new kernel, however that would not do a clean shutdown and instead jump straight to the new kernel which isn’t clean, so instead we let systemd come to the rescue with:
systemctl kexecThis will let systemd handle a clean shutdown of services and everything, to then call kexec. This way we get to load the new kernel cleanly.
If you’re wondering why using kexec instead of a reboot: This again skips all the hardware initialization steps, while still giving us a new kernel. Some servers take a long time to initialize memory and to get through the post, so we cheat by simply loading a new kernel on an already running system. (:
We can verify that this worked by running:
journalctl -e | grep kexec | head -n1We should see something like:
systemd[1]: Starting LSB: Load kernel image with kexec...We can also verify that the last shutdown used kexec:
journalctl -e -b -1 | grep kexec | tail -1Which should tell us:
systemd[1]: Starting Reboot via kexec...3. Livepatching
If you want even less downtime, I recommend using a combination of something like the program “needrestart” which will scan for services which need to be restarted (and restart them), and to use your distro’s Livepatching feature (e.g. Canonical’s Ubuntu offers this for free for personal use); which will patch vulnerabilities on the running kernel without any downtime.
Perhaps in a future article, I’ll dig deeper (and more technical) into Livepatching, but for now, use what your distro offers for you. (:
Author’s notes
I hope you could learn something today and will have quicker “reboots” in the future. I run this blog in my spare time, consider donating a cup of coffee if I helped you out. <3
Leave A Comment