Last updated 03rd August 2018
OVH Dedicated Servers are easily able to boot into a Linux operating system using an updated kernel with the netboot startup system. However, it's best practice to update the kernel on the local machine.
This guide will show you how to update the kernel for distributions that use an OVH core.
By default, all system snapshots offered on OVH Dedicated Servers use an optimised OVH core. If you have replaced these snapshots with your own distribution, please refer to your distribution’s official documentation.
OVH provides self-managed machines that you are responsible for administering. We have no access to these machines and therefore cannot manage them. It is up to you to ensure that your machine is secured and your software is up to date.
We have made this guide available to assist you in applying this update. However, we recommend that you contact a specialist provider if you are facing any issues or have any doubts about managing, using or securing your server.
- an OVH Dedicated Server
- root access to the server via SSH
- a backup of your data (see the official documentation for your distribution)
Identify the kernel
Find the version of your kernel by typing the following command:
uname -r 4.09.76-xxxx-std-ipv6-64
In this case, the kernel version is 4.09.76-xxxx-std-ipv6-64.
Update the kernel using OVH packages
On Debian-based and RedHat-based distributions, the kernel is installed using the package manager.
Step 1: Update the kernel package
On Debian-based distributions, update the kernel package using the following command:
apt-get update && apt-get dist-upgrade
On RedHat-based distributions, update the kernel package using the following command:
Step 2: Reboot the server
In order for the modifications to take effect, you must reboot the server:
Update the kernel without using OVH packages
Step 1: Navigate to the correct directory
The kernel image must be placed in the following directory:
Step 2: Get the image
Without recompiling the kernel, download the appropriate bzImage version, ideally the latest one. You can find these images at the following address: https://last-public-ovh-kernel.snap.mirrors.ovh.net/builds/.
Kernels are monolithic, so they don’t take into account kernel modules, such as CEPH, NBD, ZFS...
Let’s return to our example. We have this kernel version: 4.09.76-xxxx-std-ipv6-64.
We therefore need to download the image using this command:
Step 3: Update the boot loader program (GRUB)
Update the boot loader program (GRUB) using the following command:
The command should return the following:
Generating grub configuration file ... done
Verify that the following file (required for the update) is present in your configuration:
06_OVHkernel. You can verify that the file is present by executing the following command:
Step 4: Reboot the server
In order for the modifications to take effect, you must reboot the server, using the following command:
In the event that you make a mistake or receive an error, it's possible to rollback your changes. To do so, the server must be placed in Rescue mode. This will require you to mount your system using the following commands:
mount /dev/md1 /mnt
In this example, the root directory (or slash
/) is named md1. Please note, the name can vary. To verify the name of your root directory, type the following command:
mount -o rbind /dev /mnt/dev
mount -t proc proc /mnt/proc
mount -t sysfs sys /mnt/sys
Navigate to the
/boot directory and delete the last files installed (
rmcommand). In our example, the following command is used:
The boot loader (GRUB) must be updated again:
Finally, exit Rescue mode (reboot to disk) and perform a soft reboot using the following command:
Verify that the update has been applied correctly.
Once the update is complete, verify the newly installed kernel version using the following command:
You can refer to the website of your distribution’s vendor to verify if the new version of the kernel is patched to protect you against the Meltdown and Spectrum vulnerabilities.
If necessary, there are a number of tools (for example, this one: https://github.com/speed47/spectre-meltdown-checker) that identify if the kernel being used is vulnerable or not.
OVH cannot guarantee the reliability of any third-party tools and these should be used at your own risk.
Join our user community on https://community.ovh.com/en/