Useful innovations in Ubuntu 22.04 LTS
The Long Haul
Ubuntu 22.04 LTS features an updated Linux kernel, numerous programming language updates, and improved virtualization and container tools, making it useful for developers and admins.
Calling Ubuntu 22.04 LTS a COVID-19 release would be bad public relations, but it's not completely untrue because its predecessor 20.04 was released more or less at the onset of the pandemic. For companies using Ubuntu Desktop, Ubuntu Server, Ubuntu Cloud, and Ubuntu Core, the upgrade to "Jammy Jellyfish" (Figure 1) is well worthwhile, but there is no rush. Officially, the preceeding Ubuntu 20.04 LTS will still be supported until April 2025, with Extended Security Maintenance (ESM) for five additional years, assuming that you make an appropriate donation to Canonical.
However, users of other Ubuntu flavors, such as Kubuntu, Lubuntu, Xubuntu, and the like, can only count on official support until April 2023. Without ESM, admins will need to assess the consequences of the upgrade and compatibility issues at a somewhat less leisurely pace. If you switch to Ubuntu 22.04, the support period is extended to 2027 (or 2025 for the other flavors).
Kernel Support
By default, Ubuntu 20.04 used Linux kernel version 5.4.0, while Ubuntu 22.04 has kernel version 5.15 (linux-generic). Canonical even uses kernel 5.17 (linux-oem-22.04) on certified devices. If you want, you can also use the rolling Hardware Enablement (HWE) kernel [1] (linux-hwe-22.04) with the LTS versions, whichs updates the distribution with the regular point releases and kernel versions.
According to Kernel.org [2], Linux kernel 5.15 will receive support for longer than other versions – specifically, until October 2023 (Figure 2). Presumably, the Ubuntu developers hope that another kernel with long-term support will have arrived on the scene by then. Otherwise, they will have to continue maintaining the kernel themselves after its shelf life expires [3].
WireGuard was already backported by the developers in Ubuntu 20.04, but there are many other innovations in kernel 5.15. For example, kernel 5.15 includes a new NTFS driver, support for Apple's M1 chip, and a kernel-integrated Samba server, dubbed KSMBD. In addition to these major updates, there are several smaller tweaks to kernel security features. The eBPF kernel sandbox has been updated. There are some new system calls that simplify the container handling, among other things, as well as improvements to the collection of filesystems. For example, ext4, Ubuntu's standard filesystem, has been faster since kernel 5.10 thanks to a fast commit feature.
Network Binds
The server and client packages for Network File System (NFS) have been upgraded to the latest versions. NFS no longer supports mounting over UDP by default. The reason for the change is that NFS over UDP can cause data corruption on modern networks with connection speeds of more than 1Gbps – this is due to fragmentation brought about by the heavy load [4]. The new Samba v4.15.5 is also on board and, among other things, ends the experimental status of multichannel support.
SSH remains wildly popular for connecting to Ubuntu machines on the network – either as an admin or for software that then handles tasks on the target machines. OpenSSH 8.9, which is included with the new Ubuntu, disables RSA signatures by default because they use the insecure SHA-1. Disabling RSA may cause problems when communicating with older SSH servers, but that can be changed later [5]. The SCP software that comes with SSH moves and copies files between machines. The software now offers a -s
option to use SFTP mode instead of SCP mode. For security reasons, according to the OpenSSH project, this behavior will become the default in the near future. OpenSSL v3 is also now available; it removes some legacy, insecure algorithms. Certificates that still support SHA-1 or MD5 also no longer work with OpenSSL v3.
The recently supported OpenLDAP 2.5.x is missing a few pieces, including the shell and BDB and HDB back ends. Bind v9.18, on the other hand, is now more secure, offering support for DNS over TLS (DoT) and DNS over HTTPS (DoH). The named service supports inbound and outbound zone transfers over TLS (XFR over TLS, XoT).
In terms of security, nftables now is the new back end that manages the firewall rules, taking over the job from iptables, as well as from ip6tables (IPv6), arptables (ARP), and ebtables (Ethernet bridging). The nftables developers are the same people who created iptables, and they are looking to dump the legacy ballast in the new software. The two iptables versions (for IPv4 and IPv6 addresses) still cause confusion and have forced admins to manage them in parallel, until now.
Machine Farms
Data center admins want to squeeze as many machines as possible onto a single lump of physical hardware for cost and efficiency reasons. This is where virtual machines (VMs) and containers come into play. In terms of the architecture, the Qemu virtualization software has recently outsourced the most frequently used features as modules. The new fuse3 version in Qemu 6.2.0 makes it easier to edit VM images without having root privileges and without having to boot the VM. In addition, Qemu now supports the Linux JACK sound server, which supports access with the particularly low latencies that musicians require.
Version 8.0.0 of the Libvirt virtualization API is on board and comes with hot plug support for the VirtioFS virtual filesystem. Version 4.0.0 of virt-manager, a graphical program for managing VMs on Linux, is included and provides a graphical option for configuring shared storage. VirtioFS is available here as a selectable filesystem in the settings. Virt-manager also automatically activates the Trusted Platform Module (TPM) if the VM uses UEFI. Another new default choice for x86 guests allows the host CPU to be passed through to the guests. And, last but not least, the Virtio GPU is available for most modern guest systems.
When creating VM templates, VMware users benefit from an innovation in cloud-init 22.1, which now natively supports VMware as a data source. The LXD data source dynamically reads instance data from the LXD socket and applies configuration changes that also survive reboots.
People who use VMs on a large scale usually turn to OpenStack. Despite rumors to the contrary, OpenStack is not dead, reports Canonical [6], while sending the new 2022 "Yoga" version off to do battle with its competitors. At the same time, the release notes warn that updates are not a walk in the park because OpenStack consists of many moving parts. Admins will therefore need to schedule some time for planning and testing the upgrades, and study the release notes [7].
Buy this article as PDF
(incl. VAT)
Buy Linux Magazine
Subscribe to our Linux Newsletters
Find Linux and Open Source Jobs
Subscribe to our ADMIN Newsletters
Support Our Work
Linux Magazine content is made possible with support from readers like you. Please consider contributing when you’ve found an article to be beneficial.
News
-
New Steam Client Ups the Ante for Linux
The latest release from Steam has some pretty cool tricks up its sleeve.
-
Gnome OS Transitioning Toward a General-Purpose Distro
If you're looking for the perfectly vanilla take on the Gnome desktop, Gnome OS might be for you.
-
Fedora 41 Released with New Features
If you're a Fedora fan or just looking for a Linux distribution to help you migrate from Windows, Fedora 41 might be just the ticket.
-
AlmaLinux OS Kitten 10 Gives Power Users a Sneak Preview
If you're looking to kick the tires of AlmaLinux's upstream version, the developers have a purrfect solution.
-
Gnome 47.1 Released with a Few Fixes
The latest release of the Gnome desktop is all about fixing a few nagging issues and not about bringing new features into the mix.
-
System76 Unveils an Ampere-Powered Thelio Desktop
If you're looking for a new desktop system for developing autonomous driving and software-defined vehicle solutions. System76 has you covered.
-
VirtualBox 7.1.4 Includes Initial Support for Linux kernel 6.12
The latest version of VirtualBox has arrived and it not only adds initial support for kernel 6.12 but another feature that will make using the virtual machine tool much easier.
-
New Slimbook EVO with Raw AMD Ryzen Power
If you're looking for serious power in a 14" ultrabook that is powered by Linux, Slimbook has just the thing for you.
-
The Gnome Foundation Struggling to Stay Afloat
The foundation behind the Gnome desktop environment is having to go through some serious belt-tightening due to continued financial problems.
-
Thousands of Linux Servers Infected with Stealth Malware Since 2021
Perfctl is capable of remaining undetected, which makes it dangerous and hard to mitigate.