Ubuntu 22.04 Review
Ubuntu 22.04 LTS features an updated Linux kernel, numerous programming language updates, and improved virtualization and container tools, making it useful for developers and admins. By Kristian Killing. Read our Ubuntu 22.04 Review.
Calling Ubuntu 22.04 LTS a COVID-19 release would be bad public relations, but it’s not completely untrue because its predecessor 20.04 was released more or less at the onset of the pandemic. For companies using Ubuntu Desktop, Ubuntu Server, Ubuntu Cloud, and Ubuntu Core, the upgrade to “Jammy Jellyfish” (Figure 1) is well worthwhile, but there is no rush. Officially, the proceeding Ubuntu 20.04 LTS will still be supported until April 2025, with Extended
Figure 1: Ubuntu on the desktop: The software store offers both Debian and Snap packages.
Security Maintenance (ESM) for five additional years, assuming that you make an appropriate donation to Canonical.
However, users of other Ubuntu flavors, such as Kubuntu, Lubuntu, Xubuntu, and the like, can only count on official support until April 2023. Without ESM, admins will need to assess the consequences of the upgrade and compatibility issues at a somewhat less leisurely pace. If you switch to Ubuntu 22.04, the support period is extended to 2027 (or 2025 for the other flavors).
Kernel Support
By default, Ubuntu 20.04 used Linux kernel version 5.4.0, while Ubuntu 22.04 has kernel version 5.15 (linux-generic). Canonical even uses kernel 5.17 (linux-oem-22.04) on certified devices. If you want, you can also use the rolling Hardware Enablement (HWE) kernel [ 1 ] (linux-hwe-22.04) with the LTS versions, whichs updates the distribution with the regular point releases and kernel versions.
According to Kernel.org [2], Linux kernel 5.15 will receive support for longer than other versions – specifically, until October 2023 (Figure 2). Presumably, the Ubuntu developers hope that another kernel with long-term support will have arrived on the scene by then. Otherwise, they will have to continue maintaining the kernel themselves after its shelf life expires [3].
WireGuard was already backported by the developers in Ubuntu 20.04, but there are many other innovations in kernel 5.15. For example, kernel 5.15 includes a new NTFS driver, support for
Figure 2: The supplied kernel 5.15 will receive long-term support until 2023.
Apple’s Ml chip, and a kernel-integrated Samba server, dubbed KSMBD. In addition to these major updates, there are several smaller tweaks to kernel security features. The eBPF kernel sandbox has been updated. There are some new system calls that simplify the container handling, among other things, as well as improvements to the collection of filesystems. For example, ext4, Ubuntu’s standard filesystem, has been faster since kernel 5.10 thanks to a fast commit feature.
Network Binds
The server and client packages for Network File System (NFS) have been upgraded to the latest versions. NFS no longer supports mounting over UDP by default. The reason for the change is that NFS over UDP can cause data corruption on modern networks with connection speeds of more than 1Gbps – this is due to fragmentation brought about by the heavy load [4]. The new Samba V4.15.5 is also on board and, among other things, ends the experimental status of multichannel support.
SSH remains wildly popular for connecting to Ubuntu machines on the network – either as an admin or for software that then handles tasks on the target machines. OpenSSH 8.9, which is included with the new Ubuntu, disables RSA signatures by default because they use the insecure SHA-1. Disabling RSA may cause problems when communicating with older SSH servers, but that can be changed later [5]. The SCP software that comes with SSH moves and copies files between machines. The software now offers a -s option to use SFTP mode instead of SCP mode. For security reasons, according to the OpenSSH project, this behavior will become the default in the near future. OpenSSL v3 is also now available; it removes some legacy, insecure algorithms. Certificates that still support SHA-1 or MD5 also no longer work with OpenSSL v3.
The recently supported OpenLDAP 2.5.x is missing a few pieces, including the shell and BDB and HDB back ends. Bind v9.18, on the other hand, is now more secure, offering support for DNS over TLS (DoT) and DNS over HTTPS (DoH). The named service supports inbound and outbound zone transfers over TLS (XFR over TLS, XoT).
In terms of security, nftables now is the new back end that manages the firewall rules, taking over the job from ipta-bles, as well as from ip6tables (IPv6), arptables (ARP), and ebtables (Ethernet bridging). The nftables developers are the same people who created iptables, and they are looking to dump the legacy ballast in the new software. The two iptables versions (for IPv4 and IPv6 addresses) still cause confusion and have forced admins to manage them in parallel, until now.
Machine Farms
Data center admins want to squeeze as many machines as possible onto a single lump of physical hardware for cost and efficiency reasons. This is where virtual machines (VMs) and containers come into play. In terms of the architecture, the Qemu virtualization software has recently outsourced the most frequently used features as modules. The new fuse3 version in Qemu 6.2.0 makes it easier to edit VM images without having root privileges and without having to boot the VM. In addition, Qemu now supports the Linux JACK sound server, which supports access with the particularly low latencies that musicians require.
Version 8.0.0 of the Libvirt virtualization API is on board and comes with hot plug support for the VirtioFS virtual filesystem. Version 4.0.0 of virt-manager, a graphical program for managing VMs on Linux, is included and provides a graphical option for configuring shared storage. VirtioFS is available here as a selectable filesystem in the settings. Virt-manager also automatically activates the Trusted Platform Module (TPM) if the VM uses UEFI. Another new default choice for x86 guests allows the host CPU to be passed through to the guests. And, last but not least, the Virtio GPU is available for most modern guest systems.
When creating VM templates, VMware users benefit from an innovation in cloud-init 22.1, which now natively supports VMware as a data source. The LXD data source dynamically reads instance data from the LXD socket and applies configuration changes that also survive reboots.
People who use VMs on a large scale usually turn to OpenStack. Despite rumors to the contrary, OpenStack is not dead, reports Canonical [6], while sending the new 2022 “Yoga” version off to do battle with its competitors. At the same time, the release notes warn that updates are not a walk in the park because OpenStack consists of many moving parts. Admins will therefore need to schedule some time for planning and testing the upgrades, and study the release notes [7].
Container Love
The container and VM manager LXD also comes with numerous new features, with version 5.0 now covering the same feature set for VMs as for containers. In multiuser operation, several users can start their projects separately. VMs now support virtual TPMs and PCI passthrough and can be migrated on-the-fly. In addition, LXD 5.0 lets you hot plug hard disks and USB sticks into VMs.
When it comes to Docker, Canonical points out that it not only offers Ubuntu
Figure 3: A local Kubernetes, including a dashboard, can be set up quite quickly thanks to MicroK8s.
itself on Docker Hub, but also numerous validated container images with MySQL, PostgreSQL, and NGINX. New additions include Grafana Loki, Apache Kafka, and Apache Cassandra.
If you are looking to build a larger container environment, you will find Kubernetes vl.23 in Ubuntu 22.04 [8]. While Canonical recommends its Charmed Kubernetes for enterprise deployments, the leaner MicroK8s (Figure 3) instead targets users who want to run the container orchestrator in edge computing or the Internet of Things (IoT) area. And, last but not least, Canonical Kubernetes also enables managed containerization with a managed Kubernetes.
Development Drive Developers use Ubuntu because it supports numerous programming languages out of the box. And Windows users now also have an easy option for using familiar Linux tools in Windows Subsystem for Linux (WSL) 2, which now also supports Ubuntu 22.04.
Of particular interest to developers, PHP 8.1.2 is included. If you want to move up from version 7.x, note that version 8 removes some deprecated functions. As a result, some code adjustments may be needed. In return, PHP 8 promises better performance. Ruby 3.0 runs up to three times faster than its predecessor thanks to the MJIT compiler, concurrency, and static types, which is likely to go down well with its followers.
Python fans can look forward to version 3.10.4 and the Python-based Django web framework in the distribution. Django is available as version 3.2.12 with long-term support and offers asynchronous views and middleware, among other things. A word of caution: There is a risk of some incompatibility here during the upgrade. Ubuntu 22.04 also includes Go V1.18.X, Rust vl.58, and OpenJDK 11 for Java developers.
On the compiler side, Ubuntu has a great feature set with LLVM 14 and GCC 11.2.0. On the database side, PostgreSQL 14 and MySQL 8.0 impress with some new features. For PostgreSQL 14, stored procedures now return data via OUT parameters, simplifying the move from Oracle to PostgreSQL. MySQL admins can disable the audit log for sessions.
Point of View
With every LTS release, Canonical explains what it considers to be the highlights of the new version, which allows conclusions to be drawn about what customers have requested. This time, the company highlights native support for NVIDIA’s vGPU software 14.0, among other things. This allows the virtual GPUs of many VMs to be linked together to accelerate machine learning and other scenarios with workloads that process serious amounts of data. In addition, Ubuntu 22.04 supports NVIDIA’s AI Enterprise software suite, which offers advantages in a scientific context and high-performance computing.
If you want to use Azure’s confidential VMs, Ubuntu is the only Linux distribution that supports the feature. Multipass [9], a GPL software driven by Canonical, lets you start an Ubuntu VM on Windows, macOS, and Linux with a simple command and (now) also supports Apple’s Ml chip. A real-time kernel (currently still in beta) is expected to find favor especially in the telecommunications industry, for example, for realtime applications in the 5G sector.
Conclusions
If you are an admin or developer, you don’t need to rush to switch to Ubuntu 22.04 LTS, but gradually transitioning only makes sense, even on your servers. You should consider making the switch not only because your favorite frameworks and content management systems will eventually switch to the new programming language versions, but also because updated software may utilize some of the new features that Ubuntu 22.04 delivers. If you want to wait, most of the teething troubles should be confined to history by the time the first point release, 22.04.1, appears. Before you make the change, check through the release notes [10] for the known issues taking your infrastructure into account.
Info
[1] HWE kernel:
https://www. thomas-krenn.com/en/wiki/Ubuntu_LTS_Hardware_ Enablement_Stack_information
[21 Kernel releases: https://www.kemel.org/category/releases. html
[31 Plans for Ubuntu kernel:
https://discourse. ubuntu.com/t/ ubuntu-desktop-gnome-plans-for-the-incoming-lts/26156/13
[4] NFS and UDP: https://www.mail-ar-chive.eom/kernel-packages@lists. launchpad.net/msg473086.html
[5] SSH on older machines: https://bugs.launchpad.net/ubuntu/ +source/openssh/+bug/1961833
[6] Ubuntu and OpenStack: https:// ubuntu.com/blog/openstack-is-dead
[7] OpenStack “Yoga”: https://releases. openstack, org/yoga/
[8] Kubernetes 1.23: https://ubuntu.com/blog/ kubernetes-1-23-release-top-features
[9] Multipass: https://multipass.run
[10] Release notes:
https://discourse. ubuntu, com/t/ jammy-jellyfish-release-notes/24668