Ubuntu Server primed for the bigtime

Ready for the RHEL world

Mobile application security vulnerability report

Next Thursday, Canonical will open the internet floodgates and allow end user downloads of Ubuntu 10.04 Server Edition, the latest and perhaps most significant release for servers in the British company's six year history.

Ubuntu 10.04 is what Canonical calls a Long Term Support (LTS) release, which means Canonical guarantees it will provide updates for five years, including updates for new iron as it comes along from X64 chip bakers and server makers, security patches and updates to the Ubuntu stack. LTS releases are what most companies want when they deploy an operating system platform, and each of the prior two LTS releases have enabled Canonical to get more traction not just among Ubuntu enthusiasts (who would deploy Ubuntu Server Edition on gear with its 18-month support just fine), but with application software makers and hardware providers who want to certify the software once and sell it for many years.

In some respects, the LTS tag is the most important feature of the Ubuntu 10.04 Server Edition that ships on April 29.

Not that this undercuts the work the Ubuntu project and its Canonical sponsor has done to put together a modern server release that companies will want to use for a number of years in production. And it has all the latest features available from the Linux and open source communities that create software for the Linux kernel.

"This is the freshest stack available today," says Matt Zimmerman, the chief technology officer for the Ubuntu distribution at Canonical, who adds that the features Ubuntu 10.04 Server Edition are generally more up to date than the other top-tier Linux releases. (Zimmerman did not mention those others by name, but you know who you are, Red Hat and Novell and by extension CentOS and Oracle). Another difference between Ubuntu Server Edition and its peers, says Zimmerman, is that Canonical puts out the early builds, betas, and production releases as open source, compiled binaries, and AMI images for Amazon's EC2 compute cloud at the same time through each step of the process from development to release.

Ubuntu 10.04 Server Edition, also known by the nickname "Lucid Lynx," is based on the Linux 2.6.32 kernel. The kernel is hardened with a number of features, including memory protection, module loading blocking, and address space layout randomization, and it also has feature support for the latest Xeon 5600 and 7500 processors from Intel and the current Opteron 6100s and impending Opteron 4100s from Advanced Micro Devices. These chips have their own compatibility features, so Ubuntu would work with them even if there were not tweaks to take full advantage of all the new features in the hardware.

Zimmerman says that Canonical does not certify Ubuntu at the chip level, but rather certifies the server edition to run on specific hardware platforms. The current validated hardware list is here, and it has servers from Dell, Hewlett-Packard, IBM, Oracle, Lenovo, HCL, System76, and PCS that have been put through the paces on one or more Server Edition releases. The Ubuntu releases obviously load on a much wider range of hardware, just like other Linuxes do, and none of these machines have been certified on 10.04 Server Edition since it has not been released yet. But Zimmerman expects for some 40 to 50 platforms to be certified in fairly short order, which is a big number for Ubuntu.

Ubuntu was an early and enthusiastic supporter of the KVM alternative to Xen for server virtualization, even before Red Hat shelled out $107m to snap up Qumranet, the sponsor of the KVM hypervisor back in September 2008. The fact that its Linux rival controls KVM doesn't seem to bother Canonical.

"We adopted KVM earlier than anyone else, and we are quite pleased with its momentum," says Zimmerman. The 10.04 release includes KVM 1.84 and the Libvirt 0.7.5 virtualization management tools. A tool called VMBuilder has been tossed in to the release to create Ubuntu software stacks that deploy inside of KVM partitions. The KVM hypervisor also supports a feature called Kernel Shared Memory, which is a program that sniffs the systems software you load into virtual memory for multiple hypervisor guest partitions and removes the redundancies, allowing all the guests to point to the same program in physical memory as it is running. In guest partitions running the same OS, this KSM feature can radically cut down on memory usage, which means the server can host more guests.

When it comes to virtualization, Canonical is not allergic to Xen, which it supported ahead of KVM just like Red Hat and Novell did with their respective Enterprise Linux and SUSE Linux Enterprise Server releases. Ubuntu 10.04 Server Edition will run as a guest atop Xen, and Amazon's EC2 compute cloud is also a variant of Xen and supports this and prior Ubuntus as well. But if you want to host operating systems on Ubuntu, using the Linux as the domain 0 host, then you now have to use the KVM hypervisor. And if you want to use the new live migration feature that has been added with Ubuntu 10.04 Server, then you need to use the embedded KVM hypervisor as well.

This live migration is a key missing feature that is needed for the Ubuntu Enterprise Cloud (UEC) utility computing stack that made its initial debut with the 9.10 release last fall. UEC includes a commercialized version of the Eucalyptus open source cloud management program. The Eucalyptus tool deploys virtual machines that are compatible with EC2's Amazon Machine Image (AMI) formats but which deploy on KVM rather than Xen. (Canonical worked with Eucalyptus Systems, the commercial entity behind the same-named cloud management tool, to tweak the tool to support KVM instead of Xen as the main container for virtual server images).

Ubuntu 10.04 Server Edition will also run on VMware ESX Server, Oracle VirtualBox and VM, and Citrix Systems XenServer hypervisors.

With the 10.04 release, the UEC variant of the Ubuntu distro plus images made for EC2 and UEC clouds are covered by the same five years of free security and support updates that regular Ubuntu desktop and server images get. There's no wall you have to jump to get updates, and you don't have to roll you own like some Linux distros make you do while still calling themselves open. (Open source does not have to mean helpful, but it should).

Canonical has also created a small footprint of Ubuntu optimized for EC2 and UEC clouds, and it has worked with Amazon to give multi-language capability to EC2 compute nodes running Ubuntu 10.04. Images of the new Ubuntu server can be booted from Amazon's Elastic Block Store (EBS) storage utility. Canonical has also thrown in a new tool called Puppet, which is a management framework to mass control Ubuntu instances running on clouds simultaneously. The Ubuntu installer and version control tools are integrated with Puppet to allow mass deployments instead of having to do cloud images one at a time.

With Ubuntu 10.04 Server Edition, AppArmor security is turned on by default on key software packages, and the firewall is extended to common services used by the operating system. The Home and Private directories on the system are also encrypted.

The 10.04 server version includes MySQL 5.1, Tomcat 6, OpenJDK 6, Samba 3.4, Nagios 3, PHP 5.3, Python 2.6, and a slew of updated packages. Right now, ext4 is the default file system on Ubuntu Server, and Zimmerman says that the Ubuntu project is tracking the development of the BTRFS file system very closely and is excited about the possibilities it offers as a local file system for Linux systems. But he adds that it is not ready for production use but that the minute the project feels that it is, Ubuntu will being it in fast.

Pricing for technical support from Canonical for Ubuntu LTS has not changed with the new release, and it's the same as on normal Ubuntu Server releases with the shorter 18-month term. An annual support contract with 9x5 business hour support costs $750 per server, and a contract covering 24x7 over a year costs $1,200. These prices include both live human and email support coverage. ®

The Power of One Infographic

More from The Register

next story
Secure microkernel that uses maths to be 'bug free' goes open source
Hacker-repelling, drone-protecting code will soon be yours to tweak as you see fit
KDE releases ice-cream coloured Plasma 5 just in time for summer
Melty but refreshing - popular rival to Mint's Cinnamon's still a work in progress
NO MORE ALL CAPS and other pleasures of Visual Studio 14
Unpicking a packed preview that breaks down ASP.NET
Cheer up, Nokia fans. It can start making mobes again in 18 months
The real winner of the Nokia sale is *drumroll* ... Nokia
Put down that Oracle database patch: It could cost $23,000 per CPU
On-by-default INMEMORY tech a boon for developers ... as long as they can afford it
Another day, another Firefox: Version 31 is upon us ALREADY
Web devs, Mozilla really wants you to like this one
Google shows off new Chrome OS look
Athena springs full-grown from Chromium project's head
prev story


Implementing global e-invoicing with guaranteed legal certainty
Explaining the role local tax compliance plays in successful supply chain management and e-business and how leading global brands are addressing this.
Consolidation: The Foundation for IT Business Transformation
In this whitepaper learn how effective consolidation of IT and business resources can enable multiple, meaningful business benefits.
Application security programs and practises
Follow a few strategies and your organization can gain the full benefits of open source and the cloud without compromising the security of your applications.
How modern custom applications can spur business growth
Learn how to create, deploy and manage custom applications without consuming or expanding the need for scarce, expensive IT resources.
Securing Web Applications Made Simple and Scalable
Learn how automated security testing can provide a simple and scalable way to protect your web applications.