Ubuntu 21.04 includes the 5.11 Linux kernel. This includes numerous updates and added support since the 5.8 Linux kernel released in Ubuntu 20.10. Some notable examples include:
- Better anonymous memory management to reduce swapping
- New cgroup slab controller which allows sharing of slab memory between cgroups
- Proactive memory compaction to reduce latency for huge-page allocations under fragmented memory conditions
- Support for running BPF programs on socket lookups
- FSGSBASE support to improve context switch performance on x86 processors
- Support for using Intel SGX to create encrypted enclaves
- Support for running SEV-ES guests under KVM to protect guest register state from the hypervisor
- Support for extended attributes in NFS
- fsync() performance improvements for ext4 and btrfs
- Btrfs performance and data recovery improvements
- io_uring restriction support to facilitate secure sharing of rings to less-trusted processes
- virtio-fs DAX support to improve performance and reduce memory consumption
- Intel Rocketlake and DG1 graphics support
- AMD Vangogh, Green Sardine, and Dimgrey Cavefish graphics support
GCC was updated to the 10.3.0 release, binutils to 2.36.1, and glibc to 2.33. Python now ships at version 3.9.4, Perl at version 5.32.1. LLVM now defaults to version 12. golang defaults to version 1.16.x. rustc defaults to version 1.50.
In addition to OpenJDK 11, OpenJDK 16 is now provided (but not used for package builds).
Ruby was updated from v2.7.0 to v2.7.2, and rubygems has been extracted from ruby2.7 source and is provided as a separate package 1.
Probably mention Python and perl and PHP.
Secureboot on x86_64 (amd64) and AArch64 (arm64) have been improved to include SBAT capable shim, grub2, fwupd. For more details see this discourse post 5.
nftables is now the default backend for the firewall.
Changes in Ubuntu Desktop 21.04
- Added support for smartcard authentication (via
- The wayland session is default on most configurations, which features better security and performances
- The desktop view now properly handle drag and drop interactions with softwares
- The power profile mode can now be changed from the settings (on configuration where there is proper kernel support)
- Pipewire support is now enabled which restore working screen recording and allow better audio handling for sandboxed applications
- The installer includes support for recovery key now
- The AD integration has been improved, access with GPO enabled works out of the box after installation.
While the new shell version hasn’t been included yet in Ubuntu the applications have been mostly updated to their GNOME 40 versions.
- Firefox version 87
- LibreOffice version 7.1.2-rc2
- Thunderbird version 78.8.1
- PulseAudio 14
- BlueZ 5.56
- NetworkManager 1.30
Changes in Ubuntu Server edition 21.04
This release brings you Rails 6! For users coming from Ubuntu 20.04, they can now enjoy the newer version of Rails, moving from v5.2.3 to v188.8.131.52. Some of the exciting features include the new Action Mailbox, Action Text, Parallel Testing, Action Cable Testing, support for Host Authorization, and so on.
QEMU was updated to the 5.2 release.
- One noteworthy new feature is the addition of a first version of virtio-mem which allows which allows fine-grained, NUMA-aware memory hot(un)plug for VMs, avoiding many limitations known from memory ballooning (virtio-balloon)
- Furthermore RISC-V emulation made major steps adding various further CPU types.
- See the upstream changelog for 5.1 and 5.2 for an overview of the many improvements.
Libvirt has been updated to version 7.0.
- Since Libvirt 6.10 TLS based connections will do client TLS certificate validation by default for
- Since 6.9.0 one can use transient disks and vdpa devices with the qemu hypervisor
- Since 6.7.0 iSCSI passthrough devices can also configure an initiator
- See the upstream Changelogs for the many improvements and fixes since version 6.6 that was in Groovy 1.
DPDK was updated to 20.11.1
- Various new features and drivers can be found in the 20.11 release notes
- Hirsute ships with 20.11.1 already being the first stable release of the 20.11 series.
Open vSwitch has been updated to 2.15
- The ovsdb transaction format in the database files has been changed. New ovsdb-server process will be able to read old database format, but old processes will fail to read database created by the new one. For cluster and active-backup service models follow upgrade instructions in ‘Upgrading from version 2.14 and earlier to 2.15 and later’ section of ovsdb(7).
- Further changes and improvements can be found in the changelog
Chrony has been updated to version 4.0
- Chronyd’s configuration can now be fragmented. Please see
/etc/chrony/conf.d/README for more information.
- NTP sources can be specified in /etc/chrony/sources.d. Please see
/etc/chrony/sources.d/README for more information.
- The seccomp filtering was further improved and is now enabled by default
- Better security with AES-CMAC keys (AES128, AES256) via Nettle and support for Network Time Security (NTS) authentication
- More details what changed since the former version 3.5 can be found on the upstreams news page 1.
Strongswan has been updated to 5.9.1
- AEAD algorithms are now preferred for ESP and therefore openvpn puts AES-GCM in a default AEAD proposal in front of the previous default proposal
- Various fixes for the Networkmanager frontend and backend
- These and more changes since the former 5.8.4 can be found in the upstream changelog
Openvpn has been updated to 2.5.1
- Connection setup is now much faster
- Improved TLS 1.3
- Better Asynchronous (deferred) support for authentication, client-connect scripts and plugins
- 802.1q VLAN support on TAP servers
- IPv6-only tunnels
- These and many more changes since the 2.4.x series can be read in detail in the upstream changelog of the 2.5 series 1
Virt-manager has been updated to 3.2.0
- Generally the UI flow has been streamlined (rare options got removed) but that isn’t dropping those features entirely – anything else that comes to mind can be addressed via the now stable builtin XML editor.
- Details can be found on the news page of the upstream project 1.
Postgresql has been updated to v13.2
- This update contains many new features and enhancements, including:
- Space savings and performance gains from de-duplication of B-tree index entries
- Improved performance for queries that use aggregates or partitioned tables
- Better query planning when using extended statistics
- Parallelized vacuuming of indexes
- Incremental sorting
- These and a long list of further enhancements as well as bug fixes can be found in the release notes of v13.0, v13.1 and v13.2
Samba has been updated to 4.13.3
- Samba’s original domain controller mode has been deprecated. Sites using Samba as a Domain Controller should upgrade from the NT4-like ‘classic’ Domain Controller to a Samba Active Directory Domain Controller to ensure full operation with modern Windows clients.
- SMBv1-only protocol options have been deprecated. A number of smb.conf parameters for less-secure authentication methods which are only possible over SMBv1 are deprecated in this release.
SSSD has been updated to 2.40
- Support for libnss has been dropped. SSSD now supports only openssl cryptography.
Net-SNMP has been updated to 5.9
- Support for OpenSSL 1.1.1 has been added.
Rsyslog has been updated to 8.2102.0
- A new module “imhttp” has been added, which allows rsyslog to receive log data via HTTP.
Containerd has been updated to 1.4.4
- Support cgroups v2
- Improved SELinux support
- Deprecate io.containerd.runtime.v1.* and io.containerd.runc.v1
Runc has been updated to 1.0.0-rc93
- Support cgroups v2
- Special handling for seccomp profiles to avoid making new syscalls unusable for glibc
- Various rootless containers improvements
Docker.io 3 has been updated to 20.10.2
- Support cgroups v2
- Deprecate aufs storage driver. For more deprecations take a look at Deprecated Engine Features 1
Targetcli-fb replaces tgt
- Already in Ubuntu 20.10 targetcli-fb which controls the kernels LIO support was fully supported. That was the first step to replace the aging tgt. Now in 21.04 the last remaining ties to tgt were cut (and thereby tgt got demoted) making targetcli-fb the single recommended tool to provide iSCSI targets.
- Compared to tgt It provides better performance for iSCSI targets, full SCSI 3 reservations (for clustering) and a multitude of further features missing from the narrower implementation of tgt.
Other noteworthy changes
- needrestart 11 is installed by default on Ubuntu Server.
- The nginx lua module has been removed as the latest upstream version of this module no longer works with Nginx directly. See bug 1893753 21 for details.
Ubuntu 21.04 includes the latest OpenStack release, Wallaby, including the following components:
- OpenStack Identity – Keystone
- OpenStack Imaging – Glance
- OpenStack Block Storage – Cinder
- OpenStack Compute – Nova
- OpenStack Networking – Neutron
- OpenStack Telemetry – Ceilometer, Aodh, Gnocchi, and Panko
- OpenStack Orchestration – Heat
- OpenStack Dashboard – Horizon
- OpenStack Object Storage – Swift
- OpenStack DNS – Designate
- OpenStack Bare-metal – Ironic
- OpenStack Filesystem – Manila
- OpenStack Key Manager – Barbican
- OpenStack Load Balancer – Octavia
- OpenStack Instance HA – Masakari
Please refer to the OpenStack Wallaby release notes 1 for full details of this release of OpenStack.
OpenStack Wallaby is also provided via the Ubuntu Cloud Archive for OpenStack Wallaby for Ubuntu 20.04 LTS users.
WARNING: Upgrading an OpenStack deployment is a non-trivial process and care should be taken to plan and test upgrade procedures which will be specific to each OpenStack deployment.
Make sure you read the OpenStack Charm Release Notes for more information about how to deploy and operate Ubuntu OpenStack using Juju.