Softpedia >Linux >Linux Distributions >Ubuntu Server >  Changelog

Ubuntu Server Changelog

What's new in Ubuntu Server 21.10

Oct 15, 2021
  • Ubuntu Server:
  • OpenLDAP has been updated to 2.5.6:
  • A new OpenLDAP release, version 2.5.6, is available for Ubuntu Impish users. This release brings several changes, new features and deprecations/removals. A non-exhaustive list of things to be aware of during the upgrade process is:
  • The shell (slapd-shell), the BDB and the HDB backends have all been removed.
  • The ppolicy module now provides its own built-in schema. The external ppolicy schema has been removed.
  • The nssov module has been removed
  • In certain situations, it is possible that the post-installation scripts will not be able to successfully migrate your current installation to new formats (e.g., when you are using an old backend like BDB/HDB). If this happens, you will be notified about the failure and the slapd server will not be (re)started; you will then have to take manual action in order to migrate your data and start the service. Please look at the README.Debian file (under /usr/share/doc/slapd/) for more information.
  • Telegraf has been updated to 1.19.2:
  • This new version of Telegraf introduces some new features. It supports more SNMP v3 authentication protocols (including SHA-512); it also adds support for DataDog distributions 5 metric type.
  • PHP now defaults to version 8.0.8:
  • Ubuntu has transitioned to the PHP 8 runtime language 4, and updated the wider PHP ecosystem in Ubuntu 21.10 to use this version. New features include the JIT compiler, union types, attributes, and more.
  • Users of PHP 7.4 should note that version 8.0 removes a number of deprecated functionalities 27 and when upgrading should be prepared to make the appropriate changes to their applications.
  • Apache has been updated to 2.4.48:
  • Adds SSL related inquiry functions to the server API, to ease the identification and loading of the right SSL modules.
  • Adds OCSP response provisioning as a core feature, allowing mod_md and mod_ssl to exchange X.509 digital certificate data with each other.
  • QEMU was updated to the 6.0 release.:
  • This version adds the ES extension to AMD SEV which adds guest register state to the protected assets.
  • Furthermore in regard to emulation RISC-V got many improvements and ARMv8.1M as well as several ARM extensions were added.
  • The emulated NVMe controller is now compliant with NVMe version 1.4 and added subsystems, multipath and namespace sharing.
  • See the upstream changelog for 6.0 16 for an overview of the many improvements and also a list of suggested replacement functionality for removed features and incompatible changes.
  • Libvirt has been updated to version 7.6:
  • virtio-pmem model.
  • Sharing and hot-plugging of disks with QEMU.
  • More configurability for virtiofs use cases allowing an external virtiofsd.
  • Older Hypervisor targets are no more supported dropping code for QEMU releases older than 2.11 and Xen releases older than 4.9.
  • Specifying s390-pv as launch security type in an s390 domain prepares for running the guest in protected virtualization secure mode.
  • See the upstream Changelogs 7 for the many further improvements and fixes since version 7.0 that was in Ubuntu 21.04 1.
  • Open vSwitch has been updated to 2.16:
  • Removed support for 1024-bit Diffie-Hellman key exchange, which is now considered unsafe
  • OVSDB Introduced new database service model named relay. Targeted to scale out read-mostly access (ovn-controller) to existing databases.
  • Linux datapath: ovs-vswitchd will configure the kernel module using per-cpu dispatch mode (if available). This changes the way upcalls are delivered to user space in order to resolve a number of issues with per-vport dispatch.
  • Further changes and improvements can be found in the upstream changelog 3.
  • Chrony has been updated to version 4.1:
  • The more secure NTS 9 feature that was added in 4.0 in Ubuntu 21.04 now got various enhancements in regard to configure certificates.
  • More details of what changed since version 4.0 can be found in the upstream news page 6.
  • Bind9 has been updated to 9.16.15:
  • Ubuntu Impish’s BIND9 software received a major update since hirsute’s 9.16.8 3, which includes performance improvements for zone queries, and better control over purging old keys and stale data.
  • Of note, BIND9 now prefers the SPNEGO implementation from the system GSSAPI library rather than the prior ISC implementation.
  • Containerd has been updated to version 1.5.5:
  • In this new version the support for the Node Resource Interface (NRI) was added, and it also has changes which may affect projects that import containerd. For instance, the CRI plugin moved into the main repository, and there are some API changes in the OCI library.
  • More details about what changed since the former version 1.4.x can be found in the upstream release page 3 .
  • Runc has been updated to version 1.0.1:
  • This is the first stable release of runc to be shipped in Ubuntu. As a consequence of this version update, there are some changes to the libcontainer API that break compatibility with older versions of the library.
  • There are also a bunch of performance improvements and bug fixes. More details about what changed since the last Ubuntu release can be found in the upstream release page 2.
  • Corosync has been updated to version 3.1.2:
  • In this version, the default corosync configuration does not set the node name to node1 as in the last Ubuntu release, instead it uses the output of uname -n command. If you want to keep the old behavior, check the configuration file and uncomment the needed lines.
  • Fence-agents has been split into curated and non-curated agents:
  • There is no new upstream version in this Ubuntu release, however, the fence-agents package was split into fence-agents-base (curated agents) and fence-agents-extra (non-curated agents), and now fence-agents is a metapackage which installs all the agents. A curated agent means that the Ubuntu Server team has been validating it in a Continuous Integration system.
  • For more information about the curated agents check the Ubuntu Server guide 7.
  • Resource-agents has been split into curated and non-curated agents:
  • There is no new upstream version in this Ubuntu release, however, the resource-agents package was split into resource-agents-base (curated agents) and resource-agents-extra (non-curated agents), and now resource-agents is a metapackage which installs all the agents. A curated agent means that the Ubuntu Server team has been validating it in a Continuous Integration system.
  • For more information about the curated agents check the Ubuntu Server guide 2.
  • OpenStack:
  • Ubuntu 21.10 includes the latest OpenStack release, Xena, including the following components:
  • OpenStack Identity - Keystone
  • OpenStack Imaging - Glance
  • OpenStack Block Storage - Cinder
  • OpenStack Compute - Nova
  • OpenStack Networking - Neutron
  • OpenStack Telemetry - Ceilometer, Aodh, Gnocchi
  • OpenStack Orchestration - Heat
  • OpenStack Dashboard - Horizon
  • OpenStack Object Storage - Swift
  • OpenStack DNS - Designate
  • OpenStack Bare-metal - Ironic
  • OpenStack Filesystem - Manila
  • OpenStack Key Manager - Barbican
  • OpenStack Load Balancer - Octavia
  • OpenStack Instance HA - Masakari
  • Please refer to the OpenStack Xena release notes 7 for full details of this release of OpenStack.
  • OpenStack Xena is also provided via the Ubuntu Cloud Archive for OpenStack Xena for Ubuntu 20.04 LTS users.
  • WARNING: Upgrading an OpenStack deployment is a non-trivial process and care should be taken to plan and test upgrade procedures which will be specific to each OpenStack deployment.
  • Make sure you read the OpenStack Charm Release Notes 1 for more information about how to deploy and operate Ubuntu OpenStack using Juju.
  • Platforms:
  • Cloud Images:
  • AWS EC2 AMIs use now chrony as a time sync service together with the AWS provided timeserver 14
  • query data EOL. Impish Indri is the last release to be contained in Cloud Images legacy querydata format. starting in 22.04, new Ubuntu versions will not be in query data. Scripts using query data should move to the currently supported file, streams 4. Streams is supported by simplestreams 2, which is installable from source, as a snap, or as a debian package.
  • md5 checksum deprecation for Streams. This is a notice of the deprecation of MD5 checksums from Ubuntu Cloud Images Streams starting in 22.04. All streams currently produce sha256 checksums. Users should migrate scripts doing checksum validation to using sha256.
  • MD5SUMS and SHA1SUMS file deprecation for images listed on https://cloud-images.ubuntu.com/ 3 . From 22.04 onwards, those files will no longer be generated. Please use the SHA256SUM files instead.
  • Raspberry Pi:
  • Sense HAT support added (bug 1944450 and bug 1944449); sudo apt install sense-hat to install the required configuration and libraries. The Sense HAT desktop emulator is also available via sudo apt install sense-emu-tools.
  • u-boot removed from the boot sequence for upgraders (bug 1936401 5); this also means that USB MSD boot is supported for both fresh installs and upgraders.
  • On server images, cloud-init now reliably operates over both ethernet and wifi (bug 1870346 2).
  • s390x:
  • Starting with Ubuntu 20.04, the minimal architectural level set was raised to z13; thus all IBM Z (and LinuxONE) hardware of generation z13 or newer, that were in service at that time, are supported. This also applies to all following Ubuntu releases (incl. 21.10), unless further notice. Support for additional future hardware might be added later on top.
  • IBM Z and LinuxONE / s390x-specific enhancements since 21.04 (partially not limited to s390x):
  • Like with every new Ubuntu release (respectively its kernel) the s390-tools package needs to be upgraded, this time to v2.17 (bug 1929024), including zdsfs transparent data set conversion, allowing Linux to transparently read and write EBCDIC-encoded data sets as ASCII (bug 1926749), the integration option for the zkey repository into an enterprise key-mangement system with a KMIP interface (bug 1932521 1) and changes in the Secure Execution Header defaults for plaintext control flags, PCF (bug 1932177).
  • In addition to moving to gcc 11.2 as default, further tool-chain updates where made, like updating to LLVM 13 (that derived s390x optimizations from 12 (bug 1926709) and z15 support in Valgrind (bug 1853271).
  • And more predictable interface names for RoCE adapter were introduced, which requires kernel (bug 1929185) as well as systemd changes (bug 1929184).
  • Several KVM enhancements specific to s390x were picked up, like performance improvements due to Spinlock Yield Forwarding (bug 1905021 1) and allowing KVM to let SIE interpret specification exceptions (bug 1932157), adding support to indicate secure (execution) guests (bug 1933173) and improved persistence in vfio-ccw device assignments in libvirt (bug 1887929).
  • Another area of improvements is cryptography. With the upgrade of opencryptoki to 3.16 (bug 1928767) cca token import and export of secure key objects is now supported (bug 1913301), ep11 token support for attribute bound keys (bug 1913303) and ep11 token protected key support (bug 1914215) got added.
  • And with the upgrade to libica v3.8.0 (bug 1928799) there are now software fallback calls to openSSL/libcrypto (bug 1929176). cryptsetup got upgraded too, to v2.3.6 (bug 1929046), as well as openssl-ibmca to v2.2.0 (bug 1929052), that now makes the ibmca engine call libica without software fall backs (only register ibmca functions if libica confirms it as hardware function) and let ibmca do the fallback (bug 1929175).
  • On the kernel level AP bus and zcrypt uevent extensions were added to the zcrypt driver (bug 1933496) and CEX8 toleration included (bug 1933805).
  • In addition preparation were included in the kernel (bug 1932174) and qemu (bug 1932175) for new IBM Z hardware.
  • The Query Capacity library (qclib) got bumped to it’s latest version 2.3.0 (bug 1926586), the upgraded glibc v2.34 library comes with several s390x related improvements (bug 1927079), similar with the binutils update to v2.37 (bug 1927080). On top zlib received CRC32 optimization for s390x (bug 1932010 1) and also PCRE2 got performance and JIT improvements for s390x (bug 1931857 1).
  • And upport for SMC statistics was introduced to the kernel (bug 1853290) and the smc-tools package updated to it’s latest v1.6.0, plus some fixes on top (bug 1853301)