Image: Canonical

Canonical rolled out Ubuntu 21.10 Thursday, touting it as “the most productive environment for cloud-native developers and AI/ML innovators across the desktop, devices and cloud.”

SEE: 5 Linux server distributions you should be using (TechRepublic Premium)

Ubuntu 21.10 adds GCC 11, PHP 8, Gnome 40, WSLg, and a range of Ubuntu Docker container images, according to Rob Gibbon, product manager at Canonical. Additionally, “there’s Apache Cassandra, packaged both as a Docker container image and as a snap, giving DataOps teams a new option for building and running data-intensive Cassandra clusters.”

Another feature is the new GCC 11, which Canonical called the de facto C/C++ compiler. Improved static code analysis capabilities have been added to automatically detect vulnerabilities and help developers gain better code security insights earlier in the development cycle, the company said.

Security updates

Ubuntu 21.10 also comes with a raft of security features, Gibbon said. “Kernel 5.13 brings significant security improvements to the Ubuntu platform, including Kernel Electric Fence (KFENCE), a lightweight runtime memory error detector designed for use on production systems,” he said.

It also comes with Landlock—a mandatory access control system designed for easy administration, and kernel stack offset randomization across system calls, which aims to protect against certain forms of privilege escalation exploit with minimal overhead, Gibbons said.

“Additionally, 21.10 ships with unprivileged Berkely Packet Filter (BPF) access disabled by default, although administrators can still enable this feature if required,” he said.

Image: Canonical

Designed for Ubuntu developers wherever they are

Ubuntu 21.10 brings the PHP 8 and GCC 11 including full support for static analysis, Canonical said. This aims to improve security awareness in low-level programming.

With Gnome 40 desktop users gain dynamic workspaces and touchpad gestures. Mozilla’s new Firefox snap is designed to improve security and guarantees access to both the latest and the extended support release versions of the browser, Canonical said. The exact same versions of the browser are available on multiple different versions of Ubuntu, which aims to simplify enterprise developer platform management, the company said.

SEE: Ubuntu 21.10 is upon us, and it’s small changes for major improvements (TechRepublic)

Over the last year, the number of snaps published in the store has grown by 25%, and the snap store now serves over 10 million systems daily.

Windows developers are being offered out-of-the-box support for graphical applications on Windows Subsystem for Linux, so Ubuntu desktop applications don’t require modification.

Cloud native from the edge to the mainframe

Modern development practices increasingly depend on containerized images but assuring image provenance of open source software can be challenging, Canonical noted. Application developers want consistent, trustworthy container images from a reliable source, the company said. So Canonical said it has made the Ubuntu 21.10 OCI image available on Docker Hub and Amazon ECR Public Registry.

Alongside the Ubuntu base image, Canonical maintains a curated set of application images. LTS Docker Images provide commitments for compliance and security updates, which are backed by Canonical for the full lifetime of Ubuntu, at least 10 years, the company said.

Further, the latest LTS Docker Images from Canonical include Grafana, Prometheus and NGINX. Apache Cassandra v4 is a new addition, with real-time scraping, alerts and improved Prometheus integration, according to Canonical. Also joining the portfolio of LTS Docker Images are Squid, a caching proxy, and Bind9, a full-featured DNS system, the company said.

MicroK8s installs Kubernetes with a single command and forms a Kubernetes edge cluster in just two commands. MicroK8s now comes with the latest CNCF-certified Kubernetes 1.22 in the stable channel. MicroK8s support for IBM Z is designed to give users cloud-native devops with the stability and security of the mainframe, Canonical said.

There is also a focus on artificial intelligence and machine learning workloads. With Ubuntu 21.10, Canonical offers Apache Cassandra packaged as a snap, enabling DataOps teams to set up a Cassandra cluster, according to the company.

Run-time memory error detection

With kernel 5.13, Ubuntu 21.10 adds support for Kernel Electric Fence, a new run-time memory error detector designed for production environments. KFENCE is designed to keep the overhead low while detecting the most common memory errors.

“Enabled by default, Ubuntu 21.10 will randomize the memory location of the kernel stack at each system-call entry on both the amd64 and arm64 architectures with a minimum impact on performance,” Canonical said.

Ubuntu 21.10 Impish Indri is the final interim release before the next Ubuntu Long Term Support due for release in April 2022. Ubuntu 21.10 will be supported at least until 2032, the company said.

“As open source becomes the new default, we aim to bring Ubuntu to all the corners of the enterprise and all the places developers want to innovate,” said Mark Shuttleworth, founder and CEO of Canonical, in a statement. “From the biggest public clouds to the tiniest devices, from DGX servers to Windows WSL workstations, open source is the springboard for new ideas and Ubuntu makes that springboard safe, secure and consistent.”