Ubuntu 21.04 Shrinks Kubernetes Footprint for Raspberry Pis, GPUs

Although not a Long Term Support (LTS) release, Ubuntu 21.04, released Thursday, does have some important features to offer. And, for anyone who’s compared the server and the desktop versions of this release, a.k.a. Hirsute Hippo, might be surprised to find the server release is the more important of the two.

On the desktop, Ubuntu 21.04 does not include the latest GNOME release, as the developers felt they needed more time to adapt to the new changes found on the desktop. There’s also no GTK4 to be found. What you will find is:

• An improved installer.
• Wayland by default.
• Home directories are now set to private.
• Improved dark theme.
• Better active directory integration.
• Linux kernel 5.11.

And that’s the highlight reel. There are certainly no deal-makers or breakers. But when you turn to the server version of the operating system, things get a bit more exciting.

I had an email exchange with Tytus Kurek, a product manager at Canonical, on how Canonical’s latest release would affect cloud native and container development. Let’s dive in, directly into our Q&A.

In what ways will 21.04 help improve cloud native applications and development?

We released new rolling versions of the application images (announced in November 2020 as part of the “LTS Docker images” effort). Although these versions won’t benefit from long-term support, they make an excellent choice for developers to quickly build on top of production-grade application images based on top of Ubuntu.

The latest MicroK8s 1.21 release reduces Kubernetes memory footprint by 32,5%, allowing users to run MicroK8s on small devices such as the Raspberry Pi and the NVIDIA Jetson and still leave room for multiple container deployments. The latest release also provides seamless integration of MicroK8s with the latest NVIDIA GPU Operator on x86-based systems.

What new features in 21.04 are geared toward container deployments?

Ubuntu 21.04 ships with the latest releases of containerd and docker.io themselves having a lot of new features toward easing container development and deployments.

To find out what’s new in Docker 20.10, check out “What’s new in Docker 20.10,” by Dimitris Poulopoulos, or the official Docker release notes.

To find out what’s new in ContainerD 1.4, read “New features in containerd 1.4,” by Akihiro Suda, or the official ContainerD release notes.

How does 21.04 improve security on previous releases?

Ubuntu 21.04 is the first release to use one Grub across all supported releases; this enables us to address faster security vulnerabilities such as secure boot bypass. Ubuntu 21.04 ships with the latest fwupd release 1.5.8 which includes support for metadata required for the latest UEFI Secure Boot improvements.

Ubuntu also 21.04 introduces private home directories hardening the defaults on multi-user systems.

The Linux kernel 5.11 brings several improvements including checkpoint/restore, moving the state of the entire process to other systems, a RISC-V stack protector, and ARM64 memory tagging, hardware-based protection against memory corruption vulnerabilities.

Will the Hardware Enablement Stack be enabled by default and how will admins be able to make use of it?

At the moment it’s available as a PPA, but the plan is to integrate it further moving forward to 22.04.

For those that aren’t aware of the Hardware Enablement Stack, it’s a means to make Ubuntu run on the latest-release hardware. This is achieved by installing a rolling-release kernel, which includes support for more modern hardware. To achieve this Ubuntu packages the HWE kernel soon as it’s tested (via the proposed pocket and special Q/A methodologies) and released. This does carry with it some disadvantages (such as introducing bugs and issues, which might make this solution not viable for enterprise use cases).

The Hardware Enablement Stack work on cloud hosting providers, such as AWS, Google Cloud, and Azure.