Ubuntu 21.04(Hirsute Hippo) New features & Release date

Updated Packages

Linux kernel

Ubuntu 21.04 includes the 5.11 Linux kernel. This includes numerous updates and added support since the 5.8 Linux kernel released in Ubuntu 20.10. Some notable examples include:

Better anonymous memory management to reduce swapping
New cgroup slab controller which allows sharing of slab memory between cgroups
Proactive memory compaction to reduce latency for huge-page allocations under fragmented memory conditions
Support for running BPF programs on socket lookups
FSGSBASE support to improve context switch performance on x86 processors
Support for using Intel SGX to create encrypted enclaves
Support for running SEV-ES guests under KVM to protect guest register state from the hypervisor
Support for extended attributes in NFS
fsync() performance improvements for ext4 and btrfs
Btrfs performance and data recovery improvements
io_uring restriction support to facilitate secure sharing of rings to less-trusted processes
virtio-fs DAX support to improve performance and reduce memory consumption
Intel Rocketlake and DG1 graphics support
AMD Vangogh, Green Sardine, and Dimgrey Cavefish graphics support

Toolchain Upgrades

GCC was updated to the 10.3.0 release, binutils to 2.36.1, and glibc to 2.33. Python now ships at version 3.9.4, Perl at version 5.32.1. LLVM now defaults to version 12. golang defaults to version 1.16.x. rustc defaults to version 1.50.

In addition to OpenJDK 11, OpenJDK 16 is now provided (but not used for package builds).

Ruby was updated from v2.7.0 to v2.7.2, and rubygems has been extracted from ruby2.7 source and is provided as a separate package 1.

Probably mention Python and perl and PHP.

Security Improvements

Secureboot on x86_64 (amd64) and AArch64 (arm64) have been improved to include SBAT capable shim, grub2, fwupd. For more details see this discourse post 5.

nftables is now the default backend for the firewall.

Changes in Ubuntu Desktop 21.04

Added support for smartcard authentication (via pam_sss 25)
The wayland session is default on most configurations, which features better security and performances
The desktop view now properly handle drag and drop interactions with softwares
The power profile mode can now be changed from the settings (on configuration where there is proper kernel support)
Pipewire support is now enabled which restore working screen recording and allow better audio handling for sandboxed applications
The installer includes support for recovery key now
The AD integration has been improved, access with GPO enabled works out of the box after installation.

GNOME

While the new shell version hasn’t been included yet in Ubuntu the applications have been mostly updated to their GNOME 40 versions.

Updated Applications

Firefox version 87
LibreOffice version 7.1.2-rc2
Thunderbird version 78.8.1

Updated Subsystems

PulseAudio 14
BlueZ 5.56
NetworkManager 1.30

Changes in Ubuntu Server edition 21.04

Rails 6

This release brings you Rails 6! For users coming from Ubuntu 20.04, they can now enjoy the newer version of Rails, moving from v5.2.3 to v6.0.3.5. Some of the exciting features include the new Action Mailbox, Action Text, Parallel Testing, Action Cable Testing, support for Host Authorization, and so on.

For more details, check the upstream’s Rails 6 release notes 2. And if you need help to upgrade your Ruby on Rails application, please take a look at their upgrading Rails guide.

QEMU was updated to the 5.2 release.

One noteworthy new feature is the addition of a first version of virtio-mem which allows which allows fine-grained, NUMA-aware memory hot(un)plug for VMs, avoiding many limitations known from memory ballooning (virtio-balloon)
Furthermore RISC-V emulation made major steps adding various further CPU types.
See the upstream changelog for 5.1 and 5.2 for an overview of the many improvements.

Libvirt has been updated to version 7.0.

Since Libvirt 6.10 TLS based connections will do client TLS certificate validation by default for chardev, migration, and backup servers
Since 6.9.0 one can use transient disks and vdpa devices with the qemu hypervisor
Since 6.7.0 iSCSI passthrough devices can also configure an initiator
See the upstream Changelogs for the many improvements and fixes since version 6.6 that was in Groovy 1.

DPDK was updated to 20.11.1

Various new features and drivers can be found in the 20.11 release notes
Hirsute ships with 20.11.1 already being the first stable release of the 20.11 series.

Open vSwitch has been updated to 2.15

The ovsdb transaction format in the database files has been changed. New ovsdb-server process will be able to read old database format, but old processes will fail to read database created by the new one. For cluster and active-backup service models follow upgrade instructions in ‘Upgrading from version 2.14 and earlier to 2.15 and later’ section of ovsdb(7).
Further changes and improvements can be found in the changelog

Chrony has been updated to version 4.0

Chronyd’s configuration can now be fragmented. Please see
/etc/chrony/conf.d/README for more information.
NTP sources can be specified in /etc/chrony/sources.d. Please see
/etc/chrony/sources.d/README for more information.
The seccomp filtering was further improved and is now enabled by default
Better security with AES-CMAC keys (AES128, AES256) via Nettle and support for Network Time Security (NTS) authentication
More details what changed since the former version 3.5 can be found on the upstreams news page 1.

Strongswan has been updated to 5.9.1

AEAD algorithms are now preferred for ESP and therefore openvpn puts AES-GCM in a default AEAD proposal in front of the previous default proposal
Various fixes for the Networkmanager frontend and backend
These and more changes since the former 5.8.4 can be found in the upstream changelog

Openvpn has been updated to 2.5.1

Connection setup is now much faster
Improved TLS 1.3
Better Asynchronous (deferred) support for authentication, client-connect scripts and plugins
802.1q VLAN support on TAP servers
IPv6-only tunnels
These and many more changes since the 2.4.x series can be read in detail in the upstream changelog of the 2.5 series 1

Virt-manager has been updated to 3.2.0

Generally the UI flow has been streamlined (rare options got removed) but that isn’t dropping those features entirely – anything else that comes to mind can be addressed via the now stable builtin XML editor.
Details can be found on the news page of the upstream project 1.

Postgresql has been updated to v13.2

This update contains many new features and enhancements, including:
- Space savings and performance gains from de-duplication of B-tree index entries
- Improved performance for queries that use aggregates or partitioned tables
- Better query planning when using extended statistics
- Parallelized vacuuming of indexes
- Incremental sorting
These and a long list of further enhancements as well as bug fixes can be found in the release notes of v13.0, v13.1 and v13.2

Samba has been updated to 4.13.3

Samba’s original domain controller mode has been deprecated. Sites using Samba as a Domain Controller should upgrade from the NT4-like ‘classic’ Domain Controller to a Samba Active Directory Domain Controller to ensure full operation with modern Windows clients.
SMBv1-only protocol options have been deprecated. A number of smb.conf parameters for less-secure authentication methods which are only possible over SMBv1 are deprecated in this release.

SSSD has been updated to 2.40

Support for libnss has been dropped. SSSD now supports only openssl cryptography.

Net-SNMP has been updated to 5.9

Support for OpenSSL 1.1.1 has been added.

Rsyslog has been updated to 8.2102.0

A new module “imhttp” has been added, which allows rsyslog to receive log data via HTTP.

Containerd has been updated to 1.4.4

Support cgroups v2
Improved SELinux support
Deprecate io.containerd.runtime.v1.* and io.containerd.runc.v1

Runc has been updated to 1.0.0-rc93

Support cgroups v2
Special handling for seccomp profiles to avoid making new syscalls unusable for glibc
Various rootless containers improvements

Docker.io 3 has been updated to 20.10.2

Support cgroups v2
Deprecate aufs storage driver. For more deprecations take a look at Deprecated Engine Features 1

Targetcli-fb replaces tgt

Already in Ubuntu 20.10 targetcli-fb which controls the kernels LIO support was fully supported. That was the first step to replace the aging tgt. Now in 21.04 the last remaining ties to tgt were cut (and thereby tgt got demoted) making targetcli-fb the single recommended tool to provide iSCSI targets.
Compared to tgt It provides better performance for iSCSI targets, full SCSI 3 reservations (for clustering) and a multitude of further features missing from the narrower implementation of tgt.

Other noteworthy changes

needrestart 11 is installed by default on Ubuntu Server.
The nginx lua module has been removed as the latest upstream version of this module no longer works with Nginx directly. See bug 1893753 21 for details.

OpenStack

Ubuntu 21.04 includes the latest OpenStack release, Wallaby, including the following components:

OpenStack Identity – Keystone
OpenStack Imaging – Glance
OpenStack Block Storage – Cinder
OpenStack Compute – Nova
OpenStack Networking – Neutron
OpenStack Telemetry – Ceilometer, Aodh, Gnocchi, and Panko
OpenStack Orchestration – Heat
OpenStack Dashboard – Horizon
OpenStack Object Storage – Swift
OpenStack DNS – Designate
OpenStack Bare-metal – Ironic
OpenStack Filesystem – Manila
OpenStack Key Manager – Barbican
OpenStack Load Balancer – Octavia
OpenStack Instance HA – Masakari

Please refer to the OpenStack Wallaby release notes 1 for full details of this release of OpenStack.

OpenStack Wallaby is also provided via the Ubuntu Cloud Archive for OpenStack Wallaby for Ubuntu 20.04 LTS users.

WARNING: Upgrading an OpenStack deployment is a non-trivial process and care should be taken to plan and test upgrade procedures which will be specific to each OpenStack deployment.

Make sure you read the OpenStack Charm Release Notes for more information about how to deploy and operate Ubuntu OpenStack using Juju.