Nikos Mavrogiannopoulos
on 23 November 2021
Cloud-optimized Linux kernels – what makes Ubuntu the top OS across the clouds
Ubuntu is the platform of choice for deploying and running workloads on public clouds. No other operating system gives you better performance and consistency of experience across public clouds, including Amazon, Azure, Google, IBM and Oracle. There is a reason behind this exceptional experience. By design, Ubuntu images in public clouds include an optimized Linux kernel for each cloud, giving you the best performance and functionality across all instance types and services. At the same time, Ubuntu integrates with cloud-native tooling, enabling you to manage your fleet from the cloud’s dashboards.
How do these cloud-specific kernel optimizations actually look in practice? Let’s do a deep dive on the optimizations Ubuntu enables on public clouds.
Ubuntu Pro vs. Ubuntu on the cloud
The cloud environment has very interesting properties, as it blurs the traditional notion of the security perimeter to a more complex security posture. Ubuntu has proven itself capable of running production workloads securely for many small and large organizations; however, organisations applying the zero-trust model need, among others, to comply with rigorous security profiles. Ubuntu Pro on public clouds brings enterprise lifecycle, kernel livepatching, CIS compliance automation tooling, FIPS 140 certified cryptography, and daily refreshed images that contain all the latest patches and security updates, enabling secure workflows and practices everywhere without an Ubuntu Advantage subscription.
Cloud-optimized Linux kernels
The generic Ubuntu kernels contain a huge number of hardware-specific drivers for every possible audio card, mouse, video display, and other peripherals that are not present in a cloud environment. Although these drivers are excellent to enable the kernel’s applicability in diverse environments, in a restricted environment such as the cloud, they add to the kernel footprint, taking up unnecessary memory, adding loading time, and increasing the kernel attack surface. Ubuntu cloud-optimized kernels remove any drivers that are not needed in the cloud, resulting in a smaller kernel footprint that boots faster and works efficiently on smaller instances, leaving more memory space for applications.
Furthermore, several clouds provide services or use hardware that either lacks drivers in the upstream Linux kernel, or they appear in a later version of the kernel. Ubuntu cloud-optimized Linux kernels are delivered with the latest version of these drivers backported, and bring drivers that enable unique features present on each cloud, such as the FPGAs and virtual ethernet devices (discussed in greater detail below).
Ubuntu cloud kernels are derived from the generic kernel of each corresponding release, and follow the same kernel lifecycle and certifications. In alphabetical order, let’s explore some more details regarding the optimisations and unique tweaks Ubuntu brings to better integrate with major public clouds.
Ubuntu on Amazon Web Services
The optimised Ubuntu for Amazon cloud comes with the linux-aws variant of Ubuntu’s kernel. Each kernel enables the Elastic Fabric Adapter, allowing high-performance applications to access the network adapter directly for low-latency, reliable transport functionality. Furthermore, linux-aws comes with the Nitro enclaves driver, providing data processing applications a secure enclave with CPU and memory isolation to prevent data leaks. Going beyond x86-64, the arm64 version of the linux-aws kernel brings several patches to take advantage of the unique features of AWS Graviton native CPUs.
Last but not least, Ubuntu on Amazon cloud integrates natively with AWS, enabling systems to be managed through AWS Systems Manager.
Ubuntu on Google Cloud Platform
The optimised Ubuntu for Google cloud comes with the linux-gcp flavor of our kernel. Each linux-gcp kernel enables accelerated networking with the Compute Engine Virtual Ethernet device and supports the Google latest Tau VM, enabling scale-out optimized workloads. These advantages contribute to Ubuntu being the default host images for Anthos Multi-cloud.
Ubuntu on Google cloud integrates natively with the Administrator console, enabling patch management. Ubuntu LTS images can upgrade in-place to Ubuntu Pro, avoiding the need to redeploy workloads to take advantage of Ubuntu Pro.
Ubuntu on Microsoft Azure
The optimized Ubuntu for Azure cloud comes with the linux-azure flavor of our kernel. Each linux-azure kernel enables accelerated networking for the InfiniBand capable instances, as well as consistent support for the Single Root I/O Virtualization (SR-IOV) on the present hardware, enabling network traffic to bypass the virtualisation stack and achieve almost native performance. It comes with FPGA support out of the box, taking advantage of project catapult to provide performance without the cost and complexity of a custom ASIC.
Ubuntu on Microsoft Azure cloud integrates with the Systems Manager, ensuring that system management tools work natively for instances on the platform. This includes everything from Azure Update Manager and Security Center, to Azure Policy, to using Azure AD to manage your SSH logins. A number of Microsoft products are built on Ubuntu, such as Azure Kubernetes Service, Databricks, and the new SQL Server on Ubuntu Pro, which includes end-to-end joint support. Furthermore Canonical is working with Microsoft to bring confidential VMs on the cloud on Ubuntu Advantage and Pro. You can find more information on the public preview of AMD-based Confidential VMs.
Ubuntu on Oracle Cloud
The optimized Ubuntu for the Oracle cloud comes with the linux-oracle flavor of our kernel. Each linux-oracle kernel enables fast networking and boot by taking advantage of the native hardware, while supporting the live migration of Ubuntu guests. Furthermore, the arm64 version of the linux-oracle kernel takes advantage of the unique features of Ampere native CPUs.
Although there is not yet Ubuntu Pro on the Oracle cloud, Canonical’s standard offerings apply and the Ubuntu LTS instances on Oracle cloud can be attached to Ubuntu Advantage subscriptions. That enables access to enterprise lifecycle, kernel livepatching, CIS compliance automation tooling, and FIPS 140 certified cryptography.
Summary
Public clouds are environments where organizations can run traditional server workloads with an improved ability to scale quickly. Many organizations want to preserve their cloud independence by running operating systems that are portable across different public clouds and on premise. On the flipside, they want to take advantage of the individual hardware present on the cloud, as well as optimizing the kernel image for faster boot times, network performance, and the exclusive features of each cloud.
The unique approach that Ubuntu takes in providing a familiar experience across all platforms, while still being heavily optimized for each, is one of the main reasons why Ubuntu is the number one operating system across the clouds.