Office Hours: Every Tuesday at 1600 UTC - #ubuntu-server
The Ubuntu Cloud Archive
Canonical’s Ubuntu Cloud archive allows users the ability to install newer releases of OpenStack on Ubuntu Server 12.04 LTS (and the dependencies) as they become available up through the next Ubuntu LTS release (presumably 14.04). Bug processing and patch contributions will follow standard Ubuntu practice and policy where applicable. Canonical commits to maintaining and supporting new OpenStack releases for Ubuntu Server 12.04 LTS in the Ubuntu Cloud archive for at least 12 months after they release. Canonical will stop introducing new releases of OpenStack for Ubuntu Server 12.04 LTS into the Ubuntu Cloud archive with the version shipped in the next Ubuntu Server LTS release (presumably 14.04). They will maintain and support this last updated release of OpenStack in the Ubuntu Cloud archive for 3 years, i.e. until the end of the Ubuntu 12.04 LTS lifecycle.
In order to allow for relatively easy upgrades, and still adhere to Ubuntu processes and policy, Canonical elected to have archive.canonical.com be the home of the Ubuntu Cloud archive. They will enable update paths for each OpenStack release.
e.g. Enabling “precise-folsom” in the archive will provide access to all OpenStack Folsom packages built for Ubuntu Server 12.04 LTS (binary and source), any updated dependencies required, and bug/security fixes made after release.
As of now, Canonical has no plans to build or host OpenStack packages for non-LTS releases of Ubuntu Server in the Ubuntu Cloud archive. The chart below explains the options.
How to Enable and Use
You'll first need to add the cloud archive gpg key into your ubuntu-keyring by running the following command:
sudo apt-get install ubuntu-cloud-keyring
Next, to get access to the Ubuntu Cloud archive, please add the following entries to your /etc/apt/sources.list:
# The primary updates archive that users should be using deb http://ubuntu-cloud.archive.canonical.com/ubuntu precise-updates/folsom main # Public -proposed archive mimicking the SRU process for extended testing. # Packages should bake here for at least 7 days. #deb http://ubuntu-cloud.archive.canonical.com/ubuntu precise-proposed/folsom main
# The primary updates archive that users should be using deb http://ubuntu-cloud.archive.canonical.com/ubuntu precise-updates/grizzly main # Public -proposed archive mimicking the SRU process for extended testing. # Packages should bake here for at least 7 days. #deb http://ubuntu-cloud.archive.canonical.com/ubuntu precise-proposed/grizzly main
# The primary updates archive that users should be using deb http://ubuntu-cloud.archive.canonical.com/ubuntu precise-updates/havana main # Public -proposed archive mimicking the SRU process for extended testing. # Packages should bake here for at least 7 days. #deb http://ubuntu-cloud.archive.canonical.com/ubuntu precise-proposed/havana main
sudo apt-get update
to update your package listings and then proceed to install/upgrade your openstack packages.
To report bugs against packages from the Ubuntu Cloud Archive, please use the 'ubuntu-bug' tool, for example:
This will ensure that bugs are raised against the cloud-archive project on Launchpad.
Q & A
Why Not Use Stable Release Updates?
Ubuntu's release policy states that once an Ubuntu release has been published, updates must follow a special procedure called a stable release update, or SRU, and are delivered via the -updates archive. These updates are restricted to a specific set of characteristics:
- severe regression bugs
- security vulnerabilities (via the -security archive)
- bugs causing loss of user data
- "safe" application layer bugs
- hardware enablement
- partner archive updates
Exceptions to the SRU policy are possible. However, for this to occur the Ubuntu Technical Board must approve the exception, which must meet their guidelines:
- Updates to new upstream versions of packages must be forced or substantially impelled by changes in the external environment, i.e. changes must be outside anything that could reasonably be encapsulated in a stable release of Ubuntu. Changes internal to the operating system we ship (i.e. the Ubuntu archive), or simple bugs or new features, would not normally qualify.
- A new upstream version must be the best way to solve the problem. For example, if a new upstream version includes a small protocol compatibility fix and a large set of user interface changes, then, without any judgement required as to the benefits of the user interface changes, we will normally prefer to backport the protocol compatibility fix to the version currently in Ubuntu.
- The upstream developers must be willing to work with Ubuntu. A responsive upstream who understands Ubuntu's requirements and is willing to work within them can make things very much easier for us.
- The upstream code must be well-tested (in terms of unit and system tests). It must also be straightforward to run those tests on the actual packages proposed for deployment to Ubuntu users.
- Where possible, the package must have minimal interaction with other packages in Ubuntu. Ensuring that there are no regressions in a library package that requires changes in several of its reverse-dependencies, for example, is significantly harder than ensuring that there are no regressions in a package with a straightforward standalone interface that can simply be tested in isolation. We would not normally accept the former, but might consider the latter.
Once approved by the Tech Board, the exception must have a documented update policy, e.g. http://wiki.ubuntu.com/LandscapeUpdates. Based on these guidelines and the core functionality OpenStack serves in Ubuntu Cloud, the Ubuntu Server team did not feel it was in the best interest of their users, nor Ubuntu in general, to pursue an SRU exception.
What about using Ubuntu Backports?
The Ubuntu Backports process (excludes kernel) provides us a mechanism for releasing package updates for stable releases that provide new features or functionality. Changes were recently made to apt in Ubuntu 11.10, whereby it now only installs packages from Backports when they are explicitly requested. Prior to 11.10, apt would install everything from Backports once it was enabled, which led to packages being unintentionally upgraded to newer versions. The primary drawbacks with using the Backports archive is that the Ubuntu Security team does not provide updates for the archive, it’s a bit of a hassle to enable per package updates, and Canonical doesn’t traditionally offer support services for the packages hosted there. Furthermore, with each new release of OpenStack, there are other applications that OpenStack depends on that also must be at certain levels. By having more than one version of OpenStack in the same Backports archive, we run a huge risk of having backward compatibility issues with these dependencies.
How Will You Ensure Stability and Quality?
In order for us to ensure users have a safe and reliable upgrade path, we will establish a QA policy where all new versions and updated dependencies are required to pass a specific set of regression tests with a 100% success rate. In addition:
- Unit testing must cover a minimum set of functionality and APIs
- System test scenarios must be executed for 24, 48 and 72 hours uninterrupted.
Package testing must cover: initial installation, upgrades from the previous OpenStack release, and upgrades from the previous LTS and non-LTS Ubuntu release.
- All test failures must be documented as bugs in Launchpad, with regressions marked Fix Released before the packages are allowed to exit QA.
- Test results are posted publicly and announced via a mailing list specifically created for this effort only.
- Only upon successfully exiting QA will packages be pushed into the Ubuntu Cloud archive.
What Happens With OpenStack Support and Maintenance in 14.04?
Good question. The cycle could repeat itself, however at this point Canonical is not making such a commitment. If the rate of innovation and growth of the OpenStack project matures to a point where users become less likely to need the next release for its improved stability and/or quality, and instead just want it for a new feature, then we would likely return to our traditional LTS maintenance and support model.