Ubuntu Server: Lean, mean, cloud-making machine
- — 02 June, 2009 08:12
Wikis are offered through the moin moin (mine mine) application, which is also Python (and Apache2)-based. Ubuntu Server also ships with OpenLDAP as a directory services source, as well as Windows-connecting SAMBA 3.3. There's also connectivity via the OpenChange library to Microsoft's Exchange Server (for versions prior to Exchange 2007), although we didn't test this.
We found some of the installation options interesting. The administrator home directory can be optionally encrypted. More interesting was the fact that the commands in the traditional /etc directory can be subject to versioning control, which ensures that contents placed there (usually utility commands and configuration files) can be rolled back, or examined for tampering.
The /etc directory uses the etckeeper package that connects to the Advanced Package Tool (apt), the Debian Linux command that manages packages, as in application dependencies and component relationships. Etckeeper automatically notes changes when a new package is installed or updated. You can also commit changes if you edit a file manually in /etc.
Ubuntu Server is no slouch, compared with other Linux server editions that use the same kernel (2.6.28). Using Java 1.6, the SPECjbb2005 result for Ubuntu 9.04 server (averaged more than three runs) was 42,288.67 bops compared with 42,581.5 bops for SLES 11 in our recent review. The SPECjbb2005 test largely tracks business transactions and exercises CPU and memory rather than disk and network I/O.
What we didn't like
Out of habit, we use strong passwords, but Ubuntu doesn't by default enforce them. We found it ironic that we could encrypt user 'home' directories, but their passwords could be junk.
Ubuntu Server does support the trend of not allowing a superuser/root to be run by default -- meaning that root user tasks must be run by the sudo ('superuser do') root privilege command or a shell launched from it.
Ubuntu Server also features ufw, (the uncomplicated firewall) which can be controlled by the debianconf tool (not included but easily downloaded), and an OEM configuration can be 'pre-seeded' with allowed and rejected ports if desired. However, more complicated rules (example: acceptance from specific IP ranges or host table sourcing for access rules) don't work until after installation. The upside is that ufw can use Linux iptables for its iptables reject (turn network traffic off to start), but this isn't the default.
Additional authentication methods are available, but Ubuntu doesn't really give much information about how to enable them; it's up to the skills of the installer to make biometric, or proxy authentication methods work. If you want a certificate authority and something like AES encryption with temporal keys, you have to install it yourself, unlike Ubuntu's larger cousins.
Back to the future
Ubuntu Server reminds us of the Xenix, UnixWare, and even early SunOS and Solaris version that were targeted toward VARs and vertical market 'solutions' platforms. There are a lot of choices that arrive in the Ubuntu distribution, and it's based on Debian, which is known to be less experimental than other Linux distributions.
It's fast, utilitarian, and among the first Linux distros to link to clouds and clusters using standard components. Ubuntu Server's not so much lightweight, as just a little loose and fast in places.
Henderson and Allen are researchers for ExtremeLabs. They can be reached at firstname.lastname@example.org.