Canonical Voices

Posts tagged with 'planet ubuntu'

Stéphane Graber

One of our top goals for LXC upstream work during the Ubuntu 12.10 development cycle was reworking the LXC library and turn it from a private library mostly used by the other lxc-* commands into something that’s easy for developers to work with and is accessible from other languages with some bindings.

Although the current implementation isn’t complete enough to consider the API stable and some changes will still happen to it over the months to come, we have pushed the initial implementation to the LXC staging branch on github and put it into the lxc package of Ubuntu 12.10.

The initial version comes with a python3 binding packaged as python3-lxc, that’s what I’ll use now to give you an idea of what’s possible with the API. Note that as we don’t have full user namespaces support at the moment, any code using the LXC API needs to run as root.

First, let’s start with the basics, creating a container, starting it, getting its IP and stopping it:

#!/usr/bin/python3
import lxc
container = lxc.Container("my_container")
container.create("ubuntu", {"release": "precise", "architecture": "amd64"})
container.start()
print(container.get_ips(timeout=10))
container.shutdown(timeout=10)
container.destroy()

So, pretty simple.
It’s also possible to modify the container’s configuration using the .get_config_item(key) and .set_config_item(key, value) functions. For those keys supporting multiple values, a list will be returned and a list will be accepted as a value by .set_config_item.

Network configuration can be accessed through the .network property which is essentially a list of all network interfaces of the container, properties can be changed that way or through .set_config_item and saved to the config file with .save_config().

The API isn’t terribly well documented at this point, help messages are present for all functions but there’s no generated html help yet.

To get a better idea of the functions exported by the API, you may want to look at the API test script. This script uses all the functions and properties exported by the python module so it should be a reasonable reference.

Read more
Stéphane Graber

A few months ago, I received two test SIM cards for Orange Poland’s new IPv6 network.

The interesting thing about this network is that it’s running IPv6 in a fairly unusual configuration and it was interesting to see how to get that work on Ubuntu.

This network uses two separate APNs, one for IPv4 (internet) and one for IPv6 (internetipv6).
Using two separate APNs is certainly easier on the carrier’s infrastructure side as they can get IPv6 online without actually changing anything on the IPv4 equipement, however that means that any client wanting to use both protocols at once needs to use multiple PDP contexts.

I’m now going to detail how to manually configure ppp to connect to such a network:
/etc/ppp/peers/orange

noauth
connect "/usr/sbin/chat -e -f /etc/ppp/peers/orange-connect"
/dev/ttyACM0
460800
+ipv6

/etc/ppp/peers/orange-connect

TIMEOUT 5
ABORT BUSY
ABORT 'NO CARRIER'
ABORT VOICE
ABORT 'NO DIALTONE'
ABORT 'NO ANSWER'
ABORT DELAYED
ABORT ERROR
'' \nAT
TIMEOUT 12
OK ATH
OK ATE1
OK 'AT+CGDCONT=1,"IP","internet"'
OK 'AT+CGDCONT=2,"IPV6","internetipv6"'
OK ATD*99#
CONNECT ""

Then all that’s needed is a good old:

pon orange

And a few seconds later, I’m getting the following on ppp0:

ppp0      Link encap:Point-to-Point Protocol  
          inet addr:87.96.119.169  P-t-P:10.6.6.6  Mask:255.255.255.255
          inet6 addr: 2a00:f40:2100:ac9:8c1e:da60:93e2:c234/64 Scope:Global
          inet6 addr: 2a00:f40:2100:ac9::1/64 Scope:Global
          inet6 addr: fe80::1/10 Scope:Link
          UP POINTOPOINT RUNNING NOARP MULTICAST  MTU:1500  Metric:1
          RX packets:13 errors:0 dropped:0 overruns:0 frame:0
          TX packets:23 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:3 
          RX bytes:354 (354.0 B)  TX bytes:767 (767.0 B

This config should work for any mobile network using a similar setup (likely to become more and more popular as the various RIRs are running out of IPv4).

Sadly ModemManager/NetworkManager don’t support mutliple PDP contexts yet, though it’s being discussed upstream, so we can hope to see something land soon.

Apparently multiple PDP contexts support is also dependant on hardware. In my case, I’ve been using an “old” Nokia E51 over USB as I didn’t have any luck getting that to work with an Android phone. My Nokia N900 also worked but required a custom kernel to be installed first to properly handle IPv6.

Read more
Stéphane Graber

With the DNS changes in Ubuntu 12.04, most development machines running with libvirt and lxc end up running quite a few DNS servers.

These DNS servers work fine when queried from a system on their network, but aren’t integrated with the main dnsmasq instance and so won’t let you resolve your VM and containers from outside of their respective networks.

One way to solve that is to install yet another DNS resolver and use it to redirect between the various dnsmasq instances. That can quickly become tricky to setup and doesn’t integrate too well with resolvconf and NetworkManager.

Seeing a lot of people wondering how to solve that problem, I took a few minutes yesterday to come up with an ssh configuration that’d allow one to access their containers and VM using their name.

The result is the following, to add to your ~/.ssh/config file:

Host *.lxc
  StrictHostKeyChecking no
  UserKnownHostsFile /dev/null
  ProxyCommand nc $(host $(echo %h | sed "s/\.lxc//g") 10.0.3.1 | tail -1 | awk '{print $NF}') %p

Host *.libvirt
  StrictHostKeyChecking no
  UserKnownHostsFile /dev/null
  ProxyCommand nc $(host $(echo %h | sed "s/\.libvirt//g") 192.168.122.1 | tail -1 | awk '{print $NF}') %p

After that, things like:

  • ssh user@myvm.libvirtu
  • ssh ubuntu@mycontainer.lxc

Will just work.

For LXC, you may also want to add a “User ubuntu” line to that config as it’s the default user for LXC containers on Ubuntu.
If you configured your bridges with a non-default subnet, you’ll also need to update the IPs or add more sections to the config.

These also turn off StrictHostKeyChecking and UserKnownHostsFile as my VMs and containers are local to my machine (reducing risk of MITM attacks) and tend to exist only for a few hours, to then be replaced by a completely different one with a different SSH host key. Depending on your setup, you may want to remove these lines.

Read more
~apw

The Internet has been alive with doom saying since the IPv4 global address pool was parcelled out.  Now I do not subscribe to the view that the Internet is going to end imminently, but I do feel that if the technical people out there do not start playing with IPv6 soon then what hope is there for the masses?

In the UK getting native IPv6 is not a trivial task, only one ISP I can find seems to offer it and of course it is not the one I am with.  So what options do I have?  Well there are a number of different types of IPv4 tunnelling techniques such as 6to4 but these seem to require the ability to handle the transition on your NAT router, not an option here.  The other is a proper 6in4 tunnel to a tunnel broker but this needs an end-point.

As I have a local server that makes a sensible anchor for such a tunnel.  Talking round with those in the know I settled on getting a tunnel from Hurricane Electric (HE), a company which gives out tunnels to individuals for free and seems to have local presence for their tunnel hosts.  HE even supply you with tools to cope with your endpoint having a dynamic address, handy.  So with an HE tunnel configuration in hand I set about making my backup server into my IPv6 gateway.

First I had to ensure that protocol 41 (the tunnelling protocol) was being forwarded to the appropriate host.  This is a little tricky as this required me to talk to the configurator for my wireless router.  With that passed on to my server I was able to start configuring the tunnel.

Following the instructions on my HE tunnel broker page, a simple cut-n-paste into /etc/network/interfaces added the new tunnel network device, a quick ifup and my server started using IPv6.  Interestingly my apt-cacher-ng immediately switched backhaul of its incoming IPv4 requests to IPv6 no configuration needed.

Enabling IPv6 for the rest of the network was surprisingly easy.  I had to install and configure radv with my assigned prefix.  It also passed out information on the HE DNS servers, prioritising IPv6 in DNS lookup results.  No changes were required for any of the client systems; well other than enabling firewalls.  Win.

Overall IPv6 is still not simple as it is hard to obtain native IPv6 support, but if you can get it onto your network the client side is working very well indeed.

Read more
Stéphane Graber

Quite a few people have been asking for a status update of LXC in Ubuntu as of Ubuntu 12.04 LTS. This post is meant as an overview of the work we did over the past 6 months and pointers to more detailed blog posts for some of the new features.

What’s LXC?

LXC is a userspace tool controlling the kernel namespaces and cgroup features to create system or application containers.

To give you an idea:

  • Feels like somewhere between a chroot and a VM
  • Can run a full distro using the “host” kernel
  • Processes running in a container are visible from the outside
  • Doesn’t require any specific hardware, works on all supported architectures

A libvirt driver for LXC exists (libvirt-lxc), however it doesn’t use the “lxc” userspace tool even though it uses the same kernel features.

Making LXC easier

One of the main focus for 12.04 LTS was to make LXC dead easy to use, to achieve this, we’ve been working on a few different fronts fixing known bugs and improving LXC’s default configuration.

Creating a basic container and starting it on Ubuntu 12.04 LTS is now down to:

sudo apt-get install lxc
sudo lxc-create -t ubuntu -n my-container
sudo lxc-start -n my-container

This will default to using the same version and architecture as your machine, additional option are obviously available (–help will list them). Login/Password are ubuntu/ubuntu.

Another thing we worked on to make LXC easier to work with is reducing the number of hacks required to turn a regular system into a container down to zero.
Starting with 12.04, we don’t do any modification to a standard Ubuntu system to get it running in a container.
It’s now even possible to take a raw VM image and have it boot in a container!

The ubuntu-cloud template also lets you get one of our EC2/cloud images and have it start as a container instead of a cloud instance:

sudo apt-get install lxc cloud-utils
sudo lxc-create -t ubuntu-cloud -n my-cloud-container
sudo lxc-start -n my-cloud-container

And finally, if you want to test the new cool stuff, you can also use juju with LXC:

[ ! -f ~/.ssh/id_rsa.pub ] && ssh-keygen -t rsa
sudo apt-get install juju apt-cacher-ng zookeeper lxc libvirt-bin --no-install-recommends
sudo adduser $USER libvirtd
juju bootstrap
sed -i "s/ec2/local/" ~/.juju/environments.yaml
echo " data-dir: /tmp/juju" >> ~/.juju/environments.yaml
juju bootstrap
juju deploy mysql
juju deploy wordpress
juju add-relation wordpress mysql
juju expose wordpress

# To tail the logs
juju debug-log

# To get the IPs and status
juju status

Making LXC safer

Another main focus for LXC in Ubuntu 12.04 was to make it safe. John Johansen did an amazing work of extending apparmor to let us implement per-container apparmor profiles and prevent most known dangerous behaviours from happening in a container.

NOTE: Until we have user namespaces implemented in the kernel and used by the LXC we will NOT say that LXC is root safe, however the default apparmor profile as shipped in Ubuntu 12.04 LTS is blocking any armful action that we are aware of.

This mostly means that write access to /proc and /sys are heavily restricted, mounting filesystems is also restricted, only allowing known-safe filesystems to be mounted by default. Capabilities are also restricted in the default LXC profile to prevent a container from loading kernel modules or control apparmor.

More details on this are available here:

Other cool new stuff

Emulated architecture containers

It’s now possible to use qemu-user-static with LXC to run containers of non-native architectures, for example:

sudo apt-get install lxc qemu-user-static
sudo lxc-create -n my-armhf-container -t ubuntu -- -a armhf
sudo lxc-start -n my-armhf-container

Ephemeral containers

Quite a bit of work also went into lxc-start-ephemeral, the tool letting you start a copy of an existing container using an overlay filesystem, discarding any change you make on shutdown:

sudo apt-get install lxc
sudo lxc-create -n my-container -t ubuntu
sudo lxc-start-ephemeral -o my-container

Container nesting

You can now start a container inside a container!
For that to work, you first need to create a new apparmor profile as the default one doesn’t allow this for security reason.
I already did that for you, so the few commands below will download it and install it in /etc/apparmor.d/lxc/lxc-with-nesting. This profile (or something close to it) will ship in Ubuntu 12.10 as an example of alternate apparmor profile for container.

sudo apt-get install lxc
sudo lxc-create -t ubuntu -n my-host-container -t ubuntu
sudo wget https://www.stgraber.org/download/lxc-with-nesting -O /etc/apparmor.d/lxc/lxc-with-nesting
sudo /etc/init.d/apparmor reload
sudo sed -i "s/#lxc.aa_profile = unconfined/lxc.aa_profile = lxc-container-with-nesting/" /var/lib/lxc/my-host-container/config
sudo lxc-start -n my-host-container
(in my-host-container) sudo apt-get install lxc
(in my-host-container) sudo stop lxc
(in my-host-container) sudo sed -i "s/10.0.3/10.0.4/g" /etc/default/lxc
(in my-host-container) sudo start lxc
(in my-host-container) sudo lxc-create -n my-sub-container -t ubuntu
(in my-host-container) sudo lxc-start -n my-sub-container

Documentation

Outside of the existing manpages and blog posts I mentioned throughout this post, Serge Hallyn did a very good job at creating a whole section dedicated to LXC in the Ubuntu Server Guide.
You can read it here: https://help.ubuntu.com/12.04/serverguide/lxc.html

Next steps

Next week we have the Ubuntu Developer Summit in Oakland, CA. There we’ll be working on the plans for LXC in Ubuntu 12.10. We currently have two sessions scheduled:

If you want to make sure the changes you want will be in Ubuntu 12.10, please make sure to join these two sessions. It’s possible to participate remotely to the Ubuntu Developer Summit, through IRC and audio streaming.

My personal hope for LXC in Ubuntu 12.10 is to have a clean liblxc library that can be used to create bindings and be used in languages like python. Working towards that goal should make it easier to do automated testing of LXC and cleanup our current tools.

I hope this post made you want to try LXC or for existing users, made you discover some of the new features that appeared in Ubuntu 12.04. We’re actively working on improving LXC both upstream and in Ubuntu, so do not hesitate to report bugs (preferably with “ubuntu-bug lxc”).

Read more
Chris Johnston

Over the past few months a lot of work has been done to the Summit Scheduler. This all culminated this past week when I sent in an RT to update the production instance of Summit. This included somewhere in the neighborhood of 8,000 lines of code change between Summit and the two themes that are run.

There are two major changes to Summit from the changes this past week. The first is that Summit has been rethemed to meet the new design guidelines for Ubuntu. This work was completed with major assistance by Alexander Fougner, Stephen Williams, and Brandon Holtsclaw who each put in numerous hours to make this happen.

The other major change, which affects the way that you will work with Summit is that you now have the ability to propose meetings in Summit removing the requirement that you create a blueprint. Also, as long as you’re using the new propose meeting feature in Summit, you no longer have to have a special name for your meeting, this is now done automatically. I also created a video which will walk you through the process of proposing a meeting in Summit.

As always, please file bugs if you find any issues!

Read more
Chris Johnston

The Summit Hackers have been hard at work again creating new features to make Summit easier to use. However, we need your help testing these features before the public release. This is where you, the user, come in! I have created a Test Summit on my server and created a test sprint in Launchpad and here is where I need your help with testing:

First, visit the test sprint in Launchpad, next mark yourself as attending. Please note, it could take up to 20 minutes before you are able to use summit after marking yourself as attending. You can either attend physically or remotely, it doesn’t matter. While you are there, take the time to create a couple of test meetings. Please be sure when you create these test meetings to follow the naming guidelines below.

Hey Chris, what are the new features? I am so glad you asked! The new features are:

For Attendees:

Summit now supports the ability for attendees to propose meetings right inside of Summit! On certain pages in Summit, you will now see an “Actions” area. Depending on what part of the cycle we are in, you may see different links. During the sponsorship application process, you will see links to apply for sponsorship. If you have the ability to review sponsorship applications, this is where you will find that link during that time period. During the scheduling phase of the cycle, you will be able to “Propose a Meeting.” What this means is that you will create a meeting in Summit, which will then go into a holding pattern waiting for a Track Lead or Summit Organizer to approve or deny your meeting. You may be familiar with this behavior, as it isThis is a very similar behavior as it has been with what you may have seen with Launchpad.

For Track Leads, Schedulers, and Organizers:

If you are listed as a Track Lead, Scheduler, or Organizer in Summit, you will have the ability to “Create a Meeting” and “Review Proposed Meetings.” When creating a meeting, you have the ability to mark a meeting as Private. If a meeting is marked as private, you will have to get it scheduled through a scheduler (Michelle and Marianna for UDS, Arwen for Linaro Connect), it will not be automatically scheduled. Non-private meetings that are created by a Track Lead, Scheduler, or Organizer will be automatically scheduled when slots are available.

The other option that this group has is reviewing proposed meetings. There are three different options for the status, Approved, Pending, and Declined, which you get to by clicking the current status. Pending and Declined meetings show up on this page, while Approved meetings are auto-scheduled and no not show up here.

Known Issues:
* All tracks are shown in the track choice list, not just the ones for the current summit
* Edit meeting links don’t work
* Issues with the form theme

Creating Meetings through Launchpad

The good news is–the old way still works! You will still able to create meetings through Launchpad Blueprints just like before. There are a few things you will need to be aware of as you create meetings this way, these are as follows:

Tracks:

I have created a couple of tracks for this Test Summit. They are as follows:

Name                         Slug
Community        community
Linaro                     linaro
QA                               qa
Ubuntu                  ubuntu

Blueprint naming standards

When creating a blueprint in Launchpad, please follow the required naming standards whereis a custom name that you create for your meeting:

For the Community track:

community-

For the Linaro track:

linaro-

For the QA track:

qa-

For the Ubuntu track:

ubuntu-

Managers, Organizers, Track Leads, oh my!

If you are a member of ~summit-users on Launchpad, please take the time to approve/deny blueprints in launchpad.. I would like to have a couple denied, just to make sure everything still works properly. The same thing with the new meeting review feature in Summit. Please do not approve all meetings! Some of them need to be declined to ensure that everything is working properly!

IT’S VERY IMPORTANT that people who are in the role of Track Lead, Scheduler, or Organizer for UDS and Linaro Connect test things and give your feedback, please don’t wait until the week before your event to test this, please be considerate to those volunteers who are working to make this better for everyone. If you feel that you should have this access but don’t, please contact me and I will get you setup.

If you run into any problems, please file a bug and talk to me on IRC!

I look forward to your feedback and continuing to make summit the best possible scheduler it can be, and to do so requires your help. Thank in advance.

Read more
Stéphane Graber

One thing that we’ve been working on for LXC in 12.04 is getting rid of any remaining LXC specific hack in our templates. This means that you can now run a perfectly clean Ubuntu system in a container without any change.

To better illustrate that, here’s a guide on how to boot a standard Ubuntu VM in a container.

First, you’ll need an Ubuntu VM image in raw disk format. The next few steps also assume a default partitioning where the first primary partition is the root device. Make sure you have the lxc package installed and up to date and lxcbr0 enabled (the default with recent LXC).

Then run kpartx -a vm.img this will create loop devices in /dev/mapper for your VM partitions, in the following configuration I’m assuming /dev/mapper/loop0p1 is the root partition.

Now write a new LXC configuration file (myvm.conf in my case) containing:

lxc.network.type = veth
lxc.network.flags = up
lxc.network.link = lxcbr0
lxc.utsname = myvminlxc

lxc.tty = 4
lxc.pts = 1024
lxc.rootfs = /dev/mapper/loop0p1
lxc.arch = amd64
lxc.cap.drop = sys_module mac_admin

lxc.cgroup.devices.deny = a
# Allow any mknod (but not using the node)
lxc.cgroup.devices.allow = c *:* m
lxc.cgroup.devices.allow = b *:* m
# /dev/null and zero
lxc.cgroup.devices.allow = c 1:3 rwm
lxc.cgroup.devices.allow = c 1:5 rwm
# consoles
lxc.cgroup.devices.allow = c 5:1 rwm
lxc.cgroup.devices.allow = c 5:0 rwm
#lxc.cgroup.devices.allow = c 4:0 rwm
#lxc.cgroup.devices.allow = c 4:1 rwm
# /dev/{,u}random
lxc.cgroup.devices.allow = c 1:9 rwm
lxc.cgroup.devices.allow = c 1:8 rwm
lxc.cgroup.devices.allow = c 136:* rwm
lxc.cgroup.devices.allow = c 5:2 rwm
# rtc
lxc.cgroup.devices.allow = c 254:0 rwm
#fuse
lxc.cgroup.devices.allow = c 10:229 rwm
#tun
lxc.cgroup.devices.allow = c 10:200 rwm
#full
lxc.cgroup.devices.allow = c 1:7 rwm
#hpet
lxc.cgroup.devices.allow = c 10:228 rwm
#kvm
lxc.cgroup.devices.allow = c 10:232 rwm

The bits in bold may need updating if you’re not using the same architecture, partition scheme or bridges as I’m.

Then finally, run: lxc-start -n myvminlxc -f myvm.conf

And watch your VM boot in an LXC container.

I did this test with a desktop VM using network manager so it didn’t mind LXC’s random MAC address, server VMs might get stuck for a minute at boot time because of that though.
In such case, either clean /etc/udev/rules.d/70-persistent-net.rules or set “lxc.network.hwaddr” to the same mac address as your VM.

Once done, run kpartx -d vm.img to remove the loop devices.

Read more
Stéphane Graber

DNS in Ubuntu 12.04

Anyone who’s been using 12.04 over the past month or so may have noticed some pretty significant changes in the way we do DNS resolving in Ubuntu.

This is the result of the implementation of: foundations-p-dns-resolving

Here is a description of the two big changes that happened:

Switch to resolvconf for /etc/resolv.conf management

resolvconf is a set of script and hooks managing DNS resolution. The most notable difference for the user is that any change manually done to /etc/resolv.conf will be lost as it gets overwritten next time something triggers resolvconf. Instead, resolvconf uses DHCP client hooks, a Network Manager plugin and /etc/network/interfaces to generate a list of nameservers and domain to put in /etc/resolv.conf.

For more details, I’d highly encourage you to read resolvconf’s manpage but here are a few answers to common questions:

  • I use static IP configuration, where should I put my DNS configuration?
    The DNS configuration for a static interface should go as “dns-nameservers”, “dns-search” and “dns-domain” entries added to the interface in /etc/network/interfaces
  • How can I override resolvconf’s configuration or append some entries to it?
    Resolvconf has a /etc/resolvconf/resolv.conf.d/ directory that can contain “base”, “head”, “original” and “tail” files. All in resolv.conf format.
    • base: Used when no other data can be found
    • head: Used for the header of resolv.conf, can be used to ensure a DNS server is always the first one in the list
    • original: Just a backup of your resolv.conf at the time of resolvconf installation
    • tail: Any entry in tail is appended at the end of the resulting resolv.conf. In some cases, upgrading from a previous Ubuntu release, will make tail a symlink to original (when we think you manually modified resolv.conf in the past)
  • I really don’t want resolvconf, how can I disable it?
    I certainly wouldn’t recommend disabling resolvconf but you can do it by making /etc/resolv.conf a regular file instead of a symlink.
    Though please note that you may then be getting inconsistent /etc/resolv.conf when multiple software are fighting to change it.

This change affects all Ubuntu installs except for Ubuntu core.

Using dnsmasq as local resolver by default on desktop installations

That’s the second big change of this release. On a desktop install, your DNS server is going to be “127.0.0.1″ which points to a NetworkManager-managed dnsmasq server.

This was done to better support split DNS for VPN users and to better handle DNS failures and fallbacks. This dnsmasq server isn’t a caching server for security reason to avoid risks related to local cache poisoning and users eavesdropping on other’s DNS queries on a multi-user system.

The big advantage is that if you connect to a VPN, instead of having all your DNS traffic be routed through the VPN like in the past, you’ll instead only send DNS queries related to the subnet and domains announced by that VPN. This is especially interesting for high latency VPN links where everything would be slowed down in the past.

As for dealing with DNS failures, dnsmasq often sends the DNS queries to more than one DNS servers (if you received multiple when establishing your connection) and will detect bogus/dead ones and simply ignore them until they start returning sensible information again. This is to compare against the libc’s way of doing DNS resolving where the state of the DNS servers can’t be saved (as it’s just a library) and so every single application has to go through the same, trying the first DNS, waiting for it to timeout, using the next one.

Now for the most common questions:

  • How to know what DNS servers I’m using (since I can’t just “cat /etc/resolv.conf”)?
    “nm-tool” can be used to get information about your existing connections in Network Manager. It’s roughly the same data you’d get in the GUI “connection information”.
    Alternatively, you can also read dnsmasq’s configuration from /run/nm-dns-dnsmasq.conf
  • I really don’t want a local resolver, how can I turn it off?
    To turn off dnsmasq in Network Manager, you need to edit /etc/NetworkManager/NetworkManager.conf and comment the “dns=dnsmasq” line (put a # in front of it) then do a “sudo restart network-manager”.

Bugs and feedback

Although we’ve been doing these changes more than a month ago and we’ve been looking pretty closely at bug reports, there may be some we haven’t found yet.

Issues related to resolvconf should be reported with:
ubuntu-bug resolvconf

Issues related to the dnsmasq configuration should be reported with:
ubuntu-bug network-manager

And finally, actual dnsmasq bugs and crashed should be reported with:
ubuntu-bug dnsmasq

In all cases, please try to include the following information:

  • How was your system installed (desktop, alternate, netinstall, …)?
  • Whether it’s a clean install or an upgrade?
  • Tarball of /etc/resolvconf and /run/resolvconf
  • Content of /run/nm-dns-dnsmasq.conf
  • Your /var/log/syslog
  • Your /etc/network/interfaces
  • And obviously a detailed description of your problem

Read more
Chris Johnston

My buddy Dustin Kirkland pointed me to a neat little utility that he wrote with Scott Moser called ssh-import-id. Since he showed it to me a few months ago, I have used it many times and it has made my life quite a bit easier.

ssh-import-id fetches a the defined user(s) public keys from Launchpad, validates them, and then adds them to the ~/.ssh/authorized_keys file. That’s it, but if you need to add multiple people, or don’t know which key they are going to want used, this will save you time.

Dustin has tried to get it added to OpenSSH, but he hasn’t been able to succeed at this yet.

To use ssh-import-id, you first need to install it if it already isn’t:

sudo apt-get install ssh-import-id

Then to run it you would run:

ssh-import-id chrisjohnston

This would import my public keys. You are also able to import multiple users at the same time:

ssh-import-id chrisjohnston kirkland

If you are looking for the latest version of the code it is available in a ppa:

ppa:ssh-import-id/ppa

If you have problems or want to check out the code, check out the package on Launchpad.

Read more
Stéphane Graber

Every year, I try to set a few hours aside to work on one of my upstream projects, pastebinit.

This is one of these projects which mostly “just works” with quite a lot of users and quite a few of them sending merge proposals and fixes in bug reports.

I’m planning on uploading pastebinit 1.3 right before Feature Freeze, either on Wednesday or early Thursday, delaying the release as much as possible to get a few last translations in.

If you speak any language other than English, please go to:
https://translations.launchpad.net/pastebinit

Any help getting this as well translated as possible would be appreciated, for Ubuntu users, you’ll have to deal with it for the next 5 years, so it’s kind of important :)

Now the changes, they’re pretty minimal but still will make some people happy I’m sure:

  • Finally merged pbget/pbput/pbputs from Dustin Kirkland, these 3 tools let you securely push and retrieve files using a pastebin. It’s using a mix of base64, tar and gpg as well as some wget and parsing to retrieve the data.
    These are nice scripts to use with pastebinit, though please don’t send huge files to the pastebins, they really aren’t meant for that ;)
  • Removed stikked.com from the supported pastebins as it’s apparently dead.
  • Now the new pastebins:
  • paste.debian.net should now work fine with the ‘-f’ (format) option, thanks for their work on making their form pastebinit-friendly.
  • pastebinit should now load pastebin definition files properly from multiple locations.
    Starting with /usr/share/pastebin.d, then going through /etc/pastebin.d, /usr/local/etc/pastebin.d, ~/.pastebin.d and finally <wherever pastebinit is>/.pastebin.d
  • A few other minor improvements and fixes merged by Rolf Leggewie over the last year or so, thanks again for taking care of these!

Testing of the current trunk before release would also be greatly appreciate, you can get the code with: bzr branch lp:pastebinit

Bug reports are welcome at: https://launchpad.net/pastebinit/+filebug

Read more
Chris Johnston

Yesterday was day one of Linaro Connect Q1.12. This was a very productive day of meeting people that I will be working with on LAVA, as well as other people throughout Linaro. I attended a couple of sessions during the morning, but I didn’t have anything noteworthy come out of them at this point. During the afternoon I worked with the Validation team in their hack session and was able to get LAVA running locally on my laptop and imported a bundle stream from Linaro’s LAVA setup.

Throughout the day I also did some work on Summit, pushing a couple of fixes and a new IRC link feature to Launchpad. While in the hacking session I met with Andy Doan and discussed the future of the Linaro Connect Android app, and we managed to get out a bug fix for it.

On day 2 I hope to do some more work with LAVA, hopefully figuring out how to play with the results that are displayed in the dashboard.

Read more
Chris Johnston

This week I will be attending Linaro Connect Q1.12 in Redwood City, California. Infact, I’m in an American Airlines plane at 34,000 feet heading there now. In-flight WiFi is awesome!

Over the past two months Michael Hall and myself have been doing a large amount of work on The Summit Scheduler to get it ready for Connect this week including modifying more than 2,400 lines of Summit code. You can find out more about that in my previous post.

I have a few things that I want to get out of Connect. The first is that I want to get feedback on the changes to Summit, as well as figure out what other things we may need to change. The second thing that I want to do is to learn more about the Beagleboard-xM that I have and how to use it for the many different things it can be used for. The third thing that I want to do is to learn about Linaro’s LAVA.

LAVA is an automated validation suite used to run all sorts of different tests on the products that Linaro produces. The things that I would like to get out of Connect in relation to LAVA are how to setup and run LAVA, how to set it up to run tests, and how to produce results and display those results the way that I want them.

If you are at Linaro Connect, and would be willing to talk with me about Summit and the way you use it and your thoughts on the changes, please contact me and we will set aside a time to meet.

Read more
Stéphane Graber

It took a while to get some apt resolver bugs fixed, a few packages marked for multi-arch and some changes in the Ubuntu LXC template, but since yesterday, you can now run (using up to date Precise):

  • sudo apt-get install lxc qemu-user-static
  • sudo lxc-create -n armhf01 -t ubuntu — -a armhf -r precise
  • sudo lxc-start -n armhf01
  • Then login with root as both login and password

And enjoy an armhf system running on your good old x86 machine.

Now, obviously it’s pretty far from what you’d get on real ARM hardware.
It’s using qemu’s user space CPU emulation (qemu-user-static), so won’t be particularly fast, will likely use a lot of CPU and may give results pretty different from what you’d expect on real hardware.

Also, because of limitations in qemu-user-static, a few packages from the “host” architecture are installed in the container. These are mostly anything that requires the use of ptrace (upstart) or the use of netlink (mountall, iproute and isc-dhcp-client).
This is the bare minimum I needed to install to get the rest of the container to work using armhf binaries. I obviously didn’t test everything and I’m sure quite a few other packages will fail in such environment.

This feature should be used as an improvement on top of a regular armhf chroot using qemu-user-static and not as a replacement for actual ARM hardware (obviously), but it’s cool to have around and nice to show what LXC can do.

I confirmed it to work for armhf and armel, powerpc should also work, though it didn’t succeed to debootstrap when I tried it earlier today.

Enjoy!

Read more
Chris Johnston

During the months since UDS – P in Orlando, FL, the Summit Hackers have been hard at work. As of right now, we have modified more than 2400 lines of code and fixed 24 bugs. Most of those 2400 lines of code have been adding new features and finally getting around to adding a better looking schedule view when on your personal device. While we have made great strides towards getting Summit to be perfect, there is still more work that needs to be done. Our first big test for these new features will be the Linaro Connect Q1.12 event that starts next Monday, February 6. I have the pleasure of being able to go to this event, so I hope to obtain feedback while I am there on ways to further improve Summit for next UDS. Please feel free to poke around with the changes and provide any feedback you may have!

Also, thanks to the work of Stuart Langridge, the Summit agenda view will soon be mobile friendly, making it easy to follow your schedule on your cell phone!

Release Notes:

  • Added user roles of Scheduler, Manager, and Track Lead
  • Added the ability for Admins, Schedulers, Managers, and Track Leads to create private meetings through the UI
    • The creator has the ability to add people who are required to attend
    • The creator and any schedulers have the ability to edit the private meeting, as well as edit the attendee list
  • Added a way to create a link to a private meeting that has a random hash string in the URL.
    • If you have been given this URL you can view the meeting details without being marked as attending, or having a launchpad account
  • Added a new daily agenda view (http://summit.ubuntu.com/lcq1-12/2012-02-06/)
    • New display is much more personal computer friendly
    • Displays all information about a meeting, including time, location, description, attendees, and track
    • New displays will show private meetings that the logged in user is marked as attending on, including the information about the private meeting
    • Gray star denotes not attending, Gold star denotes attending.
  • Added “Track” page (http://summit.ubuntu.com/lcq1-12/tracks)
    • This page includes all tracks, track descriptions, and track leads.
  • Added the ability for the plenary room to double as a “Training room”
  • Removed ALL Linaro hacks
  • Added the ability for a user to mark themself as attending a meeting without having to subscribe to the blueprint

Bugs that were fixed:

version 1.0.0

version 1.0.1

version 1.0.2

version 1.0.3

Read more
David Planella

Another month and another fresh ranking for you. Into the new year and time for recap of the top 10 list of apps downloaded from the Ubuntu Software Centre last month!

Top 10 commercial apps

1 > TRAUMA

TRAUMA is a game that tells a story of a young woman who survives a car accident. Recovering at the hospital, she has dreams that shed light on different aspects of her identity – such as the way she deals with the loss of her parents. TRAUMA lets you experience those dreams in an interactive way, reminiscent of Point-and-Click Adventure Games.

2 > Fluendo DVD Player

Fluendo DVD Player is a software application specially designed to reproduce DVD on Linux/Unix platforms, which provides end users with high quality standards.

3 > Braid

Braid is a platform game in painterly style where you manipulate the flow of time to solve puzzles. Every puzzle in Braid is unique; there is no filler. Braid treats your time and attention as precious, and it does everything it can to give you a mind-expanding experience.

4 > Oil Rush (pre-order, beta access)

Oil Rush is a real-time naval strategy game based on group control. It combines the strategic challenge of a classical RTS with the sheer fun of Tower Defence. Fight the naval war between furious armies across the boundless waters of the post-apocalyptic world.

5 > Steel Storm: Burning Retribution

Steel Storm: Burning Retribution marks the return of top-down shooters with new twists. The game has score oriented competitive gameplay, and is designed for people who like fast paced action, hordes of smart enemies, destructible worlds and ground shaking explosions.

6 > World of Goo

Drag and drop living, squirming, talking globs of goo to build structures, bridges, cannonballs, zeppelins, and giant tongues. The millions of innocent goo balls that live in the beautiful World of Goo are curious to explore. But they don’t know that they are in a game, or that they are extremely delicious. The most addicting and awe-inspiring puzzle game will set you on an adventure that you’ll never forget!

7 > Monster RPG 2

Monster RPG 2 is a fantasy quest that spans continents and worlds and lets you take a simple villager and develop her into a hero with the power to save her world. The next instalment in the classic Monster RPG series, Monster RPG 2 is a turn-based role-playing game with great variety of plot twists, secrets, and scenery.

8 > The Clockwork Man: The Hidden World

Explore a Victorian era filled with wondrous contraptions and fascinating machinery. Embark on a steam-powered, rollercoaster journey through land, air, and water in this unique Hidden Object Adventure! Miranda and Sprocket are back! Join them in their new adventures and discover the Hidden World, a land lost in time and glimpsed through legends.

9 > Uplink

You play an Uplink Agent who makes a living by performing jobs for major corporations. Your tasks involve hacking into rival computer systems, stealing research data, sabotaging other companies, laundering money, erasing evidence, or framing innocent people. You use the money you earn to upgrade your computer systems, and to buy new software and tools. As your experience level increases you find more dangerous and profitable missions become available.

10 > Memory Owl

Memory Owl is a unique, dynamic game that uses physics engine and adds multiple hurdles and helpers to spice up the classic game of finding pairs of pictures. It’s suitable for all ages – even children as young as 4 years will find it amusing (especially on easy diffuculty setting). Find all pairs before they drawn in the rising water or are pushed out of screen by fish.

Top 10 free apps

1 > Ryzom

Ryzom, one of the best role playing Massively Multiplayer Online Game of the moment (MMORPG), is set more than 2000 years in the future, on a living, evolving world: beautiful Atys!

2 > Crossover Games

Play Windows games like World of Warcraft on Ubuntu! CrossOver Games (Ubuntu Edition) makes it possible to play Windows games such as World of Warcraft and many others. CrossOver Games is built on the latest versions of Wine, based on contributions from both CodeWeavers and the open-source Wine community. CrossOver Games aims to bring you the latest, greatest, bleeding edge improvements in Wine technology.

3 > Vendetta Online

Vendetta Online is a 3D space combat MMORPG. This MMO permits thousands of players to interact as the pilots of spaceships in a vast universe. Users may build their characters in any direction they desire, becoming rich captains of industry, military heroes, or outlaws.

4 > CrossOver Pro (Trial)

CrossOver Linux allows you to install many popular Windows productivity applications, plugins and games in Linux. You can think of it as an emulator, but it’s different, because there’s no Windows OS license required. Your applications integrate seamlessly with your GNOME or KDE environment. It’s like running Windows on your Linux machine, but without Windows.

5 > Full Circle Magazine

Full Circle is a free, independent, monthly magazine dedicated to the Ubuntu family of Linux operating systems. Each month, it contains helpful how-to articles and reader submitted stories. Full Circle also features a companion podcast, the Full Circle Podcast, which covers the magazine along with other news of interest.

6 > CrossOver Standard (Trial)

CrossOver Linux allows you to install many popular Windows productivity applications, plugins and games in Linux. You can think of it as an emulator, but it’s different, because there’s no Windows OS license required. Your applications integrate seamlessly with your GNOME or KDE environment. It’s like running Windows on your Linux machine, but without Windows.

7 > Wunderlist

Free cloud-sync task manager, helps sharing your To-Do lists with friends and colleagues. Manage your to-dos and synchronize them with your free Wunderlist account. View and modify your tasks on Windows, Mac, iPad, iPhone/iPod Touch, Android and the Web. Hundreds of thousands of people worldwide use Wunderlist everyday. Wunderlist – your tasks anywhere, anytime.

8 > Tribal Trouble 2

Tribal Trouble 2 is a browser-based RTS game that takes place in the zany age of the Vikings. You are the Chief of a Viking tribe and are responsible for making a name for yourself by conquest and skill.

9 > Magic 8 Ball

Ask the Magic Eight Ball and get an answer to your question. If you’re looking for advice or fancy some fortune-telling, the ball will always listen to you and deliver, though it might not be what you expect!

10 > Clipardo (demo)

This program enables you to find clipart pictures by a hand-drawn sketch. It can be of service when looking for clipart for your presentations, mind maps, posters, charts, web-design, even programs.

Notes:

  • The lists of top 10 app downloads includes only those applications submitted through My Apps on the Ubuntu App Developer Site. For more information about of usage of other applications in the Ubuntu archive, check out the Ubuntu Popularity Contest statistics.
  • The top 10 free apps list contains gratis applications that are distributed under different types of licence, some of which might not be open source. For detailed licence information, please check each application’s description in the Ubuntu Software Centre.

Follow Ubuntu App Development on:

 

Social Media Icons by Paul Robert Lloyd

Read more
Stéphane Graber

One of my focus for this cycle is to get Ubuntu’s support for complex networking working in a predictable way. The idea was to review exactly what’s happening at boot time, get a list of possible scenario that are used on servers in corporate environment and make sure these always work.

Bonding

Bonding basically means aggregating multiple physical link into one virtual link for high availability and load balancing. There are different ways of setting up such a link though the industry standard is 802.3ad (LACP – Link Aggregation Control Protocol). In that mode your server will negotiate with your switch to establish an aggregate link, then send monitoring packets to detect failure. LACP also does load balancing (MAC, IP and protocol based depending on hardware support).

One problem we had since at least Ubuntu 10.04 LTS is that Ubuntu’s boot sequence is event based, including bringing up network interfaces. The good old “ifup -a” is only done at the end of the boot sequence to try and fix anything that wasn’t brought up through events.

Unfortunately that meant that if your server takes a long time to detect the hardware, your bond would be initialised before the network cards have been detected, giving you a bond0 without a MAC address, making DHCP queries fail in pretty weird ways and making bridging or tagging fail with “Operation not permitted”.
As that all depends on hardware detection timing, it was racy, giving you random results at boot time.

Thankfully that should now be all fixed in 12.04, the new ifenslave-2.6 I uploaded a few weeks ago now initialises the bond whenever the first slave appears. If no slave appeared by the time we get to the catch-all “ifup -a”, it’ll simply wait for up to an additional minute for a slave to appear before giving up and continuing the boot sequence.
To avoid another common race condition where a bridge is brought up with a bond as one of its members before the bond is ready, ifenslave will now detect a bond is part of a bridge and add it only once ready.

Tagging

Another pretty common thing on corporate networks is the use of VLANs (802.1q), letting you create up to 4096 virtual networks on one link.
In the past, Ubuntu would rely on the catch all “ifup -a” to create any required vlan interface, once again, that’s a problem when an interface that depends on that vlan interface is initialised before the vlan interface is created.

To fix that, Ubuntu 12.04′s vlan package now ships with a udev rule that triggers the creation of the vlan interface whenever its parent interface is created.

Bridging

Bridging on Linux can be seen as creating a virtual switch on your system (including STP support).

Bridges have been working pretty well for a while on Ubuntu as we’ve been shipping a udev rule similar to the one for vlans for a few releases already. Members are simply added to the bridge as they appear on the system. The changes to ifenslave and the vlan package make sure that even bond interfaces with VLANs get properly added to bridges.

Complex network configuration example

My current test setup for networking on Ubuntu 12.04 is actually something I’ve been using on my network for years.

As you may know, I’m also working on LXC (Linux Containers), so my servers usually run somewhere between 15 and 80 containers, each of these container has a virtual ethernet interface that’s bridged.
I have one bridge per network zone, each of these network zone being a separate VLAN. These VLANs are created on top of a two gigabit link bond.

At boot time, the following happens (roughly):

  1. One of the two network interfaces appear
  2. The bond is initialised and the first interface is enslaved
  3. This triggers the creation of all the VLAN interfaces
  4. Creating the VLAN interfaces triggers the creation of all the bridges
  5. All the VLAN interfaces are added to their respective bridge
  6. The other network interface appear and gets added to the bond

My /etc/network/interfaces can be found here:
http://www.stgraber.org/download/complex-interfaces

This contains the very strict minimum needed for LACP to work. One thing worth noting is that the two physical interfaces are listed before bond0, this is to ensure that even if the events don’t work and we have to rely on the fallback “ifup -a”, the interfaces will be initialised in the right order avoiding the 60s delay.

Please note that this example will only reliably work with Ubuntu Precise (to become 12.04 LTS). It’s still a correct configuration for previous releases but race conditions may give you a random result.

I’ll be trying to push these changes to Ubuntu 11.10 as they are pretty easy to backport there, however it’d be much harder and very likely dangerous to backport these to even older releases.
For these, the only recommendation I can give is to add some “pre-up sleep 5″ or similar to your bridges and vlan interfaces to make sure whatever interface they depend on exists and is ready by the time the “ifup -a” call is reached.

IPv6

Another interesting topic for 12.04 is IPv6, as a release that’ll be supported for 5 years on both servers and desktops, it’s important to get IPv6 right.

Ubuntu 12.04 LTS will be the first Ubuntu release shipping with IPv6 private extensions turned on by default. Ubuntu 11.10 already brought most of what’s needed for IPv6 support on the desktop and in the installer, supporting SLAAC (stateless autoconfiguration), stateless DHCPv6 and stateful DHCPv6.

Once we get a new ifupdown in Ubuntu Precise, we’ll have full support for IPv6 also for people that aren’t using Network Manager (mostly servers) which should at this point give us support for any IPv6 setup you may find.

The userspace has been working pretty well with IPv6 for years. I recently made my whole network dual-stack and now have all my servers and services defaulting to IPv6 for a total of 40% of my network traffic (roughly 1.5TB a month of IPv6 traffic). The only user space related problem I noticed is the lack of IPv6 support in Nagios’ nrpe plugin, meaning I can’t start converting servers to single stack IPv6 as I’d loose monitoring …

I also wrote a python script using pypcap to give me the percentage of ipv6 and ipv4 traffic going through a given interface, the script can be found here: http://www.stgraber.org/download/v6stats.py (start with: python v6stats.py eth0)

What now ?

At this point, I think Ubuntu Precise is pretty much ready as far as networking is concerned. The only remaining change is the new ifupdown and the small installer change that comes with it for DHCPv6 support.

If you have a spare machine or VM, now is the time to grab a recent build of Ubuntu Precise and make sure whatever network configuration you use in production works reliably for you and that any hack you needed in the past can now be dropped.
If your configuration doesn’t work at all or fails randomly, please file a bug so we can have a look at your configuration and fix any bug (or documentation).

Read more
David Planella

Support for PayPal as an additional payment option has landed today in Ubuntu Pay, the service that handles electronic payment for commercial apps in the Ubuntu Software Centre.

This new feature will enable Ubuntu users to comfortably and safely buy commercial apps, ebooks and magazines from the Software Centre with their PayPal account. PayPal will be an additional payment option along with the already supported credit and debit card alternatives, “a frequently-requested option by users who don’t have credit/debit cards or who get charged conversion fees by their bank for non-local currency transactions“, adds Stuart Metcalfe, Canonical ISD manager.

All in all, a much welcomed feature that will contribute  reinforcing the virtuous circle of the Ubuntu apps ecosystem with an easier purchasing process, more profits for app authors and increased attractiveness of Ubuntu as a target platform for app developers.

Congratulations to the Canonical ISD team for this great addition to the Software Centre!

Follow Ubuntu App Development on:

 

Social Media Icons by Paul Robert Lloyd

Read more
David Planella

As you will probably have noticed every time you open the Ubuntu Software Centre and watch those beautiful banners, each month we pick some of the best apps available to Ubuntu users and highlight them for everyone to see whenever they search for apps. It is not only a nice way to celebrate and bring more visibility to cool new apps, but also to help app authors by promoting their work.

December brings 3 awesome featured applications. Read on to learn more about them and how to get them on your Ubuntu system.

Stellarium

Stellarium is a beautiful planetarium application, with which you can watch starry nights and identify celestial objects as if you were laying down on a nice field enjoying the clear sky. The first thing that catches the eye are the slick and captivating visuals, including the interface itself, which is very intuitive and blends in very well with the sky cruising experience. Quoting the Stellarium home page, it’s just a matter of setting your location and go.

You’ll enjoy watching and learning constellations, satellites, planets, nebulae… (you name it!) from the impressive catalogue of over 600 thousand stars, which can be extended to more than 210 million stars. You can even turn off the atmosphere and the Earth! Stellarium is open source software. Go and check it out for yourself downloading it from the Software Centre.

TRAUMA

TRAUMA is a game that develops around the story of a woman who survives a car accident and wakes up to confront her recovery. The player gets absorbed into a dream-like atmosphere and is challenged to solve puzzles or achieve a particular end goal, as if part of an interactive movie. This sensation of controlling the direction of the plot, along with the compelling visuals and gameplay make TRAUMA stand out as a fascinating game and story to dive into.

All in all, a unique and engaging experience, again, right at your fingertips from the Software Centre!

Openshot

Openshot is an easy-to-use yet very powerful video editor. From creating family videos to presentations, to professional video editing, Openshot will help you with all your video needs. Easily combine music and video using multiple tracks, cut, trim, resize, mix and match clips, add transitions… the list of features is pretty impressive.

Have you ever wanted to create a promotional video to showcase a project you are involved in? Or add captions and nice transitions to those holiday videos? Now is your chance to download Openshot from the Software Centre and supercharge your Ubuntu installation with some video editing power. Openshot is open source software.

We hope you enjoyed our picks for this month. Stay tuned for a new update on January’s featured apps, and remember to add comments if you want to suggest us an app to highlight. Looking forward to your own picks!

Follow Ubuntu App Development on:

 

Social Media Icons by Paul Robert Lloyd

Read more
David Planella

November is over and we’re moving fast into the Christmas season. Time for a quick recap of the top 10 list of apps downloaded from the Ubuntu Software Centre last month!

Top 10 commercial apps

Braid – Braid is a platform game in painterly style where you manipulate the flow of time to solve puzzles. Every puzzle in Braid is unique; there is no filler. Braid treats your time and attention as precious, and it does everything it can to give you a mind-expanding experience. Get Braid from the Software Centre ›

Oil Rush (pre-order, beta access) – Oil Rush is a real-time naval strategy game based on group control. It combines the strategic challenge of a classical RTS with the sheer fun of Tower Defence. Fight the naval war between furious armies across the boundless waters of the post-apocalyptic world. Get Oil Rush BETA from the Software Centre ›

TRAUMA – TRAUMA is a game that tells a story of a young woman who survives a car accident. Recovering at the hospital, she has dreams that shed light on different aspects of her identity – such as the way she deals with the loss of her parents. TRAUMA lets you experience those dreams in an interactive way, reminiscent of Point-and-Click Adventure Games. Get TRAUMA from the Software Centre ›

Fluendo DVD Player – Fluendo DVD Player is a software application specially designed to reproduce DVD on Linux/Unix platforms, which provides end users with high quality standards. Get Fluendo DVD Player from the Software Centre ›

Steel Storm: Burning Retribution – Steel Storm: Burning Retribution marks the return of top-down shooters with new twists. The game has score oriented competitive gameplay, and is designed for people who like fast paced action, hordes of smart enemies, destructible worlds and ground shaking explosions. Get Steel Storm from the Software Centre ›

Monster RPG 2 – Monster RPG 2 is a fantasy quest that spans continents and worlds and lets you take a simple villager and develop her into a hero with the power to save her world. The next instalment in the classic Monster RPG series, Monster RPG 2 is a turn-based role-playing game with great variety of plot twists, secrets, and scenery. Get Monster RPG 2 from the Software Centre ›

World of Goo – Drag and drop living, squirming, talking globs of goo to build structures, bridges, cannonballs, zeppelins, and giant tongues. The millions of innocent goo balls that live in the beautiful World of Goo are curious to explore. But they don’t know that they are in a game, or that they are extremely delicious. The most addicting and awe-inspiring puzzle game will set you on an adventure that you’ll never forget! Get World of Goo from the Software Centre ›

The Clockwork Man: The Hidden World – Explore a Victorian era filled with wondrous contraptions and fascinating machinery. Embark on a steam-powered, rollercoaster journey through land, air, and water in this unique Hidden Object Adventure! Miranda and Sprocket are back! Join them in their new adventures and discover the Hidden World, a land lost in time and glimpsed through legends. Get The Clockwork Man: The Hidden World from the Software Centre ›

Uplink – You play an Uplink Agent who makes a living by performing jobs for major corporations. Your tasks involve hacking into rival computer systems, stealing research data, sabotaging other companies, laundering money, erasing evidence, or framing innocent people. You use the money you earn to upgrade your computer systems, and to buy new software and tools. As your experience level increases you find more dangerous and profitable missions become available. Get Uplink from the Software Centre ›

Fluendo Complete Playback Pack – This product contains plug-ins which allow you to play certain proprietary audio and video formats. These plug-ins are not included in the default Ubuntu distribution because they are not free software. Ubuntu is driven by strong support for the principles of free and open source software, and these principles govern what we can and will include in Ubuntu. However, we recognise the common need for plug-ins such as these, and offer them here to provide a safe and legal way for our users to play back video and audio in the formats they wish. Get Fluendo Complete Playback Pack from the Software Centre ›

Top 10 free apps

Ryzom – Ryzom, one of the best role playing Massively Multiplayer Online Game of the moment (MMORPG), is set more than 2000 years in the future, on a living, evolving world: beautiful Atys! Get Ryzom from the Software Centre ›

Crossover Games – Play Windows games like World of Warcraft on Ubuntu! CrossOver Games (Ubuntu Edition) makes it possible to play Windows games such as World of Warcraft and many others. CrossOver Games is built on the latest versions of Wine, based on contributions from both CodeWeavers and the open-source Wine community. CrossOver Games aims to bring you the latest, greatest, bleeding edge improvements in Wine technology. Get Crossover Games from the Software Centre ›

Vendetta Online – Vendetta Online is a 3D space combat MMORPG. This MMO permits thousands of players to interact as the pilots of spaceships in a vast universe. Users may build their characters in any direction they desire, becoming rich captains of industry, military heroes, or outlaws. Get Vendetta Online from the Software Centre ›

CrossOver Pro (Trial) – CrossOver Linux allows you to install many popular Windows productivity applications, plugins and games in Linux. You can think of it as an emulator, but it’s different, because there’s no Windows OS license required. Your applications integrate seamlessly with your GNOME or KDE environment. It’s like running Windows on your Linux machine, but without Windows. Get Crossover Pro (Trial) from the Software Centre ›

Full Circle Magazine Issue 52 – Full Circle is a free, independent, monthly magazine dedicated to the Ubuntu family of Linux operating systems. Each month, it contains helpful how-to articles and reader submitted stories. Full Circle also features a companion podcast, the Full Circle Podcast, which covers the magazine along with other news of interest. Get Full Circle Magazine #52 from the Software Centre ›

CrossOver Standard (Trial) – CrossOver Linux allows you to install many popular Windows productivity applications, plugins and games in Linux. You can think of it as an emulator, but it’s different, because there’s no Windows OS license required. Your applications integrate seamlessly with your GNOME or KDE environment. It’s like running Windows on your Linux machine, but without Windows. Get Crossover Standard (Trial) from the Software Centre ›

Full Circle Magazine Issue 53 – Full Circle is a free, independent, monthly magazine dedicated to the Ubuntu family of Linux operating systems. Each month, it contains helpful how-to articles and reader submitted stories. Full Circle also features a companion podcast, the Full Circle Podcast, which covers the magazine along with other news of interest. Get Full Circle Magazine #53 from the Software Centre ›

Full Circle Magazine Issue 50 – Full Circle is a free, independent, monthly magazine dedicated to the Ubuntu family of Linux operating systems. Each month, it contains helpful how-to articles and reader submitted stories. Full Circle also features a companion podcast, the Full Circle Podcast, which covers the magazine along with other news of interest. Get Full Circle Magazine #50 from the Software Centre ›

Wunderlist – Free cloud-sync task manager, helps sharing your To-Do lists with friends and colleagues. Manage your to-dos and synchronize them with your free Wunderlist account. View and modify your tasks on Windows, Mac, iPad, iPhone/iPod Touch, Android and the Web. Hundreds of thousands of people worldwide use Wunderlist everyday. Wunderlist – your tasks anywhere, anytime. Get Wunderlist from the Software Centre ›

Full Circle Magazine Issue 51 – Full Circle is a free, independent, monthly magazine dedicated to the Ubuntu family of Linux operating systems. Each month, it contains helpful how-to articles and reader submitted stories. Full Circle also features a companion podcast, the Full Circle Podcast, which covers the magazine along with other news of interest. Get Full Circle Magazine #51 from the Software Centre ›

This month’s highlights

If you still haven’t seen them, open up the Ubuntu Software Centre and check out the beautiful banners for this month. Our carefully hand-picked app highlights this time round are:

Stellarium – Stellarium renders 3D photo-realistic skies in real-time. With Stellarium, you really see what you can see with your eyes, binoculars or a small telescope. Get Stellarium from the Software Centre ›

Openshot – OpenShot Video Editor is a free, open-source, non-linear video editor. It can create and edit videos and movies using many popular video, audio, and image formats. Create videos for YouTube, Flickr, Vimeo, Metacafe, iPod, Xbox, and many more common formats! Get Openshot from the Software Centre ›

TRAUMA – TRAUMA is a game that tells a story of a young woman who survives a car accident. Recovering at the hospital, she has dreams that shed light on different aspects of her identity – such as the way she deals with the loss of her parents. TRAUMA lets you experience those dreams in an interactive way, reminiscent of Point-and-Click Adventure Games. Get TRAUMA from the Software Centre ›

Notes:

  • The lists of top 10 app downloads includes only those applications submitted through My Apps on the Ubuntu App Developer Site. For more information about of usage of other applications in the Ubuntu archive, check out the Ubuntu Popularity Contest statistics.
  • The top 10 free apps list contains gratis applications that are distributed under different types of licence, some of which might not be open source. For detailed licence information, please check each application’s description in the Ubuntu Software Centre.

Follow Ubuntu App Development on:

 

Social Media Icons by Paul Robert Lloyd

Read more