Ubuntu Server Installer, and backend for Ubuntu Desktop Installer
We are proud to announce version 24.04.1 of Subiquity, supported on Ubuntu 24.04 LTS, Ubuntu 23.10, Ubuntu 22.04.4 LTS, and Ubuntu 20.04.6 LTS. Subiquity 24.04.1 is included in the Ubuntu 24.04 LTS live-server ISO, and is now live on the stable channel as a snap refresh for the other supported ISOs. Also, Ubuntu Desktop Bootstrap on Ubuntu 24.04 LTS includes this same version of Subiquity.
Ubuntu 24.04 LTS marks the first LTS release of the Subiquity-based installer Ubuntu Desktop Bootstrap, for not just Ubuntu Desktop, but also many Ubuntu flavors - Edubuntu, Ubuntu Budgie, Ubuntu Cinnamon, Ubuntu Kylin, Ubuntu Mate, Ubuntu Studio, and Xubuntu. This also means that autoinstall is now available for all these environments with Long-Term Support.
ZFS Guided storage has been extended to support full-disk encryption. This uses the same method of handling the encryption employed by Ubiquity, where a combination of a LUKS keystore + ZFS Native encryption is employed.
While ZFS with or without encryption is not yet offered in the server installer UI, it is available via autoinstall for all Subiquity-based install ISOs including Ubuntu Server:
autoinstall:
storage:
layout:
name: zfs
password: passw0rd
To change the passphrase, consider using gnome-disks
or cryptsetup luksChangeKey
.
Additionally for ZFS support, a dataset for /home is now created.
Subiquity's error reporting and Autoinstall validation mechanisms have been significantly reworked to provide clearer and more actionable feedback when encountering errors. Automatic crash report generation has been disabled for cases of preventable errors which are caused by user-provided data (e.g., failure to validate the Autoinstall configuration) and instead helpful error messaging is shown to facilitate resolving the situation.
During interactive server installs, a new error overlay has been introduced to provide details on these preventable errors which inhibit the install from proceeding as expected. Some examples below:
When the provided Autoinstall config fails to validate, the installer halts and informs the user of the offending section:
When the installer is unable to find a disk matching the provided match directive from the Autoinstall config, the installation is halted:
Similar to the new error overlay, the event reporter provides details on the error which caused the install to halt. This provides a similar experience for non-interactive installs:
The provided Autoinstall config fails to validate:
... start: subiquity/Keyboard/load_autoinstall_data: finish: subiquity/Keyboard/load_autoinstall_config: Malformed autoinstall in 'keyboard' section finish: subiquity/load_autoinstall_config: Malformed autoinstall in 'keyboard' section An error occurred. Press enter to start a shell
Additionally, the event reporter now includes log-like event types to provide improved visibility on progress of the installation. One such event - the warning
event - may be used to report errors which are not critical, but may cause the installation to proceed differently than desired or expected.
For example: misspelling interactive-sections
may cause the install to proceed in a fully automated fashion, where a partially interactive install was likely desired:
warning: subiquity/core_validation/top_level_keys: Unrecognized top-level key 'interactive-section'
Subiquity has improved the way it consumes Autoinstall. Now when Autoinstall is delivered via cloud-config, Subiquity will halt the install with an error if it detects autoinstall keywords outside of a top-level autoinstall
keyword, instead of silently ignoring them. Subiquity will also halt with an error if the Autoinstall config on the installation media is attempted to be used as a cloud-init datasource.
The Autoinstall configuration file format has been expanded to now support the top-level autoinstall
keyword in all delivery methods. Previously, this keyword was only used when providing Autoinstall via cloud-config. It is now advised Autoinstall configurations follow the following format:
autoinstall:
version: 1
identity:
...
The existing format for autoinstall on the install media (version
and other keywords at the top level) remains supported and there are no plans for deprecation. See the new Autoinstall delivery tutorial to read more.
Subiquity grew partial, experimental, support for installations targeting remote storage devices using NVMe over TCP. Remote storage devices can be used to store filesystems that are not essential for booting (e.g., /home, /srv). They can be used to store the root filesystem with the following limitations:
There is no screen or specific autoinstall support for discovering NVMe/TCP storage. One can install the nvme-cli
package in the live environment and then run nvme connect
(or nvme connect-all
) commands to perform the discovery. NOTE that it is possible to run these commands as part of early-commands
to automate the process.
The SSH screen was reworked so that multiple SSH identities can be imported (from Launchpad and/or from Github). The keys are displayed in a list and can be selectively previewed or removed. This also prevents keys imported using autoinstall directives to be discarded when ssh
is marked as an interactive section.
After a failed mirror connectivity check, automated installations will now revert to semi-offline by default. In a semi-offline installation, packages are only fetched from the installation media and never from the archive. The behavior from previous versions can be obtained using the apt: fallback: abort
directive.
For interactive installations, the option to continue despite the connectivity failure is now gone. Instead, the user must decide between doing a semi-offline installation (see above) or going back and adjust network and/or mirror settings.
Read the docs is now the preferred location of Subiquity install documentation, and the existing Server install guide copy is being deprecated. The source for this documentation, in reStructuredText format, can be found in the doc directory of Subiquity on Github.
cc_dpkg_grub
module by disabling it for subiquity-installed systems. In this case, the system is already bootable, so the cc_dpkg_grub
module should be redundant. If cc_dpkg_grub
is still required, see this bug comment for suggestions.quiet splash
grub GRUB_CMDLINE_LINUX_DEFAULT valuescurtin in-target
wipefs
failuresnap refresh
in the live environment on older images (LP: #2062988).ValueError: Invalid dep_id (nvme-controller-nvme0) not in storage config
(LP: #2063162).Full Changelog: https://github.com/canonical/subiquity/compare/24.02.1...24.04.1
curtin in-target
and similar constructs.efibootmgr
related install
failures that may occur on systems using "EFI v1.1 by Apple" or similar.Particularly notable in this release is the support for TPM-backed full disk encryption. See the Ubuntu blog for details. Note that TPMFDE requires ISOs that are constructed with this feature in mind, which only applies to the mantic-desktop ISO today.
TPMFDE can be triggered with autoinstall:
storage:
layout:
name: hybrid
encrypted: yes
New in this release is the support for Guided ZFS, which is available for Desktop and Autoinstall. The guided ZFS structure is brought from Ubiquity and is very similar. (Encrypted Guided ZFS support is in plan for 24.04.)
To use ZFS from autoinstall, configure:
storage:
layout:
name: zfs
For Server installs, a recovery key option is now available.
snap start subiquity.probert
works as intendedFull Changelog: https://github.com/canonical/subiquity/compare/23.04.2...23.10.1
This release addresses an issue with amd64 installs (LP: #2033977) where the security pocket in sources.list can end up not configured matching documented best practices. It is recommended to configure the $series-updates to come from security.ubuntu.com, to minimize the effect of mirroring delays.
Affected systems will be AMD64 systems installed with Ubuntu 23.04, 22.04.3LTS, or installs done since April 2023 that accepted the snap version update.
To correct systems already installed, please modify /etc/apt/sources.list, look for the lines containing -security
, and update them to use http://security.ubuntu.com
.
"Ports" architectures (everyone but amd64) should not be affected by the above issue and should pull security updates from http://ports.ubuntu.com
This release was done to address an issue with manual partitioning.
Fixes:
Known issues:
h
aka local-hostname
or i
aka instance-id
nocloud datastore arguments should not be used. For an example of a working configuration, please see the autoinstall-quickstart guide.Version 23.04.3 is a rebuild to pick up new dependencies in the Subiquity snap. It is source-code identical to 23.04.2.
Fixes:
The primary theme for this release was productization fixes in support of Ubuntu Desktop Installer. This includes many partitioning enhancements, fixes to enable autoinstall for Ubuntu Desktop Installer, and improvements in handling of NetworkManager.
Another item is improvements in handling of Apt. Many Subiquity failure reports have the Subiquity-Apt interaction as the cause. We now more proactively check that the chosen mirror looks valid, offer autoinstall controls to allow the install to continue if the mirror cannot be contacted, and more. On similar note, a failure to complete unattended-upgrades is no longer fatal to the install.
On the subject of offline installs, there is a new fallback
key to control the desired behavior when the Ubuntu archive mirror is unavailable during install time. The default policy is abort
, which ends the install if the archive mirror is unaccessible. In some situations, it is acceptable to proceed with an offline install when the mirror is inaccessible. In this scenario, it is advised to use:
apt:
fallback: offline-install
A common feature request is to adjust how LVM uses a full disk during guided storage creation. It is by design that the rootfs will not use all available VG space by default, to allow creation of further volumes after install, snapshot creation, and generally take advantage of LVM features. However, today LUKS encryption is only offered on LVM, so users desiring full disk encryption would be left with the rootfs not actually using the full disk, until a later expansion of the volume post install.
To this end an autoinstall policy has been added to optionally allow expanding the LVM rootfs LV to use the full disk. Ubuntu-desktop-installer has this expansion on by default, while Server retains the existing scaled usage. When installing via the Subiquity TUI mind that the size of the created volume may be adjusted on the confirmation page. Further improvements around disk encryption, guided installs, and volume handling are anticipated in upcoming releases.
On the subject of LVM, encrypted installs may now be autoinstalled. While we have taken care to not leak the password to the logs in this case, mind that transport of the autoinstall data may reveal the encrypted password. Please consider changing this LUKS passphrase after install is complete if you are taking advantage of autoinstall for a LUKS installation.
The keyboard screen has seen an improvement where the chosen language is used to select a different default keyboard layout.
Several documentation fixes and updates have been done. They are tracked in source code now, allowing for enforcing that future autoinstall changes have a matching autoinstall reference update.
Known issues:
renderer: NetworkManager
.The 23.04 Ubuntu Server ISOs have been built with Subiquity 23.04.1. The specific differences between 23.04.1 and 23.04.2 are:
ntfsresize --info
was showing progress output in the logsAdditional Bugfixes found in 23.04.1 and 23.04.2:
Unknown keyboard
ValueError.Full Changelog: https://github.com/canonical/subiquity/compare/23.02.1...23.04.2
use_gap
in autoinstall. use_gap
allows for a guided install into existing free space without reformatting the entire disk. Example:
# requires the subiquity-storage-version=2 kernel command line feature flag
storage:
layout:
name: direct
mode: use_gap
In this scenario, a non-LVM guided install will be done into the largest free space. For more information on storage version 2, please see the Curtin configuration documentation.cloud-init clean
- several install artifacts are registered with cloud-init's clean functionality.'Raid' object has no attribute 'path'
error related to VROC/autoinstall.yaml
(requires repacking the installer squashfs)/cdrom/autoinstall.yaml
, which is where the autoinstall file will be located if placed in the root of the install ISO.ubuntu-drivers
/dev/loop0
not being found, as may be seen when performing a netboot install.