Amazon linux 2 và amazon linux ami
Run all your cloud and enterprise applications in a security-focused and high-performance Linux environment. Show
Amazon Linux 2 is a Linux operating system from Amazon Web Services (AWS). It provides a security-focused, stable, and high-performance execution environment to develop and run cloud applications. Amazon Linux 2 is provided at no additional
charge. AWS provides ongoing security and maintenance updates for Amazon Linux 2. BenefitsOptimized performanceAmazon Linux 2 includes support for the latest Amazon EC2 instance capabilities and is
tuned for enhanced performance. It includes packages that help ease integration with other AWS Services. Enhanced developer productivityAmazon Linux 2 is offered as a virtual machine and container image for on-premises development and testing. Developers can speed up their application development by building, testing, and integrating on the same Linux distribution that is used in their production environment. Peace of mind with long term supportAmazon Linux 2 offers long-term support. Developers, IT administrators, and ISVs get the predictability and stability of a Long Term Support (LTS) release, but without compromising access to the latest versions of popular software packages. Large Partner ecosystemAmazon Linux 2 has a rapidly growing community of Technology Partners
that includes Independent Software Vendors (ISVs). You can install and run many popular partner applications. PricingAmazon Linux 2 is provided at no additional charge. Standard Amazon EC2 and AWS charges apply for running Amazon EC2 instances and other services. What's NewNo posts could be found at this time. Next stepsExplore more of AWSAWS support for Internet Explorer ends on 07/31/2022. Supported browsers are Chrome, Firefox, Edge, and Safari. Learn more » General QuestionsQ. What is Amazon Linux 2? Amazon Linux 2 is the next-generation Amazon Linux operating system that provides modern application environment with the latest enhancements from the Linux community and offers long-term support. In addition to Amazon Machine Images (AMI) and container image formats, Amazon Linux 2 is available as a virtual machine image for on-premises development and testing, enabling you to easily develop,
test, and certify your applications right from your local development environment. Q. When will support for Amazon Linux 2 end? Amazon Linux 2 end of support date (End of Life, or EOL) has been extended by one year from 2023-06-30 to 2024-06-30 to provide customers with ample time to migrate to Amazon Linux 2022. Amazon Linux 2022 Generally Available release is scheduled for later this year,
and will be supported for five years. Q. What are the differences between Amazon Linux 2 and Amazon Linux 2022? Please refer to the documentation to learn more about the major differences between these distributions. Q. What are the benefits of using Amazon Linux 2? Similar to Amazon Linux AMI, Amazon Linux 2 supports the latest Amazon Elastic
Compute Cloud (Amazon EC2) instance features and includes packages that enable easy integration with AWS. It is optimized for use in Amazon EC2 with a latest and tuned Linux kernel version. As a result, many customer workloads perform better on Amazon Linux 2. Amazon Linux 2 offers will be supported until June 30, 2024 with security and maintenance updates. Amazon Linux 2 is available as on-prem virtual machine images allowing local development and test. Q. Which workloads or use cases are supported with Amazon Linux 2? Amazon Linux 2 is suited for a wide variety of virtualized and containerized workloads such as databases, data analytics, line-of-business applications, web and desktop applications, and more in production contexts. It is also available for use on EC2 Bare Metal Instances as both
a bare metal OS and a virtualization host. Q. What are the core components of Amazon Linux 2? The core components of Amazon Linux 2 are:
Q. How is Amazon Linux 2 different from Amazon Linux AMI?
Q. How can I get started with using Amazon Linux 2 on AWS? AWS provides an Amazon Machine Image (AMI) for Amazon Linux 2 that you can use to launch an instance from the Amazon EC2 console, AWS SDK, and CLI. Refer to Amazon Linux documentation for more details. Q. Are there any costs associated with running Amazon Linux 2 in Amazon EC2? No, there is no additional charge for running Amazon Linux 2. Standard Amazon EC2 and AWS charges apply for running Amazon EC2 instances and other services. Q. Which Amazon EC2 instance types does Amazon Linux 2 support? Amazon Linux 2 supports all Amazon EC2 instance types that support HVM AMIs. Amazon
Linux 2 does not support older instances that require paravirtualization (PV) functionality. Q. Does Amazon Linux 2 support 32-bit applications and libraries? Yes, Amazon Linux 2 supports 32-bit applications and libraries. If you are running on a version of Amazon Linux 2 that was launched before 10/04/2018, you can run “yum upgrade” to get the full 32-bit support. Q. Does Amazon Linux 2 come with a Graphical User Interface (GUI) desktop? Q. Can I view the source code for Amazon Linux 2 components? Yes. The yumdownloader --source tool in Amazon Linux 2 provides source code access for many components. Q. Why is Python 2.7 still part of Amazon Linux 2? We will continue to provide critical security patches for Python 2 as per our LTS commitment for Amazon Linux 2 core packages (until June, 2024) even though the upstream Python community declared Python 2.7 End Of Life in January 2020. Q. Should I migrate my code to Python 3 and away from Python 2.7? We strongly recommend our customers install Python 3 on their Amazon Linux 2 systems and migrate their code and applications to Python 3. Q. Is Amazon Linux 2 moving away from Python 2.7? There are no plans to change the default Python interpreter. It is our intention to retain Python 2.7 as the default for the lifetime of Amazon Linux 2. We will backport security fixes to our Python 2.7 packages as needed. Q. Why does Amazon Linux 2 not switch away from Python 2.7 for the 'yum' package manager, or move to DNF, which is Python 3 based? During a LTS release of the Operating System, the risk of making fundamental changes to, replacing, or adding another package manager is extremely high. Thus, in planning our Python 3 migration for Amazon Linux, we made the decision to do this across a major release boundary rather than within Amazon Linux 2. This is an approach shared by other RPM based Linux distributions, even ones without LTS commitments. Q. How is kernel 5.10 different from kernel 4.14? Kernel 5.10 brings a number of features and performance improvements - including optimizations for Intel Ice Lake processors and Graviton 2 powering the latest generation EC2 instances. From a security standpoint, customers benefit from WireGuard VPN that helps setup an effective virtual private network with low attack surface and allows encryption with less overhead. Kernel 5.10 also brings a kernel lockdown feature to prevent unauthorized modification of the kernel image and a number of BPF improvements, including the CO-RE (Compile Once - Run Everywhere). Customers with intensive input-output operations will benefit from better write performance, safer sharing of io_uring rings between processes for faster input-output operations, and support of the new exFAT system for better compatibility with storage devices. With the addition of MultiPath TCP (MPTCP), customers with several network interfaces can combine all available network paths to increase throughput and reduce network failures. Long Term SupportQ. What is included in the Long Term Support for Amazon Linux 2? Long-term support for Amazon Linux 2 only applies to core packages and includes: elfutils-libelf, glibc, glibc-utils, hesiod, krb5-libs, libgcc, libgomp, libstdc++, libtbb.so, libtbbmalloc.so, libtbbmalloc_proxy.so, libusb, libxml2, libxslt, pam, audit-libs, audit-libs-python, bzip2-libs, c-ares, clutter, cups-libs, cyrus-sasl-gssapi, cyrus-sasl-lib, cyrus-sasl-md5, dbus-glib, dbus-libs, elfutils-libs, expat, fuse-libs, glib2, gmp, gnutls, httpd, libICE, libSM, libX11, libXau, libXaw, libXext, libXft, libXi, libXinerama, libXpm, libXrandr, libXrender, libXt, libXtst, libacl, libaio, libatomic, libattr, libblkid, libcap-ng, libdb, libdb-cxx, libgudev1, libhugetlbfs, libnotify, libpfm, libsmbclient, libtalloc, libtdb, libtevent, libusb, libuuid, ncurses-libs, nss, nss-sysinit, numactl, openssl, p11-kit, papi, pcre, perl, perl-Digest-SHA, perl-Time-Piece, perl-libs, popt, python, python-libs, readline, realmd, ruby, scl-utils, sqlite, systemd-libs, systemtap, tcl, tcp_wrappers-libs, xz-libs, and zlib 3) AWS will provide Application Binary Interface (ABI) compatibility for all other packages in core unless providing such compatibility is not possible for reasons beyond AWS’s control. Q. Does Amazon Linux 2 maintain kernel-space ABI compatibility? Q. Does AWS backport security fixes for Amazon Linux 2? Q. Do the long-term support policies apply to extras topics? Q. Will additional Amazon Linux 2 builds be provided after the LTS
builds are released? Q. Where can I get updates for Amazon Linux 2? Q. How can I automate security patching on Amazon Linux 2 at scale? AWS Systems Manager Patch Manager works with Amazon Linux 2 to automate the process of patching Amazon Linux 2 instances at scale. Patch Manager can scan for missing patches, or scan and install missing patches to large groups of instances. Systems Manager Patch Manager can also be used to install patches for non-security updates. Q. What premium support options are available for Amazon Linux 2? AWS Support
does not currently cover the on-premises use of Amazon Linux 2. The Amazon Linux 2 forum and Amazon Linux 2 documentation are the primary sources of support for the on-premises use of Amazon Linux 2. You can post questions, report bugs, and feature requests on the Amazon Linux 2 forums. Support for Amazon Linux 2 LTS Candidates and Amazon Linux AMIQ. Can I perform a rolling upgrade from Amazon Linux 2 LTS Candidate 2 to the LTS version of Amazon Linux 2? Q. Will AWS support Amazon Linux AMI
going forward? Yes. To facilitate migration to Amazon Linux 2, AWS will provide security updates for the last version of Amazon Linux and container image until December 31, 2020. You can also use all your existing support channels such as AWS Premium Support and Amazon Linux Discussion Forum to continue to submit support requests. Q. Is Amazon Linux 2 backward compatible with the existing version of Amazon Linux AMI? Q. Can I perform an in-place upgrade from an existing version of Amazon Linux AMI to Amazon Linux 2? Q. Can I perform a rolling upgrade on instances running Amazon Linux AMI to Amazon Linux 2? On-premises UseQ. Which on-premises virtualization platforms does Amazon Linux 2 run on? Q. How can I get started with using Amazon Linux 2 virtual machine image in my local dev environment? Q. Are there any costs associated with running Amazon Linux 2 on-premises? Q. Is an AWS account required for running Amazon Linux 2 on-premises? Q. What are the minimum systems requirement for running Amazon Linux 2? Q. Will on-prem VM images of Amazon Linux 2 get security updates from AWS? Q. Can I get paid support for on-premises VM images of Amazon Linux 2 from AWS Support? Q. What is Amazon Linux extras? Extras is a mechanism in Amazon Linux 2 to enable the consumption of new versions of application software on a stable operating system that is supported until June 30, 2024. Extras help alleviate the compromise between the stability of the OS and freshness of available software. For example, now you can install newer versions of MariaDB on a stable operating system supported for five years. Examples of extras include Ansible 2.4.2, memcached 1.5, nginx 1.12, Postgresql 9.6, MariaDB 10.2, Go 1.9, Redis 4.0, R 3.4, Rust 1.22.1. Q. How does Amazon Linux extras work? Q. How do I install a software package from Amazon Linux extras repository? Example: $ sudo amazon-linux-extras install rust1 Q. Will packages in extras be moved to “core” with Long Term Support? ISV SupportQ. Which third-party applications are supported to run on Amazon Linux 2? Amazon Linux 2 has a rapidly growing community of Independent Software Vendors (ISVs) including Chef, Puppet, Vertica, Trend Micro, Hashicorp, Datadog, Weaveworks, Aqua Security, Tigera, SignalFX, and more. A complete list of supported ISV applications is available on the Amazon Linux 2 page To get your application certified with Amazon Linux 2, contact us. Kernel Live PatchingQ. What is Kernel Live Patching in Amazon Linux 2? Kernel Live Patching in Amazon Linux 2 is a feature that enables applying security and bug fixes to a running Linux Kernel without the need to reboot. Live patches for the Amazon Linux Kernel are delivered to the existing package repositories for Amazon Linux 2, and can be applied using regular yum commands such as ‘yum update —security’ when the feature has been activated. Q. What are the use cases for Kernel Live Patching in Amazon Linux 2? The use cases targeted by Kernel Live Patching in Amazon Linux 2 include:
Q. When does AWS provide kernel live patches? AWS typically will provide kernel live patches to fix CVEs, which are rated as critical and important by AWS, for the default Amazon Linux 2 Kernel. The Amazon Linux Security Advisory ratings of critical and important generally map to the Common Vulnerability Scoring System (CVSS) score of 7 and higher. Additionally, AWS will also provide kernel live patches for select bug fixes to address system stability issues, and potential data corruption issues. There may be a small number of issues that do not receive kernel live patches despite their severity because of technical limitations. For example, fixes that change assembly code or modify function signatures may not receive kernel live patches. Kernels in Amazon Linux 2 Extras and any third-party software that are not built and served by AWS will not receive kernel live patches. Q. Are there any charges attached with using Kernel Live Patching in Amazon Linux 2? We provide kernel live patches for Amazon Linux 2 at no cost. Q. How do I use Kernel Live Patching in Amazon Linux 2? Kernel live patches are provided by Amazon and can be consumed with the yum package manager and utilities in Amazon Linux 2 and AWS Systems Manager Patch Manager. Each kernel live patch is provided as an RPM package. Kernel Live Patching is currently disabled by default in Amazon Linux 2. You can use the available yum plugin to enable and disable Kernel Live Patching. You can then use the existing workflows in the yum utility to apply security patches including kernel live patches. In addition, the kpatch command line utility can be used to enumerate, apply and enable/disable kernel live patches.
Q. Does AWS Systems Manager Patch Manager support live patching? Yes. You can use AWS SSM Patch Manager to automate applying kernel live patches without the need of an immediate reboot when the patch is available as a live patch. Visit the SSM Patch Manager documentation to get started. Q. Where can I get details on security patches provided via Kernel Live Patching? AWS publishes details on kernel live patches to fix security vulnerabilities on the Amazon Linux Security Center. Q. Are there any restrictions to using Kernel Live Patching? While applying a kernel live patch in Amazon Linux 2, you cannot simultaneously perform hibernation, or use advanced debugging tools such as SystemTap, kprobes, eBPF based tools and access ftrace output files used by the kernel live patching infrastructure. Q. How do I remediate issues that may occur while applying kernel live patches to Amazon Linux 2? If you encounter issues with a kernel live patch, disable the patch and inform AWS Support, or Amazon Linux Engineering through an AWS Forums post. Q. Does Kernel Live Patching in Amazon Linux 2 remove the need for reboots for applying security patches entirely? Kernel Live Patching in Amazon Linux 2 does not remove the need for OS reboots entirely but provides significant relief from reboots to fix important and critical security issues outside planned maintenance windows. Each Linux Kernel in Amazon Linux 2 will receive live patches roughly for up to 3 months after the release of an Amazon Linux Kernel. After each 3-month duration, the OS needs to be rebooted into the latest Amazon Linux Kernel to continue to receive kernel live patches. Q. What EC2 instances and on-premises environments is Kernel Live Patching with Amazon Linux 2 supported on? Kernel Live Patching in Amazon Linux 2 is supported on all x86_64 (AMD/Intel 64 bit) platforms that Amazon Linux 2 is supported on. This includes all HVM EC2 instances, VMware Cloud on AWS, VMware ESXi, VirtualBox, KVM, Hyper-V, and KVM. ARM-based platforms are currently unsupported. Q. Will AWS continue to provide regular (“non-live”) patches for OS updates that come with kernel live patches? Yes, AWS will continue to provide regular patches for all OS updates. As a general rule, both regular and kernel live patches will be provided at the same time. Q. What happens if a reboot is performed on Amazon Linux 2 systems that have been kernel live patched? By default, when a reboot is performed, kernel live patches are replaced with regular “non-live” patch equivalents. You can also perform reboots without replacing kernel live patches with regular patches. See Amazon Linux 2 Kernel Live Patching documentation for details. Q. Does Kernel Live Patching affect the ABI compatibility of Amazon Linux 2? Kernel Live Patching in Amazon Linux 2 does not change the kernel ABI compatibility of Amazon Linux 2. Q. How can I get premium support for issues that may be encountered while applying kernel live patches? Business and Enterprise plans for AWS Support includes premium support for all capabilities of Amazon Linux including Kernel Live Patching. AWS only supports kernel live patches provided by AWS and recommends contacting your vendor for issues with third-party kernel live patching solutions. AWS also recommends that you use only one kernel live patching solution on Amazon Linux 2. Q. How will kernel live patches be indicated in the Amazon Linux Security Center? A dedicated row in Amazon Linux Security Center listings will appear for each kernel live patch. The entry will have an identification such as “ALASLIVEPATCH- Q. How long does an Amazon Linux Kernel receive live patches for? A kernel version will get live patches for roughly 3 months. Amazon Linux will provide kernel live patches for the last 6 kernels released. Please note that Kernel Live Patching will be supported only on the default kernel released in Amazon Linux 2. The next generation Kernel in the Extras will not receive kernel live patches. To find out whether the current Linux Kernel continue to receive live patches or not, and when that support window ends, use the following yum command: ‘yum kernel-livepatch supported’ Q. What are the supported yum workflows for Kernel Live Patching? The kernel live patching yum plugin supports all workflows that are normally supported in the yum package management utility. E.g. ‘yum update’, ‘yum update kernel’, ‘yum update —security’, ‘yum update all’. Q. Are kernel live patches signed? The kernel live patch RPMs are signed via GPG keys. However, the kernel modules are currently not signed. Learn about Amazon Linux 2 Visit the product detail page. Learn more Sign up for a free account Instantly get access to the AWS Free Tier. Sign up Start building in the console Get started building with Amazon Linux 2 in the AWS Management Console. Sign in |