Oracle caused quite a stir in 2010 when it announced its Unbreakable Enterprise Kernel for Oracle Linux. We’ve checked in with Sergio Leunissen, Vice President, Linux and VM Development at Oracle, for an update on the ABCs of this important introduction as well as the company’s latest take on Linux.
Linux Foundation: First, please remind us what exactly is the Unbreakable Enterprise Kernel (UEK)?
Leunissen: UEK is a Linux kernel Oracle created to address the needs of customers running demanding software such as Oracle Database on large scale systems. Its focus is performance, stability, and minimal backports by tracking the upstream kernel code as closely as is practical. UEK is well-tested and used to run Oracle Engineered Systems, Oracle Cloud Infrastructure, and large enterprise deployments for Oracle customers. The source for UEK is published on GitHub: https://github.com/oracle/linux-uek
LF: Who is seeing the biggest benefit from the UEK?
Leunissen: First, it goes without saying that customers running Oracle software benefit from our development and testing of Oracle Database and middleware on tens of thousands of systems running Linux with UEK on a daily basis. Add to that the demands of running the infrastructure for Oracle Cloud running SaaS applications, databases, containers and Kubernetes clusters, etc. Our customers can take comfort in knowing that the kernel they run is the same one we run.
But, by no means do only Oracle customers benefit. Our kernel team adds features (to) and fixes bugs in subsystems that span the Linux kernel, including networking, block storage, filesystems, etc. This development will benefit any workload relying on the kernel’s overall ability to handle lots of memory, network, and I/O.
Finally, because UEK tracks upstream kernels so closely, the bugs we find and fix are relevant to the mainline Linux kernel.
LF: The Unbreakable Enterprise Kernel is touted as fast, modern and reliable. Can you elaborate on these benefits?
- Fast – Optimized to run well on large systems with lots of memory and large storage systems. Works well with modern solid state storage.
- Modern – tracking mainline Linux closely to incorporate the latest innovations
- Reliable – Extensively tested by Oracle with real world workloads
Most customers we work with must stick to specific releases of core userspace components but do want to exploit innovations from upstream development efforts. With UEK, we are able to balance an enterprise support model with a Linux kernel that syncs up with mainline more frequently.
LF: How much emphasis do you put on security in your kernel development work?
Leunissen: Oracle is a cloud provider that contributes to Linux. Oracle Linux is the host OS for most of the Oracle application and infrastructure offerings. As such, we work closely with our cloud development team to build a scalable Linux platform with virtualization and container services without compromising on security. UEK is a key part of this.
LF: The Linux kernel developers at Oracle work both on mainline directly and UEK, can you explain how this works?
Leunissen: As mentioned above, we publish the source for UEK on GitHub. Keeping our changes open source enables us to integrate with upstream Linux kernels quickly, which also means we have state-of-the-art drivers and filesystems, hardware support, and security fixes from the community. And, again, because UEK tracks upstream kernels so closely, we don’t spend a lot of time addressing bugs that are unique to the kernel as it relates to Oracle’s efforts. Rather, our fixes are relevant to upstream kernels as well.
LF: Are there particular development projects you are working on that you’d like to highlight?
Leunissen: As a cloud provider, containers and virtualization are important to Oracle. We do a lot of work on KVM and QEMU. For example, we are doing work to make sure Xen VM guests can run as is on a KVM host. Recently we’ve been working on Kata containers (previously Clear Containers), which is a deployment model for applications that combines the isolation of VMs with the speed, footprint, and interaction model of containers. Also, with UEK powering tens of thousands of systems in our cloud, we are doing work to improve the startup time performance for Linux systems by parallelizing kernel boot-time tasks, shaving precious seconds off the startup time for bare metal and virtualized workloads. Finally, it would be remiss not to point out that we are actively working on Linux for ARM with the focus to provide a high-quality Linux OS for 64-bit ARM (aarch64)-based servers.