Alibaba Cloud Linux 2 (formerly known as Aliyun Linux 2) is an operating system provided by Alibaba Cloud. It provides a safe, stable, and high-performance customized environment for applications on ECS instances. Alibaba Cloud Linux 2 is optimized for the cloud infrastructure and aims to deliver a better runtime experience. You can create an instance from an Alibaba Cloud Linux 2 image. Alibaba Cloud Linux 2 images are free to use, and Alibaba Cloud provides long-term technical support (LTS) for them.

For more information, see the Alibaba Cloud Linux 2 product page.

Scenarios

Alibaba Cloud Linux 2 is suitable for the following scenarios:
  • Various workloads in cloud environments, such as databases, cloud native containers, data analytics, web applications, and other workloads in the production environment.
  • Various instance families including ECS Bare Metal Instance families. For more information, see Instance families.
    • Alibaba Cloud Linux 2 supports instance types with 1 to 160 vCPUs.
    • Alibaba Cloud Linux 2 supports instance types with memory of 0.5 GiB to 3,840 GiB.
    • Alibaba Cloud Linux 2 does not support non-I/O optimized instances.

Benefits

Compared with other Linux distributions, Alibaba Cloud Linux 2 has the following benefits:
  • Alibaba Cloud provides long-term free software maintenance and technical support for Alibaba Cloud Linux 2.
  • Alibaba Cloud Linux 2 is optimized for integration with the Alibaba Cloud infrastructure and provides faster system startup and higher runtime performance.
  • Alibaba Cloud Linux 2 provides the latest enhanced features of the Linux community to power cloud-based application environments.
  • Alibaba Cloud Linux 2 is equipped with an updated Linux kernel, user-mode packages, and toolkits that provide additional features to the operating system.
  • Alibaba Cloud Linux 2 offers a streamlined kernel and increased protection against security risks. Alibaba Cloud Linux 2 provides policies to monitor and fix security vulnerabilities and ensures constant system security.

Features

  • Alibaba Cloud Linux 2 is distributed with the latest version of the Alibaba Cloud kernel. The kernel have the following features:
    • The Alibaba Cloud kernel is based on Linux kernel V4.19 with the LTS from the kernel community. It is optimized for cloud-based scenarios, improved performance, and bug fixes. For more information, see Release notes of Alibaba Cloud Linux 2.
    • Alibaba Cloud Linux 2 provides customized and optimized kernel startup parameters and system configuration parameters for the ECS instance environment.
    • Alibaba Cloud Linux 2 provides kdump, which is a kernel dumping mechanism used in case of operating system failures. You can enable or disable this feature without restarting the operating system.
    • Alibaba Cloud Linux 2 provides Kernel Live Patching (KLP).
  • Alibaba Cloud Linux 2 has software pre-installed or updated.
    • The user-mode package is compatible with the latest version of CentOS 7 and can run on Alibaba Cloud Linux 2.
    • Alibaba Cloud Linux 2 is pre-installed with Alibaba Cloud CLI.
    • The network module is changed from network.service to systemd-networkd.
    • Fixes for CVE vulnerabilities are continuously updated until the end of life (EOL) of Alibaba Cloud Linux 2. For more information, see Alibaba Cloud Linux 2.1903 Security Advisories. Alibaba Cloud Linux 2 provides solutions to automatically fix vulnerabilities. For more information, see Use YUM to perform security updates.
  • Alibaba Cloud Linux 2 accelerates the startup process, improves runtime performance, and enhances system stability in the following ways:
    • Alibaba Cloud Linux 2 optimizes the startup speed of ECS instances. Tests have proven that Alibaba Cloud Linux 2 can save 60% of startup time compared with other operating systems.
    • Alibaba Cloud Linux 2 optimizes scheduling, memory, I/O, and network subsystems. In some open source benchmark tests, Alibaba Cloud Linux 2 improves performance by 10% to 30% compared with other operating systems.
    • Alibaba Cloud Linux 2 provides enhanced system stability. Alibaba Cloud Linux 2 can reduce downtime by 50% compared with other operating systems.

Images

Image Description
Alibaba Cloud Linux 2.1903 LTS 64-bit The default standard image version of Alibaba Cloud Linux 2.
Alibaba Cloud Linux 2.1903 64-bit (Quick Start)
This image is a customized image based on the Alibaba Cloud kernel. It supports quick boot (Qboot) and starts instances directly from the kernel. Instances created from images of this version can be started faster than instances created from other images and have the same default runtime environment as instances created from images of standard versions. This image version has the following characteristics:
  • It accelerates only the initial startup of instances, and subsequently starts instances at a normal speed.
  • It optimizes and accelerates the process of initializing memory, modularizes devices such as mice that take time to start, and speeds up the kernel boot.
  • It replaces the cloud-init service with the latest AliyunInit service, which reduces the amount of time required to initialize the system.
  • Images of this version are available in the following regions: China (Hangzhou), China (Shenzhen), China (Beijing), China (Zhangjiakou), and China (Hong Kong).
Note The kernel startup parameters of the quick start version cannot be modified.
Alibaba Cloud Linux 2.1903 LTS 64-bit (AMD-compatible) This image version is derived from Alibaba Cloud Linux 2.1903 LTS 64-bit and can be used to create Alibaba Cloud ECS AMD-compatible instances. This image version supports only the Unified Extensible Firmware Interface (UEFI) boot mode.
Note Images of this version can be used to create instances of only the following Alibaba Cloud ECS Bare Metal Instance families (AMD-compatible): ecs.ebmg6a, ecs.ebmc6a, and ecs.ebmr6a.
Alibaba Cloud Linux 2.1903 64-bit (Trusted) The image version is derived from Alibaba Cloud Linux 2.1903 LTS 64-bit and can be used to create Alibaba Cloud trusted instances.
Note Images of this version can be used to create instances of only the following trusted instance families: ecs.g6t and ecs.c6t.

Billing

Alibaba Cloud Linux 2 images are provided for free. However, you must pay for other resources such as vCPUs, memory, storage, public bandwidth, and snapshots. For more information, see Billing overview.

Obtain Alibaba Cloud Linux 2 images

You can use the following methods to obtain and use Alibaba Cloud Linux 2 images:

Use Alibaba Cloud Linux 2

  • View or modify system parameters

    You can run the sysctl command to view or modify the runtime parameters of Alibaba Cloud Linux 2. Alibaba Cloud Linux 2 has the following kernel configuration parameters updated in the /etc/sysctl.d/50-aliyun.conf file.

    System parameter setting Description
    kernel.hung_task_timeout_secs = 240 Increases the kernel hung_task timeout period in seconds to avoid frequent hung_task prompts.
    kernel.panic_on_oops = 1 Throws the kernel panic exception when the kernel is experiencing an Oops error. System failure details are automatically captured if kdump is configured.
    kernel.watchdog_thresh = 50 Increases the thresholds for events such as hrtimer, NMI, soft lockup, and hard lockup to avoid potential kernel false positives.
    kernel.hardlockup_panic = 1 Throws the kernel panic exception when the kernel is experiencing a hard lockup error. System failure details are automatically captured if kdump is configured.
  • View kernel parameters

    You can run the cat /proc/cmdline command to view the runtime kernel parameters of Alibaba Cloud Linux 2. Alibaba Cloud Linux 2 has the following kernel parameters updated.

    Kernel parameter setting Description
    crashkernel=0M-2G:0M,2G-8G:192M,8G-:256M Reserves memory space for kdump.
    cryptomgr.notests Disables crypto self-check during kernel startup to accelerate system startup.
    cgroup.memory=nokmem Disables the kernel memory statistics function of the memory cgroup to avoid potential kernel instability.
    rcupdate.rcu_cpu_stall_timeout=300 Increases the timeout threshold of RCU CPU Stall Detector to 300 seconds to avoid kernel false positives.
  • Roll back the kernel version
    By default, Alibaba Cloud Linux 2 is distributed with Alibaba Cloud kernel V4.19.y. The kernel version changes when you update the image. You can run the following commands to install and switch to a V3.10 series kernel that is compatible with CentOS 7.
    Note Changes of the kernel version may result in a boot failure. Exercise caution when you perform this operation.
    Run the following commands to roll back to a V3.10 kernel:
    # Install a V3.10 kernel.
    sudo yum install -y kernel-3.10.0
    # Configure the GRUB driver.
    sudo grub2-set-default "$(grep ^menuentry /boot/grub2/grub.cfg | grep 3.10.0 | awk -F\' '{ print $2 }')"
    # Update the changes into the configuration file.
    sudo grub2-mkconfig -o /boot/grub2/grub.cfg
    # Restart the operating system for the new configurations to take effect.
    sudo reboot
  • Enable or disable kdump

    Alibaba Cloud Linux 2 provides the kdump service. After this service is enabled, kernel errors can be captured to help you analyze kernel failures.

    Note If the memory of the selected instance type is less than or equal to 2 GiB, the kdump service cannot be used.
    • Run the following commands to enable the kdump service:
      # Enable the kdump service.
      sudo systemctl enable kdump.service
      # Restart the kdump service.
      sudo systemctl restart kdump.service
    • Run the following commands to return the memory address space reserved by the kdump service to the operating system and disable the kdump service:
      # Change the configuration in the /sys/kernel/kexec_crash_size file.
      sudo sh -c 'echo 0 > /sys/kernel/kexec_crash_size'
      # Disable the kdump service.
      sudo systemctl disable kdump.service
      # Stop the kdump service.
      sudo systemctl stop kdump.service
      Note After the memory address space reserved by the kdump service is returned to the operating system, you must restart the operating system before you can re-enable the kdump service.
  • Configure the network
    By default, Alibaba Cloud Linux 2 uses systemd-networkd to configure the network. The configuration file for DHCP or static IP addresses is located in the /etc/systemd/network/ directory.
    # Restart the network.
    sudo systemctl restart systemd-networkd
  • Obtain the Debuginfo package and the source code package
    • Run the following commands to obtain the Debuginfo package:
      # Install yum-utils.
      sudo yum install -y yum-utils
      # Install the Debuginfo package. packageName specifies the name of the software package to be installed.
      sudo debuginfo-install -y <packageName>
    • Run the following commands to obtain the source code package:
      # Install the source code.
      sudo yum install -y alinux-release-source
      # Install yum-utils.
      sudo yum install -y yum-utils
      # Install the source code package. sourcePackageName specifies the name of the software package to be installed.
      sudo yumdownloader --source <sourcePackageName>
  • Use experimental software packages
    Experimental software packages are provided by Alibaba Cloud, but are not fully tested. Alibaba Cloud do not guarantee the quality of these packages. Alibaba Cloud Linux 2 provides the following types of experimental packages:
    • Experimental software packages that serve common purposes
      • Golang 1.12
      • Golang 1.13

      Run the following commands to install an experimental software package that serves common purposes:

      # Enable YUM repositories.
      sudo yum install -y alinux-release-experimentals
      # Install an experimental software package that serves common purposes. packageName specifies the name of the software package to be installed.
      sudo yum install -y <packageName>
    • Use developments kits that support SCL plug-ins
      • Development kit based on GCC-7.3.1: devtoolset-7
      • Development kit based on GCC-8.2.1: devtoolset-8
      • Development kit based on GCC-9.1.1: devtoolset-9

      Run the following commands to install an experimental software package that supports SCL plug-ins:

      # Install scl-utils.
      sudo yum install -y scl-utils
      # Enable YUM repositories.
      sudo yum install -y alinux-release-experimentals
      # Install the software packages that you need from the YUM repositories. The following sample commands are run to install all development kits that support the plug-ins:
      sudo yum install -y devtoolset-7-gcc devtoolset-7-gdb devtoolset-7-binutils devtoolset-7-make
      sudo yum install -y devtoolset-8-gcc devtoolset-8-gdb devtoolset-8-binutils devtoolset-8-make
      sudo yum install -y devtoolset-9-gcc devtoolset-9-gdb devtoolset-9-binutils devtoolset-9-make
      After the software packages are installed, you can use the later versions of GCC and related tools. The following sample code provides an example:
      # Specify the repository name to view an existing SCL. Repository devtoolset-7 is used in the following sample code:
      scl -l devtoolset-7
      # Run the related SCL software.
      scl enable devtoolset-7 'gcc --version'

Update history

Technical support

Alibaba Cloud provides the following technical support for Alibaba Cloud Linux 2:
  • Five-year LTS is provided in the form of security updates and vulnerability fixes until the version lifecycle ends on March 31, 2024. You can obtain free LTS in the following ways:
  • Images are updated every four months. Updates cover new features, security updates, and vulnerability fixes.
  • Security updates are provided from YUM repositories. You can run the yum update command to update to the latest version.