Gabriel Aguiar Noury
                
                
              
              on 8 March 2021
            
ROS Kinetic and Ubuntu 16.04 EOL: how to mitigate the impact
For more than ten years, the Robot Operating System (ROS) has been enabling innovators around the world to develop their robot platforms and applications. Through its collection of tools, libraries, and conventions, ROS simplifies the task of creating complex and robust robot behaviour.
Ubuntu has been the primary platform for ROS from the very beginning. That is the reason why every ROS release is supported on exactly one Ubuntu LTS. A ROS distribution is a versioned set of ROS packages. Today, the ROS Kinetic release, and its corresponding Ubuntu distribution, Xenial, reach end-of-life (EOL) in April 2021. This means the end of security updates and Common Vulnerabilities and Exposures (CVE) fixes for both ROS and Ubuntu, as well as dependencies such as Python 2. 
Issues with unsupported software tend to manifest themselves in different and often unexpected ways. Continue reading to understand what the implications are for developers, explore some key considerations to prepare for the impending Xenial and Kinetic EOL, and read to the end for information about how you might stay with ROS Kinetic.
End of life for ROS Kinetic
From April, you will stop receiving CVE fixes and security updates from upstream ROS and Ubuntu for ROS 1 Kinetic and Ubuntu Xenial. Eventually, you will also be unable to use the Ubuntu repositories. Therefore, if you try to install a new application, you’ll get an ‘unable to locate package’ error. For instance, when installing ROS 1 Kinetic Desktop you typically type:
 `sudo apt-get install ros-kinetic-desktop-full`
but this package will no longer exist. Besides, software that you have installed will no longer be patched and your system will be at risk. If your robot is connected to the network, without the security updates your system will become vulnerable to cybersecurity threats. 
To avoid these issues, updating your Ubuntu and ROS distribution to a Long Term Support (LTS) distribution is one of the most sustainable solutions. This is not easy, but we will give you some advice on where to start in the next section.
ROS migration tips
Migrating to a Long Term Support (LTS) Ubuntu and ROS version could be a challenging task. You have to remember that the Ubuntu version and ROS version are co-dependent, so you have to choose a pair. For example, if you upgrade to Ubuntu 18.04 LTS, you also have to upgrade to ROS 1 Melodic. 
So let’s focus on the Operating System first, Ubuntu. You can either upgrade to 18.04 LTS or 20.04 LTS. There is no direct way to upgrade from 16.04 LTS to 20.04 LTS, so you would need to move first to 18.04 LTS and then to 20.04 LTS. For more information, you can watch the 20.04 migration webinar.
Let’s now move to ROS. Here, you could upgrade to ROS 1 Melodic or Noetic, or ROS 2 Foxy. However, there are some key considerations that you should keep in mind:
- Some of your ROS packages may not yet be supported in newer distributions of ROS.
- Some APIs from your current configuration might depend on specific versions of the applications and libraries of Ubuntu Xenial. For example, for us still working in Python 2.7, neither ROS 1 Noetic nor ROS 2 Foxy longer support this Python distribution (For more information please read transitioning to Python 3).
There are comprehensive lists of packages that have been changed in ROS 1 Noetic and Melodic. We recommend 20.04/Noetic unless Python 2 is an explicit requirement.
Finally, you can also move to ROS 2. ROS 2 provided several benefits over ROS 1. However, migrating is not yet a straightforward process. ROS 2 comes with a learning curve, a different build environment, more C++ 11 and higher builtin functions are being utilized and support for Python 3 only. Here you can find a complete migration guide for ROS 2 Foxy.
Want to stay on ROS Kinetic?
Migrating could be difficult. Maybe you need more time? Or maybe you are concerned about instability of newer releases? Don’t worry. We have something just for you.
Canonical’s ROS Extended Security Maintenance (ESM) precisely addresses these issues. As part of Ubuntu Advantage subscription, and delivered in partnership with Open Robotics, ROS ESM gives you a hardened and long-term supported ROS system for robots and its applications.
Simply put, ROS ESM keeps your robot running longer and safer. Even if your ROS distribution hasn’t reached its EOL, you can count on backports for critical security updates and CVEs fixes for your environment.
Get in touch to learn more about our ROS ESM, or visit our website to explore how Canonical has been supporting the security, management and upgrading of robot software.


