For servers we see a number of performance related improvements including network send batching and the introduction of the data centre congestion algorithm, as well as the introduction of discard support in Device Mapper raid configurations. There are also improvements to inode locking which should show benefits under heavy load. Netfilter (nftables) continues to evolve gaining facilities for package logging and dumping.
A number of filesystems gained minor new features, including btrfs which improved its disk replacement in raid 5 and 6 configurations, and support for scrubbing in those. NFS gained hole punching and preallocation support. Overlayfs finally moved upstream so simplifying its provision in Ubuntu. On the networking side we see the start of routing and switch offload support, and the addition of checksum offload for Generic UDP Encapsulation. Finally we see the introduction of the cutely named foo-over-UDP support, allowing a number of other protocols to nest inside.
On cloud we saw a number of Device Mapper thin storage improvements including performance improvements under high load, and speedier discards in these thin configurations. Xen saw a number of minor fixes. For Hyper-v we see the ext2 filesystem gain freeze support allowing default configurations to be snapshotted. Openvswitch continued to evolve gaining basic MPLS support and Geneve tunnelling.
On the security front we see a slew of improvements in Apparmor as well as improved seccomp support including support for cross thread protection. This release also brings support for signed kexec a key gap in secure boot support.