This article shows you how you can use the Azure Image Builder, and the Azure CLI, to create a CIS hardened golden image of Ubuntu Pro 18.04 in a Shared Image Gallery, then distribute the image globally.
In case you’re asking yourself “Ok! I deployed Ubuntu Pro, what now?”, this article will do a deep dive on the security and compliance features available in Ubuntu Pro, such as FIPS, CIS, Open source security, 10-year lifetime and Livepatch.
CIS scoring comparison of the Ubuntu 16.04, 18.04 and 20.04 AMIs from CIS compared to Ubuntu Pro on AWS
This article gives a quick overview of level 1 CIS scoring comparison of the CIS Ubuntu images from CIS on the AWS Marketplace compared to Ubuntu Pro also on the AWS Marketplace with the included CIS hardening script ran on top of it. We will do a comparison of Ubuntu 16.04, 18.04 and 20.04.
CIS scoring comparison of the Ubuntu 16.04 AMI from CIS compared to the Ubuntu Pro 16.04 AMI on the AWS Marketplace
This article does a quick level 1 CIS scoring comparison of the CIS Ubuntu Linux 16.04 LTS Benchmark - Level 1 AMI from CIS on the AWS Marketplace compared to the Ubuntu Pro 16.04 LTS AMI on the AWS Marketplace with the included CIS hardening script ran on top of it.
This article explains how to build an Ubuntu Pro golden image in Google Cloud with Packer. We will use Ubuntu Pro 18.04 as the base for the image, but this process can be done on any version of Ubuntu Pro.
This article explains how to determine if your Ubuntu server in AWS is running Ubuntu Pro.
This article explains how to build an Ubuntu Pro golden image in AWS with Packer. We will use Ubuntu Pro 20.04 as the base for the image, but this process can be done on any version of Ubuntu Pro.
This article explains how to use Ubuntu Pro programmatically in AWS and Azure. The process is a bit different for each cloud and I’ll explain the differences here.
Ubuntu 16.04 LTS will enter the extended security maintenance (ESM) period in April 2021. Auto Scaling groups in AWS contain a collection of Amazon EC2 instances that are treated as a logical grouping for the purposes of automatic scaling and management. Ubuntu Pro is a premium image designed by Canonical to provide additional coverage, like ESM, for production environments running in the cloud. This article explains how to use Ubuntu Pro 16.04 with auto scaling groups in AWS to continue to receive security updates after Ubuntu 16.04 LTS enters ESM.
Azure Pipelines, part of Azure DevOps Services, automatically builds and tests code projects to make them available to others. Azure Pipelines combines CI/CD to constantly and consistently test and build your code and ship it to any target including virtual machines and containers both on-premises and on cloud platforms. This article shows you how to use Azure Pipelines with a self-hosted agent running Ubuntu Pro 18.04.
Terraform is an open-source infrastructure as code software tool that provides a consistent CLI workflow to manage hundreds of cloud services. Terraform codifies cloud APIs into declarative configuration files. This article shows you how to create an Ubuntu Pro 18.04 VM and supporting resources in Azure with Terraform.
This article gives an example of how to build FIPS containers on Ubuntu Pro 18.04. There are probably other ways to do this but this is one way that doesn’t require an Ubuntu Advantage token from Canonical. Instead we’ll use the FIPS repository already enabled in Ubuntu Pro FIPS 18.04 to build the container.
In this article, I’ll explain how to see which live patches you get on Ubuntu Pro with the Kernel Livepatch feature from Canonical. With Canonical’s Livepatch service, kernel patches are delivered immediately without the need to reboot your VMs.
Ubuntu 16.04 LTS Xenial Xerus will enter the extended security maintenance (ESM) period in April 2021. There are already good resources that talk about Ubuntu’s extended security maintenance (ESM), like the Ubuntu blog article Less than 6 months to Ubuntu 16.04 ESM: 6 things to prepare. In this article we’ll take a deeper look at what this actually means from an apt source perspective inside the Ubuntu system.
In 2018, Canonical introduced a smaller Minimal Ubuntu cloud image, available on the public clouds. Canonical says in the introductory blog article that Minimal Ubuntu is less than 50% the size of the standard Ubuntu server image and boots up to 40% faster. There’s also an Ubuntu 20.04 Docker image that is even smaller as one would expect. Here’s a comparison of the packages found in a regular Ubuntu 20.04 cloud image on AWS versus a Minimal Ubuntu 20.04 and an Ubuntu 20.04 Docker container.
Following up on my article How to use the CIS Compliance Tools from Canonical on Ubuntu Pro 18.04, here’s a quick guide on how to get started with STIG on Ubuntu Pro 16.04.
I’ve been trying without success to enable and use Common Criteria on Ubuntu Pro 16.04. Trying to run the beta command
sudo ua enable cc-eal --beta errors out with the following error:
Here’s a quick guide on how to use the CIS beta feature to enable the CIS compliance tools from Canonical on Ubuntu Pro 18.04.
I recently had the chance to play with an Nvidia DGX A100 server. The DGX A100 is a beast with 8x NVIDIA A100 Tensor Core GPUs and a total of 320 GB of GPU Memory.