tag:blogger.com,1999:blog-38227572910614443962024-02-27T03:14:01.212-06:00From the Canyon EdgeDustin Kirklandhttp://www.blogger.com/profile/12464590128908584782noreply@blogger.comBlogger234125tag:blogger.com,1999:blog-3822757291061444396.post-80345969524309016362018-02-20T14:07:00.004-06:002018-02-20T14:32:42.425-06:00RFC: The New Ubuntu 18.04 LTS Server InstallerOne of the many excellent suggestions from last year's HackerNews thread, <a href="https://news.ycombinator.com/item?id=14002821">Ask HN: What do you want to see in Ubuntu 17.10?</a>, was to refresh the Ubuntu server's command line installer:<br />
<div>
<br /></div>
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEh5ydlszSQX4Jsbngf-TbWOOe_FSGMuIMYx5yuTT3mXcgXRkNk8LuVXKQV3XKh-bsjmWpbdy9rIBdZ7ODUZMz_crNGz6b-CzNaFFHdvZ1j1CfpzBCol7P9tnY9x6sjRNzqDebRWYT8nIx0/s1600/Screenshot+from+2018-02-20+13-42-25.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" data-original-height="106" data-original-width="1207" height="35" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEh5ydlszSQX4Jsbngf-TbWOOe_FSGMuIMYx5yuTT3mXcgXRkNk8LuVXKQV3XKh-bsjmWpbdy9rIBdZ7ODUZMz_crNGz6b-CzNaFFHdvZ1j1CfpzBCol7P9tnY9x6sjRNzqDebRWYT8nIx0/s400/Screenshot+from+2018-02-20+13-42-25.png" width="400" /></a></div>
<div>
<br /></div>
<div>
We're pleased to introduce this new installer, which will be the default Server installer for 18.04 LTS, and solicit your feedback.<br />
<br />
Follow the instructions below, to download the current daily image, and install it into a KVM. Alternatively, you could write it to a flash drive and install a physical machine, or try it in your virtual machine of your choice (VMware, VirtualBox, etc.).</div>
<div>
<br /></div>
<pre>$ wget http://cdimage.ubuntu.com/ubuntu-server/daily-live/current/bionic-live-server-amd64.iso
$ qemu-img create -f raw target.img 10G
$ kvm -m 1024 -boot d -cdrom bionic-live-server-amd64.iso -hda target.img
...
$ kvm -m 1024 target.img
</pre>
<div>
<br />
For those too busy to try it themselves at the moment, I've taken a series of screenshots below, for your review.<br />
<br />
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjhyZiahX33MbNZq9j1irfWARbu1SZ-XTDNea42_iItrbm1YaXOLr5S-UHIt_8MLFoPdsgVaQKKwNJgkIB7qidFCjDHsjgv-IVs5g39JZzb83kU-fFRmN9jH55g7SsDBDg-W0BJtWXXroI/s1600/Screenshot+from+2018-02-20+13-40-15.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" data-original-height="478" data-original-width="634" height="301" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjhyZiahX33MbNZq9j1irfWARbu1SZ-XTDNea42_iItrbm1YaXOLr5S-UHIt_8MLFoPdsgVaQKKwNJgkIB7qidFCjDHsjgv-IVs5g39JZzb83kU-fFRmN9jH55g7SsDBDg-W0BJtWXXroI/s400/Screenshot+from+2018-02-20+13-40-15.png" width="400" /></a></div>
<br />
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgfew3aUqjetUkVx5xgsLdtPUxSnhyXavSual_BVgeKLQyp_3Uo4CmqR1sgu8VB06B0aGvEs4UyE5HpxTtJ7Izj25cGPVnEezg5gana_iBdqHmNJJqjQAjxVP-Np_3IgikOnze1UbQG7X0/s1600/Screenshot+from+2018-02-20+13-47-56.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" data-original-height="473" data-original-width="634" height="297" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgfew3aUqjetUkVx5xgsLdtPUxSnhyXavSual_BVgeKLQyp_3Uo4CmqR1sgu8VB06B0aGvEs4UyE5HpxTtJ7Izj25cGPVnEezg5gana_iBdqHmNJJqjQAjxVP-Np_3IgikOnze1UbQG7X0/s400/Screenshot+from+2018-02-20+13-47-56.png" width="400" /></a></div>
<br />
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgDZLiWPn9VmGueNC24NusvessVn2DT9I6BkNkCTH7FB766Xe8jcykplKglrffPjr1Wty94SJ4yD_DJeWyQsXnRbCtWKXx4I4TvSHGlinOH_UrNDCvdZGhV0u_Wq0c57yresyupcCHv2OA/s1600/Screenshot+from+2018-02-20+13-48-51.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" data-original-height="400" data-original-width="718" height="222" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgDZLiWPn9VmGueNC24NusvessVn2DT9I6BkNkCTH7FB766Xe8jcykplKglrffPjr1Wty94SJ4yD_DJeWyQsXnRbCtWKXx4I4TvSHGlinOH_UrNDCvdZGhV0u_Wq0c57yresyupcCHv2OA/s400/Screenshot+from+2018-02-20+13-48-51.png" width="400" /></a></div>
<br />
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjAgbnWvWBECwPLU_9eOsMl20j3PQpetoiyY1Dljf0ZHYIOseh9gkEMoHOZn2ArrDuDk8sB3Tur9jYiVDZin952yGukjoNR7Et9-TWgoI5if4WtoqOXAaylw4Bkowig9yqmiJvgJA5WxXA/s1600/Screenshot+from+2018-02-20+13-51-31.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" data-original-height="398" data-original-width="718" height="221" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjAgbnWvWBECwPLU_9eOsMl20j3PQpetoiyY1Dljf0ZHYIOseh9gkEMoHOZn2ArrDuDk8sB3Tur9jYiVDZin952yGukjoNR7Et9-TWgoI5if4WtoqOXAaylw4Bkowig9yqmiJvgJA5WxXA/s400/Screenshot+from+2018-02-20+13-51-31.png" width="400" /></a></div>
<br />
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEinrQ9ZiOkFhwEWgAU5fLcJmU8BWIcnkbDI3q8EiBQqrRzFSbR9ShTuW_QYbpMRUIE_xbP3pNpPjbZ9wIuhxd-xHBRv34RZdU7kibEF303pFgXXGXR2YJOCXsj8NCuWNYR5xtYl1Au5kHQ/s1600/Screenshot+from+2018-02-20+13-52-01.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" data-original-height="401" data-original-width="722" height="221" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEinrQ9ZiOkFhwEWgAU5fLcJmU8BWIcnkbDI3q8EiBQqrRzFSbR9ShTuW_QYbpMRUIE_xbP3pNpPjbZ9wIuhxd-xHBRv34RZdU7kibEF303pFgXXGXR2YJOCXsj8NCuWNYR5xtYl1Au5kHQ/s400/Screenshot+from+2018-02-20+13-52-01.png" width="400" /></a></div>
<br />
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhVA_lngYOWmQ9QX-Q-e1hJohFQ84gj8aIiv1ukY0N6xponEnQctLLtSsB6AounGFLKud2uJMHDUtX8rgvkSTfLV6k9gXqFnlWntgbxWudRRqwnxuQN5STIJB09QcN86OWo3yqRAqAU2Ks/s1600/Screenshot+from+2018-02-20+13-52-33.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" data-original-height="400" data-original-width="718" height="222" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhVA_lngYOWmQ9QX-Q-e1hJohFQ84gj8aIiv1ukY0N6xponEnQctLLtSsB6AounGFLKud2uJMHDUtX8rgvkSTfLV6k9gXqFnlWntgbxWudRRqwnxuQN5STIJB09QcN86OWo3yqRAqAU2Ks/s400/Screenshot+from+2018-02-20+13-52-33.png" width="400" /></a></div>
<br />
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhjv5kTcc_sG4iNQt6hm4OlZjIu4JqgO9GpLVZWr1vob2Bqmpx7j03HgH1rYodcB0l7DY_aC-p7_mc_cw3ZRal4jWKw3oqZPntROByiTLkct8gjtPseRickTyCB27qncKoqd9JbV3TBAr8/s1600/Screenshot+from+2018-02-20+13-53-01.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" data-original-height="400" data-original-width="717" height="222" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhjv5kTcc_sG4iNQt6hm4OlZjIu4JqgO9GpLVZWr1vob2Bqmpx7j03HgH1rYodcB0l7DY_aC-p7_mc_cw3ZRal4jWKw3oqZPntROByiTLkct8gjtPseRickTyCB27qncKoqd9JbV3TBAr8/s400/Screenshot+from+2018-02-20+13-53-01.png" width="400" /></a></div>
<div class="separator" style="clear: both; text-align: center;">
<br /></div>
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjHDhw-pcFq249aeBSuRCPJd1FSZASppN5ma_NyA3AM3S5xBGpBZcv9_dQOlrKjmf7qtflpi424os3MZWOZOvs8l8ajLbWo3xGP1_Jk-qJ7ZI85IRUP0bJkfE8_1dbe3Lax2txXY2TiWTc/s1600/Screenshot+from+2018-02-20+13-53-24.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" data-original-height="401" data-original-width="717" height="222" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjHDhw-pcFq249aeBSuRCPJd1FSZASppN5ma_NyA3AM3S5xBGpBZcv9_dQOlrKjmf7qtflpi424os3MZWOZOvs8l8ajLbWo3xGP1_Jk-qJ7ZI85IRUP0bJkfE8_1dbe3Lax2txXY2TiWTc/s400/Screenshot+from+2018-02-20+13-53-24.png" width="400" /></a></div>
<br />
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiaiihqAvMjoMQvMtk5sw4lJ87ooM3XIvwTL2mnxyOgErCB8XIxFSVx707EeIvXMKj1Ou0iK8gtWI82XvD5nbCHZp2Fn8mgGduMNmWJSu4_ZsvoWHZEGaKa-T1lo4wqHECaBPhDL09Gh3M/s1600/Screenshot+from+2018-02-20+13-54-00.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" data-original-height="399" data-original-width="718" height="221" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiaiihqAvMjoMQvMtk5sw4lJ87ooM3XIvwTL2mnxyOgErCB8XIxFSVx707EeIvXMKj1Ou0iK8gtWI82XvD5nbCHZp2Fn8mgGduMNmWJSu4_ZsvoWHZEGaKa-T1lo4wqHECaBPhDL09Gh3M/s400/Screenshot+from+2018-02-20+13-54-00.png" width="400" /></a></div>
<br />
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjhOu5TPqz4PC3Dx-TTOl-PwZ3plOQxJhSKQwyBR47nZire3wJL4UsPfMtv2GZE2dfjIASwrfEXhOk9I_B1zbAueJ3iBVIyvooHpso4-h7wRrlL_Bxm7u8FRvpLGIFqbZ3w6sOuATlxefs/s1600/Screenshot+from+2018-02-20+13-55-16.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" data-original-height="399" data-original-width="717" height="222" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjhOu5TPqz4PC3Dx-TTOl-PwZ3plOQxJhSKQwyBR47nZire3wJL4UsPfMtv2GZE2dfjIASwrfEXhOk9I_B1zbAueJ3iBVIyvooHpso4-h7wRrlL_Bxm7u8FRvpLGIFqbZ3w6sOuATlxefs/s400/Screenshot+from+2018-02-20+13-55-16.png" width="400" /></a></div>
<br />
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjbCLJi2ungQRAaVZUYrr-dAWgDFrmFsl-5dEukqGT6Dq0LmIQnGCa1Qms1wT-LW6SzdaQhokRJUd-Y2JX6bL3ZOqEiAR8Iafq37pu3VF1xlTFUZHCdhD_PC6HKp8rxAGti8GJbeCww5g0/s1600/Screenshot+from+2018-02-20+13-55-45.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" data-original-height="401" data-original-width="716" height="223" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjbCLJi2ungQRAaVZUYrr-dAWgDFrmFsl-5dEukqGT6Dq0LmIQnGCa1Qms1wT-LW6SzdaQhokRJUd-Y2JX6bL3ZOqEiAR8Iafq37pu3VF1xlTFUZHCdhD_PC6HKp8rxAGti8GJbeCww5g0/s400/Screenshot+from+2018-02-20+13-55-45.png" width="400" /></a></div>
<br />
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEj4tjtFs3HHLYkaPDwvabQkbG_-Crai9f6fhjbK-A6bI7TmZAYg6Qg1M70JSK9FVXtolklEP5vRumt0TgIwcbsLJA4ayBQJ9dA8VEdKoPsLCio5Kpl_S1Et97bQ6VmujWEbTPtbETrQis0/s1600/Screenshot+from+2018-02-20+13-56-10.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" data-original-height="401" data-original-width="717" height="222" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEj4tjtFs3HHLYkaPDwvabQkbG_-Crai9f6fhjbK-A6bI7TmZAYg6Qg1M70JSK9FVXtolklEP5vRumt0TgIwcbsLJA4ayBQJ9dA8VEdKoPsLCio5Kpl_S1Et97bQ6VmujWEbTPtbETrQis0/s400/Screenshot+from+2018-02-20+13-56-10.png" width="400" /></a></div>
<br />
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjqI78UZdnPqWZteTzy4v817NZ2T0dnUj9OHtneYgsPuRjnpIMms10l7E-8MXmTZ6gpxzqI_BuFD-JCY4b5_v1yxuiB0gNkCBYhulOZuO4Jv-l0ACoa5zdybEv8K9jBl-z2UclO9Z4ayCk/s1600/Screenshot+from+2018-02-20+13-58-05.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" data-original-height="398" data-original-width="724" height="218" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjqI78UZdnPqWZteTzy4v817NZ2T0dnUj9OHtneYgsPuRjnpIMms10l7E-8MXmTZ6gpxzqI_BuFD-JCY4b5_v1yxuiB0gNkCBYhulOZuO4Jv-l0ACoa5zdybEv8K9jBl-z2UclO9Z4ayCk/s400/Screenshot+from+2018-02-20+13-58-05.png" width="400" /></a></div>
<br />
Finally, you can provide feedback, bugs, patches, and feature requests against the Subiquity project in Launchpad:<br />
<br />
<ul>
<li><a href="https://bugs.launchpad.net/subiquity">https://bugs.launchpad.net/subiquity</a></li>
</ul>
<br />
<br />
Cheers,<br />
Dustin</div>
Dustin Kirklandhttp://www.blogger.com/profile/12464590128908584782noreply@blogger.com0Austin, TX, USA30.267153 -97.74306079999996729.828484 -98.388507799999971 30.705822 -97.097613799999962tag:blogger.com,1999:blog-3822757291061444396.post-47199081908294665472018-02-16T11:12:00.000-06:002018-02-16T11:12:22.289-06:0010 Amazing Years of Ubuntu and Canonical<div>
<table align="center" cellpadding="0" cellspacing="0" class="tr-caption-container" style="margin-left: auto; margin-right: auto; text-align: center;"><tbody>
<tr><td style="text-align: center;"><a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhKJAxbarW-KBs7qYCQaqXIfcDLAy_WT0sY_r4UJmGssqxzWu4ZGr0fs8nFdVePrCJRW9nQsGBbSI5NzKVYuIlK7tazYaQHMTlDCcWK378DNYnY6Numdch_nov0FcxagPD75RELg8uS4GU/s1600/2008-02-29_17-28-19__IMG_0286.jpg" imageanchor="1" style="margin-left: auto; margin-right: auto;"><img border="0" data-original-height="1200" data-original-width="1600" height="300" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhKJAxbarW-KBs7qYCQaqXIfcDLAy_WT0sY_r4UJmGssqxzWu4ZGr0fs8nFdVePrCJRW9nQsGBbSI5NzKVYuIlK7tazYaQHMTlDCcWK378DNYnY6Numdch_nov0FcxagPD75RELg8uS4GU/s400/2008-02-29_17-28-19__IMG_0286.jpg" width="400" /></a></td></tr>
<tr><td class="tr-caption" style="font-size: 12.8px;"><i>February 2008, Canonical's office in Lexington, MA</i></td></tr>
</tbody></table>
10 years ago today, I joined Canonical, on the very earliest version of the Ubuntu Server Team!</div>
<div>
<br /></div>
<div>
And in the decade since, I've had the tremendous privilege to work with so many amazing people, and the opportunity to contribute so much open source software to the Ubuntu ecosystem.</div>
<div>
<br /></div>
<div>
Marking the occasion, I've reflected about much of my work over that time period and thought I'd put down in writing a few of the things I'm most proud of (in chronological order)... Maybe one day, my daughters will read this and think their daddy was a real geek :-)</div>
<div>
<h4>
1. update-motd / <a href="https://motd.ubuntu.com/">motd.ubuntu.com</a> (September 2008)</h4>
<div>
<h4>
<div style="font-weight: 400;">
<ul>
<li><a href="http://blog.dustinkirkland.com/2008/09/update-motd-in-ubuntu-intrepid.html">http://blog.dustinkirkland.com/2008/09/update-motd-in-ubuntu-intrepid.html</a></li>
</ul>
<div>
Throughout the history of UNIX, the "message of the day" was always manually edited and updated by the local system administrator. Until Ubuntu's message-of-the-day. In fact, I <a href="http://blog.dustinkirkland.com/2011/10/email-i-received-from-dennis-ritchie-by.html">received an email</a> from Dennis Ritchie and Jon "maddog" Hall, confirming this, in April 2010. This started as a feature request for the Landscape team, but has turned out to be tremendously useful and informative to all Ubuntu users. Just last year, we launched <a href="http://motd.ubuntu.com/">motd.ubuntu.com</a>, which provides even more dynamic information about important security vulnerabilities and general news from the Ubuntu ecosystem. Mathias Gug help me with the design and publication.</div>
</div>
</h4>
<h4>
2. <a href="http://manpages.ubuntu.com/">manpages.ubuntu.com</a> (September 2008)</h4>
<h4>
<div style="font-weight: 400;">
<ul>
<li><a href="http://blog.dustinkirkland.com/2008/09/announcing-ubuntu-manpage-repository.html">http://blog.dustinkirkland.com/2008/09/announcing-ubuntu-manpage-repository.html</a></li>
</ul>
<div>
This was the first public open source project I worked on, in my spare time at Canonical. I had a local copy of the Ubuntu archive and I was thinking about what sorts of automated jobs I could run on it. So I wrote some scripts that extracted the manpages out of each one, formatted them as HTML, and published into a structured set of web directories. 10 years later, it's still up and running, serving thousands of hits per day. In fact, this was one of the ways we were able to shrink the Ubuntu minimal image, but removing the manpages, since they're readable online. Colin Watson and Kees Cook helped me with the initial implementation, and Matthew Nuzum helped with the CSS and Ubuntu theme in the HTML.</div>
</div>
<div style="font-weight: 400;">
</div>
</h4>
<h4>
3. <a href="http://byobu.org/">Byobu</a> (December 2008)</h4>
</div>
</div>
<div>
If you know me at all, you know my passion for the command line UI/UX that is "<a href="http://byobu.org/">Byobu</a>". Byobu was born as the "<a href="http://blog.dustinkirkland.com/2008/12/ubuntu-server-includes-window-manager.html">screen-profiles</a>" project, over lunch at Google in Mountain View, in December of 2008, at the Ubuntu Developer Summit. Around the lunch table, several of us (including Nick Barcet, Dave Walker, Michael Halcrow, and others), shared our tips and tricks from our own ~/.screenrc configuration files. In Cape Town, February 2010, at the suggestion of Gustavo Niemeyer, I ported Byobu from Screen to Tmux. Since Ubuntu Servers don't generally have GUIs, Byobu is designed to be a really nice interface to the Ubuntu command line environment.</div>
<h4>
4. <a href="http://ecryptfs.org/">eCryptfs</a> / Ubuntu Encrypted Home Directories (October 2009)</h4>
<h4>
<div style="font-weight: 400;">
</div>
<div style="font-weight: 400;">
<ul>
<li><a href="http://www.linux-mag.com/id/7568/">http://www.linux-mag.com/id/7568/</a></li>
</ul>
</div>
<div style="font-weight: 400;">
I was familiar with eCryptfs from its inception in 2005, in the IBM Linux Technology Center's Security Team, sitting next to Michael Halcrow who was the original author. When I moved to Canonical, I helped Michael maintain the userspace portion of eCryptfs (ecryptfs-utils) and I shepherded into Ubuntu. eCryptfs was super powerful, with hundreds of options and supported configurations, but all of that proved far to difficult for users at large. So I set out to simplify it drastically, with an opinionated set of basic defaults. I started with a simple command to mount a "Private" directory inside of your home directory, where you could stash your secrets. A few months later, on a long flight to Paris, I managed to hack a new PAM module, pam_ecryptfs.c, that actually encrypted your entire home directory! This was pretty revolutionary at the time -- predating Apple's FileVault or Microsoft's Bitlocker, even. Today, tens of millions of Ubuntu users have used eCryptfs to secure their personal data. I worked closely with Tyler Hicks, Kees Cook, Jamie Strandboge, Michael Halcrow, Colin Watson, and Martin Pitt on this project over the years.</div>
</h4>
<h4>
5. ssh-import-id (March 2010)</h4>
<h4>
<div style="font-weight: 400;">
<ul>
<li><a href="http://blog.dustinkirkland.com/2010/03/introducing-ssh-import-lp-id.html">http://blog.dustinkirkland.com/2010/03/introducing-ssh-import-lp-id.html</a></li>
</ul>
<div>
With the explosion of virtual machines and cloud instances in 2009 / 2010, I found myself constantly copying public SSH keys around. Moreover, given Canonical's globally distributed nature, I also regularly found myself asking someone for <i>their</i> public SSH keys, so that I could give them access to an instance, perhaps for some pair programming or assistance debugging. As it turns out, everyone I worked with, had a Launchpad.net account, and had their public SSH keys available there. So I created (at first) a simple shell script to securely fetch and install those keys. Scott Moser helped clean up that earliest implementation. Eventually, I met Casey Marshall, who helped rewrite it entirely in Python. Moreover, we contacted the maintainers of Github, and asked them to expose user public SSH keys by the API -- which they did! Now, ssh-import-id is integrated directly into Ubuntu's new subiquity installer and used by many other tools, such as <a href="http://cloud-init.org/">cloud-init</a> and <a href="http://maas.io/">MAAS</a>.</div>
</div>
</h4>
<h4>
6. Orchestra / <a href="http://maas.io/">MAAS</a> (August 2011)</h4>
<h4 style="font-weight: 400;">
<ul>
<li><a href="http://blog.dustinkirkland.com/2011/08/formal-introduction-to-ubuntu-orchestra.html">http://blog.dustinkirkland.com/2011/08/formal-introduction-to-ubuntu-orchestra.html</a></li>
</ul>
</h4>
<div>
In 2009, Canonical purchased 5 Dell laptops, which was the Ubuntu Server team's first "cloud". These laptops were our very first lab for deploying and testing Eucalyptus clouds. I was responsible for those machines at my house for a while, and I automated their installation with PXE, TFTP, DHCP, DNS, and a ton of nasty debian-installer preseed data. That said -- it worked! As it turned out, Scott Moser and Mathias Gug had both created similar setups at their houses for the same reason. I was mentoring a new hire at Canonical, named Andres Rodriquez at the time, and he took over our part-time hacks and we worked together to create the Orchestra project. Orchestra, itself was short lived. It was severely limited by Cobbler as a foundation technology. So the Orchestra project was killed by Canonical. But, six months later, a new project was created, based on the same general concept -- physical machine provisioning at scale -- with an entire squad of engineers led by...Andres Rodriguez :-) MAAS today is easily one of the most important projects the Ubuntu ecosystem and one of the most successful products in Canonical's portfolio.</div>
<h4>
7. pollinate / pollen / entropy.ubuntu.com (February 2014)</h4>
<div>
<ul>
<li><a href="http://blog.dustinkirkland.com/2014/02/random-seeds-in-ubuntu-1404-lts-cloud.html">http://blog.dustinkirkland.com/2014/02/random-seeds-in-ubuntu-1404-lts-cloud.html</a></li>
</ul>
<div>
In 2013, I set out to secure Ubuntu at large from a set of attacks ranging from insufficient entropy at first boot. This was especially problematic in virtual machine instances, in public clouds, where every instance is, by design, exactly identical to many others. Moreover, the first thing that instance does, is usually ... generate SSH keys. This isn't hypothetical -- it's quite real. Raspberry Pi's running Debian <a href="https://www.raspberrypi.org/forums/viewtopic.php?t=126892">were deemed susceptible to this exact problem in November 2015</a>. So designed and implemented a client (shell script that runs at boot, and fetches some entropy from one to many sources), as well as a high-performance server (golang). The client is the 'pollinate' script, which runs on the first boot of every Ubuntu server, and the server is the cluster of physical machines processing hundreds of requests per minute at <a href="http://entropy.ubuntu.com/">entropy.ubuntu.com</a>. Many people helped review the design and implementation, including Kees Cook, Jamie Strandboge, Seth Arnold, Tyler Hicks, James Troup, Scott Moser, Steve Langasek, Gustavo Niemeyer, and others.</div>
</div>
<h4>
8. The Orange Box (May 2014)</h4>
<div>
<ul>
<li><a href="http://blog.dustinkirkland.com/2014/05/the-orange-box-cloud-for-free-man.html">http://blog.dustinkirkland.com/2014/05/the-orange-box-cloud-for-free-man.html</a></li>
</ul>
<div>
In December of 2011, in my regular 1:1 with my manager, Mark Shuttleworth, I told him about these new "Intel NUCs", which I had bought and placed them around my house. I had 3, each of which was running Ubuntu, and attached to a TV around the house, as a media player (music, videos, pictures, etc). In their spare time, though, they were OpenStack Nova nodes, capable of running a couple of virtual machines. Mark immediately asked, "How many of those could you fit into a suitcase?" Within 24 hours, Mark had reached out to the good folks at TranquilPC and introduced me to my new mission -- designing the Orange Box. I worked with the Tranquil folks through Christmas, and we took our first delivery of 5 of these boxes in January of 2014. Each chassis held 10 little Intel NUC servers, and a switch, as well as a few peripherals. Effectively, it's a small data center that travels. We spend the next 4 months working on the hardware under wraps and then unveiled them at the OpenStack Summit in Atlanta in May 2014. We've gone through a couple of iterations on the hardware and software over the last 4 years, and these machines continue to deliver tremendous value, from live demos on the booth, to customer workshops on premises, or simply accelerating our own developer productivity by "shipping them a lab in a suitcase". I worked extensively with Dan Poler on this project, over the course of a couple of years.</div>
</div>
<h4>
9. Hollywood (December 2014)</h4>
<div>
<ul>
<li><a href="http://blog.dustinkirkland.com/2014/12/hollywood-technodrama.html">http://blog.dustinkirkland.com/2014/12/hollywood-technodrama.html</a></li>
</ul>
<div>
Perhaps the highlight of my professional career came in October of 2016. Watching <i>Saturday Night Live</i> with my wife Kim, we were laughing at a skit that poked fun at another of my favorite shows, <i>Mr. Robot</i>. <a href="http://blog.dustinkirkland.com/2016/10/a-parody-within-parody.html">On the computer screen behind the main character, I clearly spotted <i>Hollywood</i></a>! Hollywood is just a silly, fun little project I created on a plane one day, mostly to amuse Kim. But now, it's been used in <i><a href="http://blog.dustinkirkland.com/2016/10/a-parody-within-parody.html">Saturday Night Live</a></i>, <i><a href="http://blog.dustinkirkland.com/2016/05/byobu-hollywood-melodrama-and-ubuntu.html">NBC Dateline News</a></i>, and an <a href="https://twitter.com/mhall119/status/930634604079468545">Experian TV commercials</a>! Even <a href="https://twitter.com/jessfraz/status/611333567465918464">Jess Frazelle created a Docker container</a>. </div>
</div>
<h4>
10. petname / golang-petname / python-petname (January 2015)</h4>
<div>
<ul>
<li><a href="http://blog.dustinkirkland.com/2015/01/introducing-petname-libraries-for.html">http://blog.dustinkirkland.com/2015/01/introducing-petname-libraries-for.html</a></li>
</ul>
</div>
From "warty warthog" to "bionic beaver", we've always had a focus on fun, and user experience here in Ubuntu. How hard is it to talk to your colleague about your Amazon EC2 instance, "i-83ab39f93e"? Or your container "adfxkenw"? We set out to make something a little more user-friendly with our "petnames". Petnames are randomly generated "adjective-animal" names, which are easy to pronounce, spell, and remember. I curated and created libraries that are easily usable in Shell, Golang, and Python. With the help of colleagues like Stephane Graber and Andres Rodriguez, we now use these in many places in the Ubuntu ecosystem, such as LXD and MAAS.<br />
<br />
If you've read this post, thank you for indulging me in a nostalgic little trip down memory lane! I've had an amazing time designing, implementing, creating, and innovating with some of the most amazing people in the entire technology industry. And here's to a productive, fun future!<br />
<br />
Cheers,<br />
<div>
:-Dustin</div>
Dustin Kirklandhttp://www.blogger.com/profile/12464590128908584782noreply@blogger.com0tag:blogger.com,1999:blog-3822757291061444396.post-9787064706702450192018-02-02T10:45:00.001-06:002018-02-05T13:44:18.570-06:00RFC: Ubuntu 18.04 LTS Minimal Images<div>
<ul>
<li><div>
<i>To date, we've shaved the Bionic (18.04 LTS) minimal images down by over 53%, since Ubuntu 14.04 LTS, and trimmed nearly 100 packages and thousands of files.</i></div>
</li>
<li><i>Feedback welcome here: <a href="https://ubu.one/imgSurvey">https://ubu.one/imgSurvey</a></i></li>
</ul>
</div>
<div>
In last year's AskHN HackerNews post, "<a href="https://news.ycombinator.com/item?id=14002821">Ask HN: What do you want to see in Ubuntu 17.10?</a>", and <a href="http://blog.dustinkirkland.com/2017/04/thank-you-note-to-hackernews.html">the subsequent treatment of the data</a>, we noticed a recurring request for "lighter, smaller, more minimal" Ubuntu images.</div>
<div>
<br /></div>
<div>
This is particularly useful for container images (Docker, LXD, Kubernetes, etc.), embedded device environments, and anywhere a developer wants to bootstrap an Ubuntu system from the smallest possible starting point. Smaller images generally:</div>
<div>
<ul>
<li>are subject to fewer security vulnerabilities and subsequent updates</li>
<li>reduce overall network bandwidth consumption</li>
<li>and require less on disk storage</li>
</ul>
<div>
First, a definition...</div>
<blockquote class="tr_bq">
<i>"The Ubuntu Minimal Image is the smallest base upon which a user can apt install any package in the Ubuntu archive."</i></blockquote>
<div>
By design, Ubuntu Minimal Images specifically lack the creature comforts, user interfaces and user design experience that have come to define the Ubuntu Desktop and Ubuntu Cloud images.</div>
<div>
<br /></div>
<div>
<i><b>To date, we've shaved the Bionic (18.04 LTS) minimal images down by over 53%, since Ubuntu 14.04 LTS, and trimmed nearly 100 packages and thousands of files.</b></i></div>
</div>
<div>
<br /></div>
<div>
<style type="text/css"><!--td {border: 1px solid #ccc;}br {mso-data-placement:same-cell;}</style></div>
--><br />
<table border="1" cellpadding="0" cellspacing="0" dir="ltr" style="border-collapse: collapse; border: none; font-family: arial,sans,sans-serif; font-size: 10pt; table-layout: fixed; width: 0px;" xmlns="http://www.w3.org/1999/xhtml"><colgroup><col width="93"></col><col width="90"></col><col width="105"></col><col width="73"></col><col width="86"></col><col width="73"></col><col width="75"></col></colgroup><tbody>
<tr style="height: 21px;"><td data-sheets-numberformat="[null,2,"#,##0"]" data-sheets-value="{"1":2,"2":"Release"}" style="font-weight: bold; overflow: hidden; padding: 2px 3px; text-align: center; vertical-align: bottom; word-wrap: break-word;"><span style="font-family: "courier new" , "courier" , monospace; font-size: xx-small;">Release</span></td><td data-sheets-numberformat="[null,2,"#,##0"]" data-sheets-value="{"1":2,"2":"Bytes (compressed)"}" style="font-weight: bold; overflow: hidden; padding: 2px 3px; text-align: center; vertical-align: bottom; word-wrap: break-word;"><span style="font-family: "courier new" , "courier" , monospace; font-size: xx-small;">Bytes (compressed)</span></td><td data-sheets-numberformat="[null,2,"#,##0"]" data-sheets-value="{"1":2,"2":"Bytes (uncompressed)"}" style="font-weight: bold; overflow: hidden; padding: 2px 3px; text-align: center; vertical-align: bottom; word-wrap: break-word;"><span style="font-family: "courier new" , "courier" , monospace; font-size: xx-small;">Bytes (uncompressed)</span></td><td data-sheets-numberformat="[null,2,"#,##0"]" data-sheets-value="{"1":2,"2":"Files"}" style="font-weight: bold; overflow: hidden; padding: 2px 3px; text-align: center; vertical-align: bottom; word-wrap: break-word;"><span style="font-family: "courier new" , "courier" , monospace; font-size: xx-small;">Files</span></td><td data-sheets-numberformat="[null,2,"#,##0"]" data-sheets-value="{"1":2,"2":"Directories"}" style="font-weight: bold; overflow: hidden; padding: 2px 3px; text-align: center; vertical-align: bottom; word-wrap: break-word;"><span style="font-family: "courier new" , "courier" , monospace; font-size: xx-small;">Directories</span></td><td data-sheets-numberformat="[null,2,"#,##0"]" data-sheets-value="{"1":2,"2":"Links"}" style="font-weight: bold; overflow: hidden; padding: 2px 3px; text-align: center; vertical-align: bottom; word-wrap: break-word;"><span style="font-family: "courier new" , "courier" , monospace; font-size: xx-small;">Links</span></td><td data-sheets-numberformat="[null,2,"#,##0"]" data-sheets-value="{"1":2,"2":"Packages"}" style="font-weight: bold; overflow: hidden; padding: 2px 3px; text-align: center; vertical-align: bottom; word-wrap: break-word;"><span style="font-family: "courier new" , "courier" , monospace; font-size: xx-small;">Packages</span></td></tr>
<tr style="height: 21px;"><td style="overflow: hidden; padding: 2px 3px 2px 3px; vertical-align: bottom;"></td><td data-sheets-value="{"1":2,"2":"ls -alF"}" style="overflow: hidden; padding: 2px 3px; vertical-align: bottom; word-wrap: break-word;"><span style="font-family: "courier new" , "courier" , monospace; font-size: xx-small;">ls -alF</span></td><td data-sheets-value="{"1":2,"2":"du -sb ."}" style="overflow: hidden; padding: 2px 3px; vertical-align: bottom; word-wrap: break-word;"><span style="font-family: "courier new" , "courier" , monospace; font-size: xx-small;">du -sb .</span></td><td data-sheets-value="{"1":2,"2":"find . -type f | wc -l"}" style="overflow: hidden; padding: 2px 3px; vertical-align: bottom; word-wrap: break-word;"><span style="font-family: "courier new" , "courier" , monospace; font-size: xx-small;">find . -type f | wc -l</span></td><td data-sheets-value="{"1":2,"2":"find . -type d | wc -l"}" style="overflow: hidden; padding: 2px 3px; vertical-align: bottom; word-wrap: break-word;"><span style="font-family: "courier new" , "courier" , monospace; font-size: xx-small;">find . -type d | wc -l</span></td><td data-sheets-value="{"1":2,"2":"find . -type l | wc -l"}" style="overflow: hidden; padding: 2px 3px; vertical-align: bottom; word-wrap: break-word;"><span style="font-family: "courier new" , "courier" , monospace; font-size: xx-small;">find . -type l | wc -l</span></td><td data-sheets-value="{"1":2,"2":"sudo chroot . dpkg -l | wc -l"}" style="overflow: hidden; padding: 2px 3px; vertical-align: bottom; word-wrap: break-word;"><span style="font-family: "courier new" , "courier" , monospace; font-size: xx-small;">sudo chroot . dpkg -l | grep -c ^i</span></td></tr>
<tr style="height: 21px;"><td data-sheets-numberformat="[null,2,"#,##0"]" data-sheets-value="{"1":2,"2":"14.04 LTS base"}" style="overflow: hidden; padding: 2px 3px; vertical-align: bottom;"><span style="font-family: "courier new" , "courier" , monospace; font-size: xx-small;">14.04 LTS base</span></td><td data-sheets-numberformat="[null,2,"#,##0"]" data-sheets-value="{"1":3,"3":65828262}" style="overflow: hidden; padding: 2px 3px; text-align: right; vertical-align: bottom;"><span style="font-family: "courier new" , "courier" , monospace; font-size: xx-small;">65,828,262</span></td><td data-sheets-numberformat="[null,2,"#,##0"]" data-sheets-value="{"1":3,"3":188406508}" style="overflow: hidden; padding: 2px 3px; text-align: right; vertical-align: bottom;"><span style="font-family: "courier new" , "courier" , monospace; font-size: xx-small;">188,406,508</span></td><td data-sheets-numberformat="[null,2,"#,##0"]" data-sheets-value="{"1":3,"3":9953}" style="overflow: hidden; padding: 2px 3px; text-align: right; vertical-align: bottom;"><span style="font-family: "courier new" , "courier" , monospace; font-size: xx-small;">9,953</span></td><td data-sheets-numberformat="[null,2,"#,##0"]" data-sheets-value="{"1":3,"3":1306}" style="overflow: hidden; padding: 2px 3px; text-align: right; vertical-align: bottom;"><span style="font-family: "courier new" , "courier" , monospace; font-size: xx-small;">1,306</span></td><td data-sheets-numberformat="[null,2,"#,##0"]" data-sheets-value="{"1":3,"3":1496}" style="overflow: hidden; padding: 2px 3px; text-align: right; vertical-align: bottom;"><span style="font-family: "courier new" , "courier" , monospace; font-size: xx-small;">1,496</span></td><td data-sheets-numberformat="[null,2,"#,##0"]" data-sheets-value="{"1":3,"3":189}" style="overflow: hidden; padding: 2px 3px; text-align: right; vertical-align: bottom;"><span style="font-family: "courier new" , "courier" , monospace; font-size: xx-small;">189</span></td></tr>
<tr style="height: 21px;"><td data-sheets-numberformat="[null,2,"#,##0"]" data-sheets-value="{"1":2,"2":"16.04 LTS base"}" style="overflow: hidden; padding: 2px 3px; vertical-align: bottom;"><span style="font-family: "courier new" , "courier" , monospace; font-size: xx-small;">16.04 LTS base</span></td><td data-sheets-numberformat="[null,2,"#,##0"]" data-sheets-value="{"1":3,"3":48296930}" style="overflow: hidden; padding: 2px 3px; text-align: right; vertical-align: bottom;"><span style="font-family: "courier new" , "courier" , monospace; font-size: xx-small;">48,296,930</span></td><td data-sheets-numberformat="[null,2,"#,##0"]" data-sheets-value="{"1":3,"3":120370143}" style="overflow: hidden; padding: 2px 3px; text-align: right; vertical-align: bottom;"><span style="font-family: "courier new" , "courier" , monospace; font-size: xx-small;">120,370,143</span></td><td data-sheets-numberformat="[null,2,"#,##0"]" data-sheets-value="{"1":3,"3":5655}" style="overflow: hidden; padding: 2px 3px; text-align: right; vertical-align: bottom;"><span style="font-family: "courier new" , "courier" , monospace; font-size: xx-small;">5,655</span></td><td data-sheets-numberformat="[null,2,"#,##0"]" data-sheets-value="{"1":3,"3":751}" style="overflow: hidden; padding: 2px 3px; text-align: right; vertical-align: bottom;"><span style="font-family: "courier new" , "courier" , monospace; font-size: xx-small;">751</span></td><td data-sheets-numberformat="[null,2,"#,##0"]" data-sheets-value="{"1":3,"3":1531}" style="overflow: hidden; padding: 2px 3px; text-align: right; vertical-align: bottom;"><span style="font-family: "courier new" , "courier" , monospace; font-size: xx-small;">1,531</span></td><td data-sheets-numberformat="[null,2,"#,##0"]" data-sheets-value="{"1":3,"3":103}" style="overflow: hidden; padding: 2px 3px; text-align: right; vertical-align: bottom;"><span style="font-family: "courier new" , "courier" , monospace; font-size: xx-small;">103</span></td></tr>
<tr style="height: 21px;"><td data-sheets-numberformat="[null,2,"#,##0"]" data-sheets-value="{"1":2,"2":"18.04 LTS base"}" style="overflow: hidden; padding: 2px 3px; vertical-align: bottom;"><span style="font-family: "courier new" , "courier" , monospace; font-size: xx-small;">18.04 LTS base</span></td><td data-sheets-numberformat="[null,2,"#,##0"]" data-sheets-value="{"1":3,"3":31089259}" style="overflow: hidden; padding: 2px 3px; text-align: right; vertical-align: bottom;"><span style="font-family: "courier new" , "courier" , monospace; font-size: xx-small;">31,089,259</span></td><td data-sheets-numberformat="[null,2,"#,##0"]" data-sheets-value="{"1":3,"3":81270020}" style="overflow: hidden; padding: 2px 3px; text-align: right; vertical-align: bottom;"><span style="font-family: "courier new" , "courier" , monospace; font-size: xx-small;">81,270,020</span></td><td data-sheets-numberformat="[null,2,"#,##0"]" data-sheets-value="{"1":3,"3":2589}" style="overflow: hidden; padding: 2px 3px; text-align: right; vertical-align: bottom;"><span style="font-family: "courier new" , "courier" , monospace; font-size: xx-small;">2,589</span></td><td data-sheets-numberformat="[null,2,"#,##0"]" data-sheets-value="{"1":3,"3":596}" style="overflow: hidden; padding: 2px 3px; text-align: right; vertical-align: bottom;"><span style="font-family: "courier new" , "courier" , monospace; font-size: xx-small;">596</span></td><td data-sheets-numberformat="[null,2,"#,##0"]" data-sheets-value="{"1":3,"3":190}" style="overflow: hidden; padding: 2px 3px; text-align: right; vertical-align: bottom;"><span style="font-family: "courier new" , "courier" , monospace; font-size: xx-small;">190</span></td><td data-sheets-numberformat="[null,2,"#,##0"]" data-sheets-value="{"1":3,"3":100}" style="overflow: hidden; padding: 2px 3px; text-align: right; vertical-align: bottom;"><span style="font-family: "courier new" , "courier" , monospace; font-size: xx-small;">95</span></td></tr>
</tbody></table>
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgADo07H3l59PTWTKKccFcs7UAh6B8RP_BX2pdXR9__FIALROGF7knHZpDo_jYown3mNjpeckM4D4jjZvB9ktX63HUg7QHmhjMfsd6a0QaJugw0Seq7hQZ64vDtX272lpZY4yq2VDlFq_Q/s1600/Screenshot+from+2018-02-02+10-28-39.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" data-original-height="312" data-original-width="511" height="243" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgADo07H3l59PTWTKKccFcs7UAh6B8RP_BX2pdXR9__FIALROGF7knHZpDo_jYown3mNjpeckM4D4jjZvB9ktX63HUg7QHmhjMfsd6a0QaJugw0Seq7hQZ64vDtX272lpZY4yq2VDlFq_Q/s400/Screenshot+from+2018-02-02+10-28-39.png" width="400" /></a></div>
<div>
<br /></div>
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhqX6IITPE4vqZVaBk9WP2X-AMSmZxVz9_GwCQLOVzKHOgMqmlzasFBLDFC86JjRYrH9pqfh_BzWtR-CM4tqbUxseFtgXOBTmkNINYRGF9aGB9Aq1TjQFA_B7HfQWQuzZp_QD60lOlbnPM/s1600/Screenshot+from+2018-02-02+10-29-31.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" data-original-height="321" data-original-width="514" height="248" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhqX6IITPE4vqZVaBk9WP2X-AMSmZxVz9_GwCQLOVzKHOgMqmlzasFBLDFC86JjRYrH9pqfh_BzWtR-CM4tqbUxseFtgXOBTmkNINYRGF9aGB9Aq1TjQFA_B7HfQWQuzZp_QD60lOlbnPM/s400/Screenshot+from+2018-02-02+10-29-31.png" width="400" /></a></div>
<div>
<br /></div>
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEh1L_ODQGtR9KwQEL6wlQAj-w-s_6IMEJqwx3UaGlU4AMSi1xNY4c9gTL_2IZqD2ZKrCFuLRFQIMfD18HvkQ2LZqvfe3wH-VkoX2ZmL6z0_L3IMbr8ORtTPWyjNmaopdc58hYQhvsXwYKI/s1600/Screenshot+from+2018-02-02+10-30-17.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" data-original-height="318" data-original-width="509" height="199" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEh1L_ODQGtR9KwQEL6wlQAj-w-s_6IMEJqwx3UaGlU4AMSi1xNY4c9gTL_2IZqD2ZKrCFuLRFQIMfD18HvkQ2LZqvfe3wH-VkoX2ZmL6z0_L3IMbr8ORtTPWyjNmaopdc58hYQhvsXwYKI/s320/Screenshot+from+2018-02-02+10-30-17.png" width="320" /></a></div>
<div>
<br /></div>
<div>
As of today, the Bionic (18.04 LTS) minimal image weighs in at 30MB (compressed), and 81MB (uncompressed on disk), and is comprised of 100 Debian packages.</div>
<div>
<br /></div>
<div>
We've removed things like locales and languages, which are easy to add back, but are less necessary in scale-out, container working environments. We've also removed other human-focused resources, like <a href="http://help.ubuntu.com/">documentation</a>, <a href="http://manpages.ubuntu.com/">manpages</a>, and <a href="http://changelogs.ubuntu.com/">changelogs</a>, which are more easily read online (and also easy to re-enable). This base filesystem tarball also lacks a kernel and an init system, as it's intended to be used inside of a chroot or application container. Note that Canonical's Ubuntu Kernel team has also made tremendous strides tuning and minimizing Linux into various optimized kernel flavors.</div>
<div>
<br /></div>
<div>
We've just released Bionic's Alpha 2, in our <a href="https://wiki.ubuntu.com/BionicBeaver/ReleaseSchedule">development cycle toward an April 26, 2018 release date</a> of Ubuntu 18.04 LTS -- our 7th Ubuntu LTS.</div>
<div>
<br /></div>
<div>
At this point, we're <a href="https://ubu.one/imgSurvey">soliciting your feedback in this public "RFC"</a> on our progress toward the smallest Ubuntu base image ever!</div>
<div>
<br /></div>
<div>
Here are a few resources:</div>
<div>
<ul>
<li>Download the image:</li>
<ul>
<li><a href="http://cdimage.ubuntu.com/ubuntu-base/daily/current/">http://cdimage.ubuntu.com/ubuntu-base/daily/current/</a></li>
</ul>
<li>Review the package manifest:</li>
<ul>
<li><a href="http://cdimage.ubuntu.com/ubuntu-base/daily/current/bionic-base-amd64.manifest">http://cdimage.ubuntu.com/ubuntu-base/daily/current/bionic-base-amd64.manifest</a></li>
</ul>
<li>Review the file and directory structure:</li>
<ul>
<li><a href="https://pastebin.ubuntu.com/26506363/">https://pastebin.ubuntu.com/26506363/</a></li>
</ul>
<li>Launch a minimal Docker image:</li>
<ul>
<li><span style="font-family: "courier new" , "courier" , monospace;">$ docker run -it ubuntu:bionic</span></li>
</ul>
</ul>
<div>
I can still see another 1.2MB of savings to harvest in <span style="font-family: "courier new" , "courier" , monospace;">/usr/share/doc, /usr/share/info, and /usr/share/man</span>, and the Foundations team is already looking into filtering out that documentation, too.</div>
</div>
<div>
<br /></div>
<div>
Do you see any other opportunities for savings? Can you help us crop the Bionic (18.04 LTS) images any further? Is there something that we've culled, that you see as problematic? We're interested in your feedback at the form here:</div>
<div>
<ul>
<li><a href="https://ubu.one/imgSurvey">https://ubu.one/imgSurvey</a></li>
</ul>
</div>
<div>
Cheers,</div>
<div>
Dustin</div>
Dustin Kirklandhttp://www.blogger.com/profile/12464590128908584782noreply@blogger.com0Austin, TX, USA30.267153 -97.74306079999996729.828484 -98.388507799999971 30.705822 -97.097613799999962tag:blogger.com,1999:blog-3822757291061444396.post-59472867246662987932018-01-04T12:43:00.002-06:002018-01-05T09:20:30.921-06:00Ubuntu Updates for the Meltdown / Spectre Vulnerabilities<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhPJU_GFen_R-z_s29E-fD44U8u1K12Psj3Pxchyphenhyphen3ujTVvzS6hAvluajwUVvr1Yn4GifHii9lqjV8WHBZ7yfCSbp62F9RxbKjNRFWjwfxygq_6uMCbn6ZYH11rc5O57Z0PCLA9GtXk5xTE/s1600/Screenshot+from+2018-01-04+12-39-25.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" data-original-height="386" data-original-width="521" height="237" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhPJU_GFen_R-z_s29E-fD44U8u1K12Psj3Pxchyphenhyphen3ujTVvzS6hAvluajwUVvr1Yn4GifHii9lqjV8WHBZ7yfCSbp62F9RxbKjNRFWjwfxygq_6uMCbn6ZYH11rc5O57Z0PCLA9GtXk5xTE/s320/Screenshot+from+2018-01-04+12-39-25.png" width="320" /></a></div>
<i></i><br />
<div style="text-align: center;">
<i><i>For up-to-date patch, package, and USN links, please refer to: <a href="https://wiki.ubuntu.com/SecurityTeam/KnowledgeBase/SpectreAndMeltdown">https://wiki.ubuntu.com/SecurityTeam/KnowledgeBase/SpectreAndMeltdown</a><br /><br />This is cross-posted on Canonical's official Ubuntu Insights blog:<br /><a href="https://insights.ubuntu.com/2018/01/04/ubuntu-updates-for-the-meltdown-spectre-vulnerabilities/">https://insights.ubuntu.com/2018/01/04/ubuntu-updates-for-the-meltdown-spectre-vulnerabilities/</a></i></i></div>
<i>
</i>
<br />
<div style="text-align: center;">
<br /></div>
<div>
Unfortunately, you’ve probably already read about one of the most widespread security issues in modern computing history -- colloquially known as “<a href="https://en.wikipedia.org/wiki/Meltdown_(security_vulnerability)">Meltdown</a>” (<a href="https://people.canonical.com/~ubuntu-security/cve/2017/CVE-2017-5754.html">CVE-2017-5754</a>) and “<a href="https://en.wikipedia.org/wiki/Spectre_(security_vulnerability)">Spectre</a>” (<a href="https://people.canonical.com/~ubuntu-security/cve/2017/CVE-2017-5753.html">CVE-2017-5753</a> and <a href="https://people.canonical.com/~ubuntu-security/cve/2017/CVE-2017-5715.html">CVE-2017-5715</a>) -- affecting practically every computer built in the last 10 years, running any operating system. That includes <a href="https://wiki.ubuntu.com/SecurityTeam/KnowledgeBase/SpectreAndMeltdown">Ubuntu</a>.<br />
<br />
I say “unfortunately”, in part because there was a coordinated release date of January 9, 2018, agreed upon by essentially every operating system, hardware, and cloud vendor in the world. By design, operating system updates would be available at the same time as the public disclosure of the security vulnerability. While it happens rarely, this an industry standard best practice, which has broken down in this case.<br />
<br />
At its heart, this vulnerability is a CPU hardware architecture design issue. But there are billions of affected hardware devices, and replacing CPUs is simply unreasonable. As a result, operating system kernels -- Windows, MacOS, Linux, and many others -- are being patched to mitigate the critical security vulnerability.<br />
<br />
Canonical engineers have been working on this since we were made aware under the embargoed disclosure (November 2017) and have worked through the Christmas and New Years holidays, testing and integrating an incredibly complex patch set into a broad set of Ubuntu kernels and CPU architectures.<br />
<br />
Ubuntu users of the 64-bit x86 architecture (aka, amd64) can expect updated kernels by the original January 9, 2018 coordinated release date, and sooner if possible. Updates will be available for:<br />
<br />
<ul>
<li>Ubuntu 17.10 (Artful) -- Linux 4.13 HWE</li>
<li>Ubuntu 16.04 LTS (Xenial) -- Linux 4.4 (and 4.4 HWE)</li>
<li>Ubuntu 14.04 LTS (Trusty) -- Linux 3.13</li>
<li>Ubuntu 12.04 ESM** (Precise) -- Linux 3.2</li>
<ul>
<li>Note that an <a href="https://www.ubuntu.com/support/esm">Ubuntu Advantage license</a> is required for the 12.04 ESM kernel update, as Ubuntu 12.04 LTS is past its end-of-life</li>
</ul>
</ul>
<div>
Ubuntu 18.04 LTS (Bionic) will release in April of 2018, and will ship a 4.15 kernel, which includes the <a href="https://lwn.net/Articles/742404/">KPTI</a> patchset as integrated upstream.<br />
<br />
Ubuntu optimized kernels for the Amazon, Google, and Microsoft public clouds are also covered by these updates, as well as the rest of Canonical's <a href="https://partners.ubuntu.com/programmes/public-cloud">Certified Public Clouds</a> including Oracle, OVH, Rackspace, IBM Cloud, Joyent, and Dimension Data.<br />
<br />
These kernel fixes will not be <a href="https://www.ubuntu.com/server/livepatch">Livepatch-able</a>. The source code changes required to address this problem is comprised of hundreds of independent patches, touching hundreds of files and thousands of lines of code. The sheer complexity of this patchset is not compatible with the Linux kernel Livepatch mechanism. An update and a reboot will be required to active this update.<br />
<br />
Furthermore, you can expect Ubuntu security updates for a number of other related packages, including CPU microcode, GCC and QEMU in the coming days.<br />
<br />
We don't have a performance analysis to share at this time, but please do stay tuned here as we'll followup with that as soon as possible.<br />
<br />
Thanks,<br />
<a href="https://twitter.com/dustinkirkland">@DustinKirkland</a><br />
VP of Product<br />
Canonical / Ubuntu</div>
</div>
Dustin Kirklandhttp://www.blogger.com/profile/12464590128908584782noreply@blogger.com0tag:blogger.com,1999:blog-3822757291061444396.post-64695614011827988862017-09-18T17:30:00.002-05:002017-09-18T17:34:25.442-05:00Results of the Ubuntu Desktop Applications Survey<div class="separator" style="clear: both; text-align: center;">
<a href="https://youtu.be/AvJfvLxXNrE"><img border="0" data-original-height="310" data-original-width="558" height="221" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEi3aghRCGNc9xvx51OpV4VnQ9kiBtAsSsentapOe32WfmBms-U82Xh1mHJo1bZuEg7C7PLaxazIJcfoRyONOx-a1QpsfT_J5q8BosVcGN6sPElkog7syVAkqajxB1amiX0Wg3HETe0xykI/s400/Screenshot+from+2017-09-18+17-27-11.png" width="400" /></a></div>
<div class="separator" style="clear: both; text-align: center;">
<br /></div>
I had the distinct honor to deliver the closing keynote of the <a href="http://ubucon.org/en/events/ubucon-europe/">UbuCon Europe</a> conference in Paris a few weeks ago. First off -- what a beautiful <a href="https://ubucon.paris/">conference</a> and <a href="http://www.cite-sciences.fr/en/home/">venue</a>! Kudos to the organizers who really put together a truly remarkable event. And many thanks to the gentleman (<i>Elias</i>?) who brought me a bottle of his family's favorite champagne, as a gift on Day 2 :-) I should give more talks in France!<br />
<br />
In my keynote, I presented the results of the <i><a href="http://blog.dustinkirkland.com/2017/07/ubuntu-1804-lts-desktop-default.html">Ubuntu 18.04 LTS Default Desktops Applications Survey</a></i>, which was discussed at length on <a href="https://news.ycombinator.com/item?id=14819508">HackerNews</a>, <a href="https://www.reddit.com/r/Ubuntu/comments/6on93z/ubuntu_1804_lts_desktop_default_application_survey/">Reddit</a>, and <a href="https://news.slashdot.org/story/17/07/21/1258245/ask-slashdot-ubuntu-1804-lts-desktop-default-application-survey">Slashdot</a>. With the help of the Ubuntu Desktop team (led by Will Cooke), we processed over 15,000 survey responses and in this presentation, I discussed some of the insights of the data.<br />
<br />
The team is now hard at work evaluating many of the suggested applications, for those of you that aren't into the <a href="https://twitter.com/popey/status/906889259700903942">all-Emacs spin of Ubuntu</a> ;-)<br />
<br />
Moreover, we're also investigating a potential approach to make the Ubuntu Desktop experience perhaps a bit like those <i><a href="https://en.wikipedia.org/wiki/Choose_Your_Own_Adventure">Choose-Your-Own-Adventure</a></i> books we loved when we were kids, where users have the opportunity to select each of their prefer applications (or stick with the distro default) for a handful of categories, during installation.<br />
<br />
Marius Quabeck recorded the session and published the audio and video of the presentation <a href="https://youtu.be/AvJfvLxXNrE">here on YouTube</a>:<br />
<div>
<br /></div>
<div>
<center>
<iframe allowfullscreen="" frameborder="0" height="315" src="https://www.youtube.com/embed/AvJfvLxXNrE" width="560"></iframe></center>
<br />
You can download the slides <a href="https://www.slideshare.net/dustinkirkland/lets-talk-about-the-ubuntu-1804-lts-roadmap">here</a>, or peruse them below:<br />
<br />
<center>
<iframe allowfullscreen="" frameborder="0" height="485" marginheight="0" marginwidth="0" scrolling="no" src="//www.slideshare.net/slideshow/embed_code/key/u7qfdpNTQypQ6Z" style="border-width: 1px; border: 1px solid #ccc; margin-bottom: 5px; max-width: 100%;" width="595"> </iframe> <div style="margin-bottom: 5px;">
<strong> <a href="https://www.slideshare.net/dustinkirkland/lets-talk-about-the-ubuntu-1804-lts-roadmap" target="_blank" title="Let's talk about the Ubuntu 18.04 LTS Roadmap!">Let's talk about the Ubuntu 18.04 LTS Roadmap!</a> </strong> from <strong><a href="https://www.slideshare.net/dustinkirkland" target="_blank">Dustin Kirkland</a></strong> </div>
</center>
<br />
Cheers,<br />
Dustin</div>
Dustin Kirklandhttp://www.blogger.com/profile/12464590128908584782noreply@blogger.com0Paris, France48.856614 2.352221900000017748.6894645 2.0294984000000178 49.0237635 2.6749454000000177tag:blogger.com,1999:blog-3822757291061444396.post-30721542207669926292017-09-13T11:00:00.000-05:002017-09-13T11:00:11.515-05:00Running Ubuntu Containers with Hyper-V Isolation on Windows 10 and Windows Server<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhPBRY6AkGMvDb4QHLv_xPyfGia8-yNoW-iIPwwAh8Qjw6BIk8PBq0Esprg3ZOKNHVAe-zsTA9UW6ynCrBksUcfqzxx7P0t4eEQ88VXVgDl0M2b6FKbCOk1qP8pWNgn6iFAJnfK96vBP6c/s1600/Screenshot+from+2017-09-11+14-46-20.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" data-original-height="797" data-original-width="768" height="400" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhPBRY6AkGMvDb4QHLv_xPyfGia8-yNoW-iIPwwAh8Qjw6BIk8PBq0Esprg3ZOKNHVAe-zsTA9UW6ynCrBksUcfqzxx7P0t4eEQ88VXVgDl0M2b6FKbCOk1qP8pWNgn6iFAJnfK96vBP6c/s400/Screenshot+from+2017-09-11+14-46-20.png" width="385" /></a></div>
<br />
Canonical and Microsoft have teamed up to deliver an truly special experience -- running Ubuntu containers with Hyper-V Isolation on Windows 10 and Windows Servers!<br />
<br />
We have published a fantastic <a href="https://ubu.one/UhyperV">tutorial</a> at <span style="text-decoration-line: underline;"><a href="https://ubu.one/UhyperV">https://ubu.one/UhyperV</a>,</span> with screenshots and easy-to-follow instructions. You should be up and running in minutes!<br />
<br />
Follow that <a href="https://ubu.one/UhyperV">tutorial</a>, and you'll be able to launch Ubuntu containers with Hyper-V isolation by running the following directly from a Windows Powershell:<br />
<ul>
<li><pre>docker run -it ubuntu bash</pre>
</li>
</ul>
Cheers!<br />
<a href="http://twitter.com/dustinkirkland">Dustin</a>Dustin Kirklandhttp://www.blogger.com/profile/12464590128908584782noreply@blogger.com0Redmond, WA, USA47.6739881 -122.12151247.5884501 -122.2828735 47.7595261 -121.9601505tag:blogger.com,1999:blog-3822757291061444396.post-70627624072882633382017-08-21T21:22:00.000-05:002017-08-21T21:24:59.229-05:00Bare Metal Kubernetes: More Containers, Less Overhead<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEi36tTtDjdyDpkySQRDpfLE7xFJ_U5h4x781a_l9locYhzHv8kzHL7_6Vm-RyHa5tTZwtfLE_lSC6lrV7sYYIRELXaW3EGUCxz5mxMbZ75p7NYjDXQfpnJYMnkHGucMsvvDQjJqQDC6jOs/s1600/Screenshot+from+2017-08-22+03-23-57.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" data-original-height="741" data-original-width="1321" height="223" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEi36tTtDjdyDpkySQRDpfLE7xFJ_U5h4x781a_l9locYhzHv8kzHL7_6Vm-RyHa5tTZwtfLE_lSC6lrV7sYYIRELXaW3EGUCxz5mxMbZ75p7NYjDXQfpnJYMnkHGucMsvvDQjJqQDC6jOs/s400/Screenshot+from+2017-08-22+03-23-57.png" width="400" /></a></div>
Earlier this month, <a href="https://www.devopsdays.org/events/2017-portland/program/dustin-kirkland/">I spoke at ContainerDays</a>, part of the excellent DevOpsDays series of conferences -- this one in lovely Portland, Oregon.<br />
<br />
I gave a live demo of <a href="https://www.ubuntu.com/containers/kubernetes">Kubernetes</a> running directly on bare metal. I was running it on an 11-node Ubuntu Orange Box -- but I used the exact same tools Canonical's world class consulting team uses to deploy Kubernetes onto racks of physical machines.<br />
<blockquote class="tr_bq">
<i>You see, the ability to run Kubernetes on bare metal, behind your firewall is essential to the yin-yang duality of Cloud Native computing. Sometimes, what you need is actually a Native Cloud.</i></blockquote>
Deploying Kubernetes into virtual machines in the cloud is rather easy, straightforward, with dozens of tools now that can handle that.<br />
<br />
But there's only <i style="font-weight: bold;">one</i> tool today, that can deploy the exact same Kubernetes to AWS, Azure, GCE, as well as VMware, OpenStack, and bare metal machines. That tools is <i style="font-weight: bold;"><a href="http://conjure-up.io/">conjure-up</a></i>, which acts as a command line front end to several essential Ubuntu tools: MAAS, LXD, and Juju.<br />
<br />
I don't know if the presentation was recorded, but I'm happy to share with you <a href="https://drive.google.com/file/d/0B82l96Y5_w3FUF94VlJLbWJ5Tk0/view?usp=sharing">my slides for download</a>, and embedded here below. There are a few screenshots within that help convey the demo.<br />
<br />
<center>
<iframe allowfullscreen="" frameborder="0" height="485" marginheight="0" marginwidth="0" scrolling="no" src="//www.slideshare.net/slideshow/embed_code/key/IzE22BCYBJOkRG" style="border-width: 1px; border: 1px solid #ccc; margin-bottom: 5px; max-width: 100%;" width="595"> </iframe> <div style="margin-bottom: 5px;">
<strong> <a href="https://www.slideshare.net/dustinkirkland/bare-metal-kubernetes-more-containers-less-overhead" target="_blank" title="Bare Metal Kubernetes - More Containers, Less Overhead">Bare Metal Kubernetes - More Containers, Less Overhead</a> </strong> from <strong><a href="https://www.slideshare.net/dustinkirkland" target="_blank">Dustin Kirkland</a></strong> </div>
</center>
<br />
<br />
<br />
Cheers,<br />
DustinDustin Kirklandhttp://www.blogger.com/profile/12464590128908584782noreply@blogger.com0Anchor Terrace, 3-13 Southwark Bridge Rd, London SE1 9HQ, UK51.506695735718367 -0.09483754634857177751.506386735718365 -0.095468046348571783 51.507004735718368 -0.094207046348571771tag:blogger.com,1999:blog-3822757291061444396.post-43147811016355837512017-06-22T10:20:00.000-05:002017-06-22T10:20:09.226-05:00My Meetup Slides: Deploy and Manage Kubernetes Clusters on Ubuntu in the Oracle CloudThank you to <a href="https://cloud.oracle.com/home">Oracle Cloud</a> for inviting me to speak at this month's <a href="https://www.meetup.com/CloudAustin/events/240236201/">CloudAustin Meetup hosted by Rackspace</a>.<br />
<br />
I very much enjoyed deploying <a href="https://www.ubuntu.com/containers/kubernetes">Canonical Kubernetes</a> on <a href="http://ubuntu.com/">Ubuntu</a> in the Oracle Cloud, and then exploring <a href="http://kubernetes.io/">Kubernetes</a> a bit, how it works, the architecture, and a simple workload within. I'm happy to share my slides below, and you can <a href="https://ubu.one/2txVTz1">download a PDF here</a>:<br />
<br />
<center>
<iframe allowfullscreen="" frameborder="0" height="485" marginheight="0" marginwidth="0" scrolling="no" src="//www.slideshare.net/slideshow/embed_code/key/fxNCVFryiV52PO" style="border-width: 1px; border: 1px solid #ccc; margin-bottom: 5px; max-width: 100%;" width="595"> </iframe> <div style="margin-bottom: 5px;">
<strong> <a href="https://www.slideshare.net/dustinkirkland/canonical-kubernetes-on-the-oracle-cloud-1" target="_blank" title="Canonical Kubernetes on the Oracle Cloud (1)">Canonical Kubernetes on the Oracle Cloud (1)</a> </strong> from <strong><a href="https://www.slideshare.net/dustinkirkland" target="_blank">Dustin Kirkland</a></strong> </div>
</center>
<br />
If you're interested in learning more, check out:<br />
<ul>
<li>The upstream documentation for installing Kubernetes on Ubuntu:</li>
<ul>
<li><a href="https://kubernetes.io/docs/getting-started-guides/ubuntu/">https://kubernetes.io/docs/getting-started-guides/ubuntu/</a></li>
</ul>
<li>You can also get $300 free credit on Oracle Cloud</li>
<ul>
<li><a href="https://cloud.oracle.com/en_US/tryit">https://cloud.oracle.com/en_US/tryit</a></li>
</ul>
<li>Also, you can watch our Kubernetes webinar series:</li>
<ul>
<li><a href="https://insights.ubuntu.com/2017/06/02/kubernetes-webinar-series/">https://insights.ubuntu.com/2017/06/02/kubernetes-webinar-series/</a></li>
</ul>
</ul>
It was a great audience, with plenty of good questions, pizza, and networking!<br />
<br />
I'm pleased to share my slide deck here.<br />
<br />
Cheers,<br />
DustinDustin Kirklandhttp://www.blogger.com/profile/12464590128908584782noreply@blogger.com0tag:blogger.com,1999:blog-3822757291061444396.post-68173544982807638822017-04-06T07:00:00.000-05:002017-07-21T05:56:24.168-05:00ThankHN: A Thank-You Note to the HackerNews Community, from Ubuntu<div class="separator" style="clear: both; text-align: center;">
</div>
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhWBcWz0ox1mNF_vtly2E6J2H-OkP9qqjhYG67M9ZiZYlNX2tOyCwRLFfrOPNaA7l-wPs9EMt2dERhfLYib1F_S9vGExoZkM-6BRuVq0F9t_8yHZ4Z1wNAj4ERS4id3wO32gzRYkIb7BHM/s1600/Screenshot+from+2017-04-05+18-14-23.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" height="310" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhWBcWz0ox1mNF_vtly2E6J2H-OkP9qqjhYG67M9ZiZYlNX2tOyCwRLFfrOPNaA7l-wPs9EMt2dERhfLYib1F_S9vGExoZkM-6BRuVq0F9t_8yHZ4Z1wNAj4ERS4id3wO32gzRYkIb7BHM/s400/Screenshot+from+2017-04-05+18-14-23.png" width="400" /></a></div>
<div class="separator" style="clear: both; text-align: center;">
<br /></div>
A huge THANK YOU to the entire HackerNews community, from the Ubuntu community! Holy smokes...wow...you are an amazing bunch! Your feedback in the thread, "<a href="https://news.ycombinator.com/item?id=14002821">Ask HN: What do you want to see in Ubuntu 17.10?</a>" is almost unbelievable!<br />
<br />
We're truly humbled by your response.<br />
<br />
I penned this thread, somewhat on a whim, from the Terminal 2 lounge at London Heathrow last Friday morning before flying home to Austin, Texas. I clicked "submit", closed my laptop, and boarded an 11-hour flight, wondering if I'd be apologizing to my boss and colleagues later in the day, for such a <i>cowboy</i> approach to Product Management...<br />
<br />
When finally I signed onto the in-flight WiFi some 2 hours later, I saw this post at the coveted top position of HackerNews page 1, with a whopping 181 comments (1.5 comments per minute) in the first two hours. Impressively, it was only 6am on the US west coast by that point, so SFO/PDX/SEA weren't even awake yet. I was blown away!<br />
<br />
This thread is now among the most discussed thread <a href="https://drive.google.com/file/d/0B82l96Y5_w3FaVFVd3Z0SFZZbm8/view?usp=sharing">ever in the history of HackerNews</a>, with some 1115 comments and counting at the time of this blog post.<br />
<br />
<pre> 2530 comments 3125 points 2016-06-24 UK votes to leave EU dmmalam
2215 comments 1817 points 2016-11-09 Donald Trump is the president-elect of the U.S. introvertmac
1448 comments 1330 points 2016-05-31 Moving Forward on Basic Income dwaxe
1322 comments 1280 points 2016-10-18 Shame on Y Combinator MattBearman
1215 comments 1905 points 2015-06-26 Same-Sex Marriage Is a Right, Supreme Court Rules imd23
1214 comments 1630 points 2016-12-05 Tell HN: Political Detox Week – No politics on HN for one week dang
1121 comments 1876 points 2016-01-27 Request For Research: Basic Income mattkrisiloff
*1115 comments 1333 points 2017-03-31 Ask HN: What do you want to see in Ubuntu 17.10? dustinkirkland
1090 comments 1493 points 2016-10-20 All Tesla Cars Being Produced Now Have Full Self-Driving Hardware impish19
1088 comments 2699 points 2017-03-07 CIA malware and hacking tools randomname2
1058 comments 1188 points 2014-03-16 Julie Ann Horvath Describes Sexism and Intimidation Behind Her GitHub Exit dkasper
1055 comments 2589 points 2017-02-28 Ask HN: Is S3 down? iamdeedubs
1046 comments 2123 points 2016-09-27 Making Humans a Multiplanetary Species [video] tilt
1030 comments 1558 points 2017-01-31 Welcome, ACLU katm
1013 comments 4107 points 2017-02-19 Reflecting on one very, very strange year at Uber grey-area
1008 comments 1990 points 2014-04-10 Drop Dropbox PhilipA
</pre>
<br />
Rest assured that I have read every single one, and many of my colleagues has followed closely along as well.<br />
<br />
In fact, to read and process this thread, I first attempted to print it out -- but cancelled the job before it fully buffered, when I realized that it's 105 pages long! Here's the <a href="https://drive.google.com/file/d/0B82l96Y5_w3FYlhQd0RUR0ZpVFE/view?usp=sharing">PDF</a> (1.6MB), if you're curious, or want to page through it on your e-reader.<br />
<br />
So instead, I wrote the following Python script, using the <a href="https://github.com/HackerNews/API">HackerNews REST API</a>, to download the thread from <a href="https://firebase.google.com/">Google Firebase</a> into a JSON document, and import into MongoDB, for item-by-item processing. Actually, this script will work against <i>any</i> HackerNews thread, and it recursively grabs nested comments. Next time you're asked to write a recursive function on a white board for a Google interview, hopefully you've remember this code! :-)<br />
<br />
<pre>$ cat ~/bin/hackernews.py
#!/usr/bin/python3
import json
import requests
import sys
#https://hacker-news.firebaseio.com/v0/item/14002821.json?print=pretty
def get_json_from_url(item):
url = "https://hacker-news.firebaseio.com/v0/item/%s.json" % item
data = json.loads(requests.get(url=url).text)
#print(json.dumps(data, indent=4, sort_keys=True))
if "kids" in data and len(data["kids"]) > 0:
for k in data["kids"]:
data[k] = json.loads(get_json_from_url(k))
return json.dumps(data)
data = json.loads(get_json_from_url(sys.argv[1]))
print(json.dumps(data, indent=4, sort_keys=False))
</pre>
<br />
It takes 5+ minutes to run, so you can just download a snapshot of the <a href="https://drive.google.com/file/d/0B82l96Y5_w3FVUJtenlOVi15cGM/view?usp=sharing">JSON blob from here</a> (768KB), or if you prefer to run it yourself...<br />
<br />
<pre>$ hackernews.py 14002821 | tee 14002821.json
</pre>
<br />
First some raw statistics...<br />
<br />
<ul>
<li>1109 total comments</li>
<li>713 unique users contributed a comment</li>
<li>211 users contributed more than 1 comment</li>
<ul>
<li>42 comments/replies contributed by dustinkirkland (that's me)</li>
<li>12 by vetinari</li>
<li>11 by JdeBP</li>
<li>9 by simosx and jnw2</li>
</ul>
<li>438 top level comments</li>
<ul>
<li>671 nested/replies</li>
</ul>
<li>415 properly formatted uses of "Headline:"</li>
<ul>
<li>Thank you! That was super useful in my processing of these!</li>
</ul>
<li>519 mentions of Desktop</li>
<li>174 mentions of Server</li>
<li>69 + 64 mentions of Snaps and Core</li>
</ul>
<div>
I'll try to summarize a few of my key interpretations of the trends, having now processed the entire discussion. Sincere apologies in advance if I've (a) misinterpreted a theme, (b) skipped your favorite them, or (c) conflated concepts. If any of these are the case, well, please post your feedback in the HackerNews thread associated with this post :-)<br />
<br />
First, grouped below are some of the Desktop themes, with some fuzzy, approximate "weighting" by the number of pertinent discussions/mentions/vehemence.</div>
<div>
<ul>
<li><b>Drop MIR/Unity for Wayland/Gnome (351 weight) <i>[<a href="https://insights.ubuntu.com/2017/04/05/growing-ubuntu-for-cloud-and-iot-rather-than-phone-and-convergence/">Beta available, 17.10</a>]</i></b></li>
<ul>
<li>Release/GA Unity 8 (15 weight)</li>
<li>Easily, the most heavily requested, major change in this thread was for Ubuntu to drop MIR/Unity in favor of Wayland/Gnome. And that's exactly what Mark Shuttleworth announced in an <a href="https://insights.ubuntu.com/2017/04/05/growing-ubuntu-for-cloud-and-iot-rather-than-phone-and-convergence/">Ubuntu Insights post here</a> today. There were a healthy handful of Unity 8 fans, calling for its GA, and more than a few HackerNews comments lamenting the end of Unity in <a href="https://news.ycombinator.com/item?id=14043631">this thread</a>.</li>
</ul>
<li><b>Improve HiDPI, 4K, display scaling, multi-monitor (217 weight) </b><b><b><i>[<a href="http://blog.3v1n0.net/informatica/linux/gnome-fractional-and-multi-monitor-scaling-hackfest-the-report/">Beta available</a>, 17.10]</i></b></b></li>
<ul>
<li>For the first time in a long time, I feel like a laggard in the technology space! I own a dozen or so digital displays but not a single 4K or HiDPI monitor. So while I can't yet directly relate, the HackerNews community is keen to see better support for multiple, high resolution monitors and world class display scaling. And I suspect you're just a short year or so ahead of much of the rest of the world.</li>
</ul>
<li><b>Make track pad, touch gestures great (129 weight) </b><b><i>[<a href="https://launchpad.net/ubuntu/+source/libinput">Beta available, 17.10</a>]</i></b></li>
<ul>
<li>There's certainly an opportunity to improve the track pad and touch gestures in the Ubuntu Desktop "more Apple-like".</li>
</ul>
<li><b>Improve Bluetooth, WiFi, Wireless, Network Manager (97 weight)</b><b> <i>[<a href="https://launchpad.net/ubuntu/+source/bluez">Beta available, 17.10</a>]</i></b></li>
<ul>
<li>This item captures some broad, general requests to make Bluetooth and Wireless more reliable in Ubuntu. It's a little tough to capture an exact work item, but the relevant teams at Canonical have received the feedback.</li>
</ul>
<li><b>Better mouse settings, more options, scroll acceleration (89 weight)</b><b> <i>[<a href="https://launchpad.net/ubuntu/+source/libinput">Beta available, 17.10</a>]</i></b></li>
<ul>
<li>Similar to the touch/track pad request, there was a collection of similar feedback suggesting better mouse settings out-of-the-box, and more fine grained options. </li>
</ul>
<li><b>Better NVIDIA, GPU support (87 weight)</b><b> <i>[<a href="https://medium.com/intuitionmachine/how-we-commoditized-gpus-for-kubernetes-7131f3e9231f">In-progress, 17.10</a>]</i></b></li>
<ul>
<li>NVIDIA GPUs are extensively used in both Ubuntu Desktops and Servers, and the feedback here was largely around better driver availability, more reliable upgrades, CUDA package access. For my part, I'm personally engaged with the high end GPU team at NVIDIA and we're actively working on a couple of initiatives to improve GPU support in Ubuntu (both Desktop and Server).</li>
</ul>
<li><b>Clean up Network Manager, easier VPN (71 weight) </b><b><i>[<a href="https://launchpad.net/ubuntu/+source/network-manager">Beta available, 17.10</a>]</i></b></li>
<ul>
<li>There were several requests around both Network Manager, and a couple of excellent suggestions with respect to easier VPN configuration and connection. Given the <a href="https://arstechnica.com/tech-policy/2017/03/senate-votes-to-let-isps-sell-your-web-browsing-history-to-advertisers/">recent legislation in the USA</a>, I for one am fully supportive of helping Ubuntu users do more than ever before to protect their security and privacy, and that may entail better VPN support.</li>
</ul>
<li><b>Easily customize, relocate the Unity launcher (53 weight) </b><b><i>[Deprecated, 17.10]</i></b></li>
<ul>
<li>This thread made it abundantly clear that it's important to people to be able to move, hide, resize, and customize their launcher (Unity or Gnome). I can certainly relate, as I personally prefer my launcher at the bottom of the screen.</li>
</ul>
<li><b>Add night mode, redshift, f.lux (42 weight) </b><b> <i>[Beta available, 17.10]</i></b></li>
<ul>
<li>This request is one of the real gems of this whole exercise! This seems like a nice, little, bite-sized feature, that we may be able include with minimal additional effort. Great find.</li>
</ul>
<li><b>Make WINE and Windows apps work better (10 weight)</b></li>
<ul>
<li>If Microsoft can make Ubuntu on Windows work so well, why can't Canonical make Windows on Ubuntu work? :-) If it were only so easy... For starters, the Windows Subsystem for Linux "simply" needs to implement a bunch of Linux syscalls, whose source is entirely available. So there's that :-) Anyway, this one is really going too be a tough one for us to move the needle on...</li>
</ul>
<li><b>Better accessibility for disabled users, children (9 weight)</b></li>
<ul>
<li>As a parent, and as a friend of many Ubuntu users with special needs, this is definitely a worthy cause. We'll continue to try and push the envelop on accessibility in the Linux desktop.</li>
</ul>
<li><b>LDAP/ActiveDirectory integration out of the box (7 weight)</b></li>
<ul>
<li>This is actually a regular request of Canonical's corporate Ubuntu Desktop customers. We're generally able to meet the needs of our enterprise customers around LDAP and ActiveDirectory authentication. We'll look at what else we can do natively in the distro to improve this.</li>
</ul>
<li><b>Add support for voice commands (5 weight)</b></li>
<ul>
<li>Excellent suggestion. We've grown so accustomed to "Okay Google...", "Alexa...", "Siri..." How long until we can, "Hey you, Ubuntu..." :-)</li>
</ul>
</ul>
<div>
Grouped below are some themes, requests, and suggestions that generally apply to Ubuntu as an OS, or specifically as a cloud or server OS.</div>
<ul>
<li><b>Better, easier, safer, faster, rolling upgrades (153 weight)</b></li>
<ul>
<li>The ability to upgrade from one release of Ubuntu to the next has long been one of our most important features. A variety of requests have identified a few ways that we should endeavor to improve: snapshots and rollbacks, A/B image based updates, delta diffs, easier with fewer questions, super safe rolling updates to new releases. Several readers suggested killing off the non-LTS releases of Ubuntu and only releasing once a year, or every 2 years (which is the LTS status quo). We're working on a number of these, with much of that effort focused on Ubuntu Core. You'll see some major advances around this by Ubuntu 18.04 LTS.</li>
</ul>
<li><b>Official hardware that just-works, Nexus-of-Ubuntu (130 weight)</b></li>
<ul>
<li>This is perhaps my personal favorite suggestion of this entire thread -- for us to declare a "Nexus-of-each-Ubuntu-release", much like Google does for each major Android release. Hypothetically, this would be an easily accessible, available, affordable hardware platform, perhaps designed in conjunction with an OEM, to work perfectly with Ubuntu out of the box. That's a new concept. We do have the <a href="https://certification.ubuntu.com/">Ubuntu Hardware Certification Programme</a>, where we clearly list all hardware that's tested and known to work well with Ubuntu. And we do work with major manufacturers on some fantastic desktops and laptops -- the <a href="http://www.dell.com/developers">Dell XPS</a> and <a href="http://system76.com/">System76</a> both immediately come to mind. But this suggestion is a step beyond that. I'm set to speak to a few trusted partners about this idea in the coming weeks.</li>
</ul>
<li><b>Lighter, smaller, more minimal (113 weight)</b><b> <i>[<a href="http://cdimage.ubuntu.com/ubuntu-base/daily/current/">Beta Available, 17.10</a>]</i></b></li>
<ul>
<li>Add x-y-z-favorite-package to default install (105 weight)</li>
<li>For every Ubuntu user that wants to remove stuff from Ubuntu, to make it smaller/faster/lighter/secure, I'll show you another user who wants to add something else to the default install :-) This is a tricky one, and one that I'm always keen to keep an eye on. We try very had to strike a delicate balance between minimal-but-usable. When we have to err, we tend (usually, but not always) on the side of usability. That's just the Ubuntu way. That said, we're always evaluating our Ubuntu Server, Cloud, Container, and Docker images to insure that we minimize (or at least justify) any bloat. We'll certainly take another hard look at the default package sets at both 17.10 and 18.04. Thanks for bringing this up and we'll absolutely keep it in mind!</li>
</ul>
<li><b>More QA, testing, stability, general polish (99 weight)</b><b> <i>[In-progress, 17.10]</i></b></li>
<ul>
<li>The word "polish" is used a total of 24 times, with readers generally asking for more QA, more testing, more stability, and more "polish" to the Ubuntu experience. This is a tough one to quantify. That said, we have a strong commitment to quality, and CI/CD (continuous integration, continuous development) testing at Canonical. As your Product Manager, I'll do my part to ensure that we invest more resources into Ubuntu quality.</li>
</ul>
<li><b>Fix /boot space, clean up old kernels (92 weight)</b><b> <i>[<a href="https://launchpad.net/ubuntu/+source/unattended-upgrades">In-progress, 17.10</a>]</i></b></li>
<ul>
<li>Ouch. This is such an ugly, nasty problem. It personally pissed me off so much, in 2010, that I created a script, "purge-old-kernels". And it personally pissed me off again so much in 2014, that I jammed it into the Byobu package (which I also authored and maintain), for the sole reason to get it into Ubuntu. That being said, that's the wrong approach. I've spoken with Leann Ogasawara, the amazing manager and team lead for the Ubuntu kernel team, and she's committed to getting this problem solved once and for all in Ubuntu 17.10 -- and ideally getting those fixes backported to older releases of Ubuntu.</li>
</ul>
<li><b>ZFS supported as a root filesystem (84 weight)</b></li>
<ul>
<li>This was one of the more surprising requests I found here, and another real gem. I know that we have quite a few ZFS fans in the Ubuntu community (of which, I'm certainly one) -- but I had no idea so many people want to see ZFS as a root filesystem option. It makes sense to me -- integrity checking, compression, copy-on-write snapshots, clones. In fact, we have some skunkworks engineering investigating the possibility. Stay tuned...</li>
</ul>
<li><b>Improve power management, battery usage (73 weight)</b></li>
<ul>
<li>Longer batteries for laptops, lower energy bills for servers -- an important request. We'll need to work closer with our hardware OEM/ODM partners to ensure that we're leveraging their latest and greatest energy conservation features, and work with upstream to ensure those changes are integrated into the Linux kernel and Gnome.</li>
</ul>
<li><b>Security hardening, grsecurity (72 weight)</b></li>
<ul>
<li>More security! There were several requests for "extra security hardening" as an option, and the grsecurity kernel patch set. So the <a href="https://grsecurity.net/">grsecurity</a> Linux kernel is a heavily modified, patched Linux kernel that adds a <a href="https://grsecurity.net/features.php">ton of additional security checks and features</a> at the lowest level of the OS. But the patch set is huge -- and it's not upstream in the Linux kernel. It also only applies against the last LTS release of Ubuntu. It would be difficult, though not necessarily impossible, to offer the grsecurity supported in the Ubuntu archive. As for "extra security hardening", Canonical is working with IBM on a number of security certification initiatives, around FIPS, CIS Benchmarks, and DISA STIG documentation. You'll see these becoming available throughout 2017.</li>
</ul>
<li><b>Dump Systemd (69 weight)</b></li>
<ul>
<li>Fun. All the people fighting for Wayland/Gnome, and here's a vocal minority pitching a variety of other init systems besides Systemd :-) So frankly, there's not much we can do about this one at this point. We created, and developed, and maintained Upstart over the course of a decade -- but for various reasons, Red Hat, SUSE, Debian, and most of the rest of the Linux community chose Systemd. We fought the good fight, but ultimately, we <a href="http://www.markshuttleworth.com/archives/1316">lost graciously</a>, and migrated Ubuntu to Systemd.</li>
</ul>
<li><b>Root disk encryption, ext4 encryption, more crypto (47 weight) <i>[<a href="https://launchpad.net/~ubuntu-security/+archive/ubuntu/ubuntu-security-staging">In-progress, 17.10</a>]</i></b></li>
<ul>
<li>The very first feature of Ubuntu, that I created when I started working for Canonical in 2008, was the <a href="http://www.linux-mag.com/id/7568/">Home Directory Encryption</a> feature introduced in late 2008, so yes -- this feature has been near and dear to my heart! But as one of the co-authors and co-maintainers of eCryptfs, we're putting our support behind EXT4 Encryption for the future of per-file encryption in Ubuntu. Our good friends at Google (hi Mike, Ted, and co!) have created something super modern, efficient, and secure with EXT4 Encryption, and we hope to get there in Ubuntu over the next two releases. Root disk encryption is still important, even more now than ever before, and I do hope we can do a bit better to make root disk encryption easier to enable in the Desktop installer.</li>
</ul>
<li><b>Fix suspend/resume (24 weight)</b></li>
<ul>
<li>These were a somewhat general set of bugs or issues around suspend/resume not working as well as it should. If these are a closely grouped set of corner cases (e.g. multiple displays, particular hardware), then we should be able to shake these out with better QA, bug triage, and upstream fixes. That said, I remember when suspend/resume never worked at all in Linux, so pardon me while I'm a little nostalgic about how far we've come :-) Okay...now, yes, you're right. We should do better.</li>
</ul>
<li><b>New server installer (19 weight) <i>[<a href="http://cdimage.ubuntu.com/ubuntu-server/daily-live/current/">Beta available, 17.10</a>]</i></b></li>
<ul>
<li>Well aren't you in for a surprise :-) There's a new server installer coming soon! Stay tuned.</li>
</ul>
<li><b>Improve swap space management (12 weight)</b></li>
<ul>
<li>Another pet peeve of mine -- I feel you! So I filed <a href="https://blueprints.launchpad.net/ubuntu/+spec/foundations-karmic-swapfile">this blueprint</a> in 2009, and I'm delighted to say that as of this month (8 years later), Ubuntu 17.04 (Zesty Zapus) will use swap files, rather than swap partitions, by default. Now, there's a bit more to do -- we should make these a bit more dynamic, tune the swappiness sysctl, etc. But this is a huge step in the right direction!</li>
</ul>
<li><b>Reproducible builds (7 weight)</b></li>
<ul>
<li>Ensuring that builds are reproducible is essential for the security and the integrity of our distribution. We've been working with <a href="https://wiki.debian.org/ReproducibleBuilds/About">Debian</a> upstream on this over the last few years, and will continue to do so.</li>
</ul>
</ul>
</div>
<div>
Ladies and gentlemen, again, a most sincere "thank you", from the Ubuntu community to the HackerNews community. We value openness -- open source code, open design, open feedback -- and this last week has been a real celebration of that openness for us. We appreciate the work and effort you put into your comments, and we hope to continue our dialog throughout our future together, and most importantly, that Ubuntu continues to serve your needs and occasionally even exceed your expectations ;-)<br />
<br />
Cheers,<br />
:-Dustin</div>
Dustin Kirklandhttp://www.blogger.com/profile/12464590128908584782noreply@blogger.com0Austin, TX, USA30.267153 -97.74306079999996729.828484 -98.388507799999971 30.705822 -97.097613799999962tag:blogger.com,1999:blog-3822757291061444396.post-64041775372112511132017-03-14T09:00:00.000-05:002017-03-14T16:48:11.888-05:00Ubuntu 12.04 ESM (Extended Security Maintenance)<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiggSy5TgdfaWvFaKZdLvGJYD45a62wXln3VUnhMigmhTlX8Tr5_AXI5SpBleEL5DQ__jTQLpyi3GlfVmUHVGofWEMaXn5Gl5U9cg_35gBeubtflKJ00p0sCv-izI0KTxyV9TBzTWpbTnY/s1600/Screenshot+from+2017-03-13+10-42-02.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" height="235" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiggSy5TgdfaWvFaKZdLvGJYD45a62wXln3VUnhMigmhTlX8Tr5_AXI5SpBleEL5DQ__jTQLpyi3GlfVmUHVGofWEMaXn5Gl5U9cg_35gBeubtflKJ00p0sCv-izI0KTxyV9TBzTWpbTnY/s400/Screenshot+from+2017-03-13+10-42-02.png" width="400" /></a></div>
<div class="separator" style="clear: both; text-align: center;">
<br /></div>
Canonical <a href="https://lists.ubuntu.com/archives/ubuntu-announce/2012-April/000159.html">announced</a> the Ubuntu 12.04 LTS (<a href="https://wiki.ubuntu.com/PrecisePangolin/ReleaseNotes">Precise Pangolin</a>) release almost 5 years ago, on April 26, 2012. As with all <a href="https://wiki.ubuntu.com/LTS">LTS releases</a>, Canonical has provided ongoing security patches and bug fixes for a period of 5 years. The Ubuntu 12.04 LTS (Long Term Support) period will end on Friday, April 28, 2017.<br />
<br />
Following the end-of-life of Ubuntu 12.04 LTS, Canonical is offering Ubuntu 12.04 ESM (Extended Security Maintenance), which provides important security fixes for the kernel and the most essential user space packages in Ubuntu 12.04. These updates are delivered in a secure, private archive exclusively available to <a href="http://ubuntu.com/advantage">Ubuntu Advantage</a> customers on a per-node basis.<br />
<br />
All Ubuntu 12.04 LTS users are encouraged to upgrade to Ubuntu 14.04 LTS or Ubuntu 16.04 LTS. But for those who cannot upgrade immediately, Ubuntu 12.04 ESM updates will help ensure the on-going security and integrity of Ubuntu 12.04 systems.<br />
<br />
Users interested in Ubuntu 12.04 ESM updates can purchase Ubuntu Advantage at <a href="http://buy.ubuntu.com/">http://buy.ubuntu.com/</a> Credentials for the private archive will be available by the end-of-life date for Ubuntu 12.04 LTS (April 28, 2017).<br />
<div>
<br /></div>
<div>
Questions? Post in the comments below and join us for a live webinar, "<i><a href="https://pages.ubuntu.com/howtoupgradefrom12.04webinar_LP.html">HOWTO: Ensure the Ongoing Security Compliance of your Ubuntu 12.04 Systems</a></i>", on Wednesday, March 22nd at 4pm GMT / 12pm EDT / 9am PDT. Here, we'll discuss Ubuntu 12.04 ESM and perform a few live upgrades of Ubuntu 12.04 LTS systems.<br />
<div>
<br /></div>
<div>
Cheers,</div>
<div>
Dustin</div>
</div>
Dustin Kirklandhttp://www.blogger.com/profile/12464590128908584782noreply@blogger.com0Austin, TX, USA30.267153 -97.74306079999996729.828484 -98.388507799999971 30.705822 -97.097613799999962tag:blogger.com,1999:blog-3822757291061444396.post-73506286995613918322017-03-05T09:44:00.002-06:002017-03-05T09:44:40.817-06:00Ubuntu at Mobile World Congress 2017Mobile World Congress is simply one of the biggest trade shows in the entire world.<br /><br />It's also, perhaps, the best place in the world to see how encompassing the Ubuntu ecosystem actually is.<br /><br />Canonical and our partners demonstrated Ubuntu running on dozens of devices -- from robots, to augmented reality headsets, digital signs, vending machines, IoT Gateways, cell tower base stations, phones, tablets, servers, from super computers to tiny, battery powered embedded controllers.<br /><br />But that was only a tiny fraction of the Ubuntu running at MWC!<br /><br />We saw Ubuntu at the heart of demos from Dell, AMD, Intel, IBM, Deutsche Telekom, DJI, and hundreds of other booths, running autonomous drones, national telephone networks, self driving cars, smart safety helmets, inflight entertainment systems, and so, so, so much more.<br /><br />Among the thousands of customers, prospects, fans, competitors, students, and industry executives, we even received a visit from (the somewhat controversial?) King of Spain!<br /><br />It was an incredible week, with no fewer than 12 hours per day, on our feet, telling the Ubuntu story.<br />And what a story it is... I hope you enjoy.<br /><br />Cheers,<br />Dustin<br /><div style="text-align: center;">
<br /></div>
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEilCqz9DGReEGDXsAsG3o44SaAWra7SxmG2iMbxf51EjQXlX834BxyjJgwq-p-Z6F3EII05orBiJj9ABosKLgW4Vzc750SZFCXibQihWlB7CbtAuf0tXBcv5tiJ4P98tPrOlOiXEksSoVo/s1600/01.jpg" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" height="400" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEilCqz9DGReEGDXsAsG3o44SaAWra7SxmG2iMbxf51EjQXlX834BxyjJgwq-p-Z6F3EII05orBiJj9ABosKLgW4Vzc750SZFCXibQihWlB7CbtAuf0tXBcv5tiJ4P98tPrOlOiXEksSoVo/s400/01.jpg" width="225" /></a></div>
<div style="text-align: center;">
<br /></div>
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhGhSldyJlYIhwRQMM2esaQBaGo2WSCvQFV5MZ3KM1P4pkyGI-96eYu0I4H45_30OhSPw6zSNlKVlPHPPnXtOiT_YiRBeUoTmKKjMzXqPZh1aJ3zoR8CG3r_4aF-qV7iK3GgF5LpuuUsYs/s1600/02.jpg" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" height="225" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhGhSldyJlYIhwRQMM2esaQBaGo2WSCvQFV5MZ3KM1P4pkyGI-96eYu0I4H45_30OhSPw6zSNlKVlPHPPnXtOiT_YiRBeUoTmKKjMzXqPZh1aJ3zoR8CG3r_4aF-qV7iK3GgF5LpuuUsYs/s400/02.jpg" width="400" /></a></div>
<div style="text-align: center;">
<br /></div>
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjcNnL2D-LGYqjIAfnfYewK7aV2_O_4DHsPph_8Suu6dDCeMJvvn0oKTK3tILON6egQWQTm6Y37GqcySD-MLbhQWgTZ-6GzEC0JiedDqNTJAbdD400rgYwrpwX3Uki8Z28LkkOjStCVVsM/s1600/03.jpg" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" height="400" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjcNnL2D-LGYqjIAfnfYewK7aV2_O_4DHsPph_8Suu6dDCeMJvvn0oKTK3tILON6egQWQTm6Y37GqcySD-MLbhQWgTZ-6GzEC0JiedDqNTJAbdD400rgYwrpwX3Uki8Z28LkkOjStCVVsM/s400/03.jpg" width="225" /></a></div>
<div style="text-align: center;">
<br /></div>
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiJujuq97WkMzahSaSgz0OIobPTkcFeLOOBdBl3YXg1dyTuMCcLhgAxt2wpOS_R0Cw7CkUvRDFQGdiGEBFMIR06n7D3zrkoIMw3rOuvP96VMHfMIBe818m6JSXVj-8P5Ma2SoeyuQT759c/s1600/04.jpg" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" height="180" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiJujuq97WkMzahSaSgz0OIobPTkcFeLOOBdBl3YXg1dyTuMCcLhgAxt2wpOS_R0Cw7CkUvRDFQGdiGEBFMIR06n7D3zrkoIMw3rOuvP96VMHfMIBe818m6JSXVj-8P5Ma2SoeyuQT759c/s320/04.jpg" width="320" /></a></div>
<div style="text-align: center;">
<br /></div>
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEi0nu_lVGG_MHIfFmU8r5GySF6WeiGsQS9rMNuJ70-QhIvwS7qLVTMBli_AbFsec1H_oAVLSMIr-EScQscdUwrFspnxdGeCUjmC1z6O3rMQ5GZTQ3mzXmWTBhRmaZ2VRZgb0V_fnoLDlWk/s1600/05.jpg" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" height="180" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEi0nu_lVGG_MHIfFmU8r5GySF6WeiGsQS9rMNuJ70-QhIvwS7qLVTMBli_AbFsec1H_oAVLSMIr-EScQscdUwrFspnxdGeCUjmC1z6O3rMQ5GZTQ3mzXmWTBhRmaZ2VRZgb0V_fnoLDlWk/s320/05.jpg" width="320" /></a></div>
<div style="text-align: center;">
<br /></div>
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhLIaD7rdJ019MC9B7ybZn6npS6NWF8hi7FXUBfrjMzobeQ75RIf5buxfawwjsP2O0gjUUZ4Qhw-MZUAV6poaeljxAa0Ohq46xbZpLdGuGpJVq1BhB8gLi3UyGzHFCPJsdTs9RXVW1bYsE/s1600/06.jpg" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" height="400" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhLIaD7rdJ019MC9B7ybZn6npS6NWF8hi7FXUBfrjMzobeQ75RIf5buxfawwjsP2O0gjUUZ4Qhw-MZUAV6poaeljxAa0Ohq46xbZpLdGuGpJVq1BhB8gLi3UyGzHFCPJsdTs9RXVW1bYsE/s400/06.jpg" width="225" /></a></div>
<div style="text-align: center;">
<br /></div>
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEi-3yaCHC1nyfenY0loi6JRbG60bAOHuqnGkraBKuGGXeZQ9o61HKgBTqAibDjZofZRi9mcTgbUV0YgJrpAd87JuBO2NICejy019l3p6wkQ-oN7XrVHym7pMqBjnVkjaEMccie8gA9v_og/s1600/07.jpg" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" height="225" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEi-3yaCHC1nyfenY0loi6JRbG60bAOHuqnGkraBKuGGXeZQ9o61HKgBTqAibDjZofZRi9mcTgbUV0YgJrpAd87JuBO2NICejy019l3p6wkQ-oN7XrVHym7pMqBjnVkjaEMccie8gA9v_og/s400/07.jpg" width="400" /></a></div>
<div style="text-align: center;">
<br /></div>
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgL4usNLmX2aylpJcW_vd1H1x5Vt9xwBnTHwBYO95V-i6NLygSCKSHxaPg3y6ENeTYLVIGVMZBhG6HGbshUuf6hN3wO1YXFb30KG2Eapw9rLg22s7vvFUl0Ly6X_AgbKyt2f66-IADPJ10/s1600/08.jpg" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" height="303" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgL4usNLmX2aylpJcW_vd1H1x5Vt9xwBnTHwBYO95V-i6NLygSCKSHxaPg3y6ENeTYLVIGVMZBhG6HGbshUuf6hN3wO1YXFb30KG2Eapw9rLg22s7vvFUl0Ly6X_AgbKyt2f66-IADPJ10/s400/08.jpg" width="400" /></a></div>
<div style="text-align: center;">
<br /></div>
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhqWp16LnLdbMrd4deY8WPqAtjL0vLULZ08BbEX_ULbHZtdqrEFfpf2p9jJZYGkYrH2PamqVdTFcDXv9n_OjjOuCGo-hKcGVdNbpV_K-lAb3tBQG0EEgsHsUTQPDv1MYEVMKxHQUOSiGLs/s1600/09.jpg" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" height="320" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhqWp16LnLdbMrd4deY8WPqAtjL0vLULZ08BbEX_ULbHZtdqrEFfpf2p9jJZYGkYrH2PamqVdTFcDXv9n_OjjOuCGo-hKcGVdNbpV_K-lAb3tBQG0EEgsHsUTQPDv1MYEVMKxHQUOSiGLs/s320/09.jpg" width="249" /></a></div>
<div style="text-align: center;">
<br /></div>
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgVAFMspVgiKIcwDH8Vem4PC-H0dP_9_SZ_tIQA1-QQM-pkZxo-8__YLfKy2CMo1c4MpM3_S1EKmHPWLe7jr6pB2u8m9vYe-jhl6241cnTo86qyUbSggufL02ZTeANKv_5HeimM4g_wr7w/s1600/10.jpg" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" height="180" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgVAFMspVgiKIcwDH8Vem4PC-H0dP_9_SZ_tIQA1-QQM-pkZxo-8__YLfKy2CMo1c4MpM3_S1EKmHPWLe7jr6pB2u8m9vYe-jhl6241cnTo86qyUbSggufL02ZTeANKv_5HeimM4g_wr7w/s320/10.jpg" width="320" /></a></div>
<div style="text-align: center;">
<br /></div>
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiQzFRBEV4JFmevwjQEUSWN8IJJNa6h2byBNFtM_Z56skqPd5dJ7qIMa-3P1ic9dRooWEXWAISd-m8UFYAd04T8d8c4zHMZhfDVsGSoDdrkFC6Gwpa3s6P2UMa7tE7zJTKxeFqYJFyrpwA/s1600/11.jpg" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" height="400" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiQzFRBEV4JFmevwjQEUSWN8IJJNa6h2byBNFtM_Z56skqPd5dJ7qIMa-3P1ic9dRooWEXWAISd-m8UFYAd04T8d8c4zHMZhfDVsGSoDdrkFC6Gwpa3s6P2UMa7tE7zJTKxeFqYJFyrpwA/s400/11.jpg" width="258" /></a></div>
<div style="text-align: center;">
<br /></div>
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhwSLdCOz3snGhR3Ss75IyrwrJK1F2f4I1TL2O9i_FM-Ptheh1Hedg3c6-wKR-dmn82GpcFN_L40ylqkuzGAskDyvgy2T_3zIqqwrrdemf-iX4NzBqD3kO3Z4CZ4hjslKW6wQtHqTigBhw/s1600/12.jpg" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" height="225" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhwSLdCOz3snGhR3Ss75IyrwrJK1F2f4I1TL2O9i_FM-Ptheh1Hedg3c6-wKR-dmn82GpcFN_L40ylqkuzGAskDyvgy2T_3zIqqwrrdemf-iX4NzBqD3kO3Z4CZ4hjslKW6wQtHqTigBhw/s400/12.jpg" width="400" /></a></div>
<div style="text-align: center;">
<br /></div>
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhrnLFj67wsIxbrXseiHG1R6r-1Qx2BXhBj9AMVXt3TxoorsFe-ccHDCjm-vBmIB9sg1KafobOb2tToD1yyb0B4g81mPlnx7yE4Udu3sWsDEmp69x9U88FEem4X1lKrUFKre3G2ish2WP8/s1600/13.jpg" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" height="250" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhrnLFj67wsIxbrXseiHG1R6r-1Qx2BXhBj9AMVXt3TxoorsFe-ccHDCjm-vBmIB9sg1KafobOb2tToD1yyb0B4g81mPlnx7yE4Udu3sWsDEmp69x9U88FEem4X1lKrUFKre3G2ish2WP8/s400/13.jpg" width="400" /></a></div>
<div style="text-align: center;">
<br /></div>
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjaA8USWyJeh5ObvR0UEKf8mmo1dsNUDtOFonakMxXTpug2R0R4JtP1WmXFPvJbsAL-_3j7YqTrdssYZhqm_phpp8i5qCgsuGXSRkGu2d2f5J8_FROc5XMj104MCOmCHfQ0CZx4q4NG7AM/s1600/14.jpg" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" height="259" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjaA8USWyJeh5ObvR0UEKf8mmo1dsNUDtOFonakMxXTpug2R0R4JtP1WmXFPvJbsAL-_3j7YqTrdssYZhqm_phpp8i5qCgsuGXSRkGu2d2f5J8_FROc5XMj104MCOmCHfQ0CZx4q4NG7AM/s320/14.jpg" width="320" /></a></div>
<div style="text-align: center;">
<br /></div>
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgdgyguemvPAVORCYkf8fdyRvLMG78I85ypMrGqtJp9uMfjRPgXtdleTsoHSZaVbrFKa-CCoeH8TS0z2ow1eYu35Kc02SzkFpIEfxXoPg1AOfigfoMDb68rQJFRNCI45fW1r3_c1WL2k80/s1600/15.jpg" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" height="216" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgdgyguemvPAVORCYkf8fdyRvLMG78I85ypMrGqtJp9uMfjRPgXtdleTsoHSZaVbrFKa-CCoeH8TS0z2ow1eYu35Kc02SzkFpIEfxXoPg1AOfigfoMDb68rQJFRNCI45fW1r3_c1WL2k80/s400/15.jpg" width="400" /></a></div>
<div style="text-align: center;">
<br /></div>
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgnge2l2_kUyIsOcmwuthJpEo6xW59JZUV5IlpoPvW4MGjKLp600X6btS35D5a1Z4wYe0Y8XrvqLXhbf_5_N9VpMR7sIKOtoHPRLE7UWoP-CY8azvuKMshg45iL-vX76UF4GGy58HRIrbs/s1600/16.jpg" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" height="225" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgnge2l2_kUyIsOcmwuthJpEo6xW59JZUV5IlpoPvW4MGjKLp600X6btS35D5a1Z4wYe0Y8XrvqLXhbf_5_N9VpMR7sIKOtoHPRLE7UWoP-CY8azvuKMshg45iL-vX76UF4GGy58HRIrbs/s400/16.jpg" width="400" /></a></div>
<div style="text-align: center;">
<br /></div>
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjFNHrqfprDXObUH5-TaLk5LXA7QN35ZQnIPcwN9GrbISjXKIOe7AQw027jBJ01k1j0IvSMGNnnTvPcmzxAIx9BuOfLEU2aalfuqKuTR9LGRjcVNHBkYtp5Ag1u626napX-LXmtJnUPBh8/s1600/17.jpg" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" height="225" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjFNHrqfprDXObUH5-TaLk5LXA7QN35ZQnIPcwN9GrbISjXKIOe7AQw027jBJ01k1j0IvSMGNnnTvPcmzxAIx9BuOfLEU2aalfuqKuTR9LGRjcVNHBkYtp5Ag1u626napX-LXmtJnUPBh8/s400/17.jpg" width="400" /></a></div>
<div style="text-align: center;">
<br /></div>
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEh9DDEWlACHE5URkCJyNm4kr7pcGt4N5nbgzzEfkgGW0gX936u7Vdb5-NQ47yruEQxuHyENTuGqAB0vcLQnqY_fLpv8riTbJ-E2K7z8-_21gOlJ79FH04R0Vt2poatfcnw5UR2J3eSEuvM/s1600/18.jpg" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" height="291" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEh9DDEWlACHE5URkCJyNm4kr7pcGt4N5nbgzzEfkgGW0gX936u7Vdb5-NQ47yruEQxuHyENTuGqAB0vcLQnqY_fLpv8riTbJ-E2K7z8-_21gOlJ79FH04R0Vt2poatfcnw5UR2J3eSEuvM/s400/18.jpg" width="400" /></a></div>
<div style="text-align: center;">
<br /></div>
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEghYcZM3PN2exDAZM0yvvdrkhhwy1Wlb7U4zJC9z6-tnc9q2OlhWVTpRqnMm5njHuUG-4cQnTGG8rT_uwAa4vZlZ5Vyr3yuIiWRICCOBsRJyJGmqjOdrtkKdiAxY7-0C4-n8pVVYv5G3-o/s1600/19.jpg" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" height="224" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEghYcZM3PN2exDAZM0yvvdrkhhwy1Wlb7U4zJC9z6-tnc9q2OlhWVTpRqnMm5njHuUG-4cQnTGG8rT_uwAa4vZlZ5Vyr3yuIiWRICCOBsRJyJGmqjOdrtkKdiAxY7-0C4-n8pVVYv5G3-o/s320/19.jpg" width="320" /></a></div>
<div style="text-align: center;">
<br /></div>
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgUaAnKL49RX1UNU6oWvb-_hmUOmDIgzdzpNZGDHoKoY54RewU0rQCXFZOl8MLLpOCr3m_mHmapusA_WWpYP0_UlBzum57kk-hIcFsWs304PIZ4JpPPG3B9FrQDXH7tB8XzXWCKqYyIqnk/s1600/20.jpg" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" height="232" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgUaAnKL49RX1UNU6oWvb-_hmUOmDIgzdzpNZGDHoKoY54RewU0rQCXFZOl8MLLpOCr3m_mHmapusA_WWpYP0_UlBzum57kk-hIcFsWs304PIZ4JpPPG3B9FrQDXH7tB8XzXWCKqYyIqnk/s400/20.jpg" width="400" /></a></div>
<div style="text-align: center;">
<br /></div>
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEg-TejVRlrh6cMUCZoyqUqjG3BBw0gc0IV4duIJ2u3NvvSW6WsDCpMICV2K9qMMCfTG5qMYo_YCb6Pzlmzs4kt6l01IIEURTEZor9KfNIYSA3r6VNnbi2BY8Q-jVqLCb2X1dhzkWlQ0mV8/s1600/21.jpg" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" height="400" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEg-TejVRlrh6cMUCZoyqUqjG3BBw0gc0IV4duIJ2u3NvvSW6WsDCpMICV2K9qMMCfTG5qMYo_YCb6Pzlmzs4kt6l01IIEURTEZor9KfNIYSA3r6VNnbi2BY8Q-jVqLCb2X1dhzkWlQ0mV8/s400/21.jpg" width="288" /></a></div>
<div style="text-align: center;">
<br /></div>
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjmtQ5e29eXYwDM_MSoIPTwO5jTcAQI50xDDOeT4DgGuPiooVfN5QJowPLadpoguqf2oX2fBo_KJgdhFWNZzLTIL_aLgww7Xk1dIf8X4xhKmKw6w-h-84krZEFamiaaAZOsJwFS4hZmLvo/s1600/22.jpg" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" height="400" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjmtQ5e29eXYwDM_MSoIPTwO5jTcAQI50xDDOeT4DgGuPiooVfN5QJowPLadpoguqf2oX2fBo_KJgdhFWNZzLTIL_aLgww7Xk1dIf8X4xhKmKw6w-h-84krZEFamiaaAZOsJwFS4hZmLvo/s400/22.jpg" width="225" /></a></div>
<div style="text-align: center;">
<br /></div>
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjljZkGgdjenJHIEn07porHY9xpfvEuicJE8BHwXbtMC7tNI0Qm36ZC2cSgBmtHg56bHaoi8cMd27aGahS4hCYGqu2b-wlEfdbXy6cglZLeVeOYEeTL8qHc86jLrB8fmUQXvXxPbVhla1c/s1600/23.jpg" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" height="180" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjljZkGgdjenJHIEn07porHY9xpfvEuicJE8BHwXbtMC7tNI0Qm36ZC2cSgBmtHg56bHaoi8cMd27aGahS4hCYGqu2b-wlEfdbXy6cglZLeVeOYEeTL8qHc86jLrB8fmUQXvXxPbVhla1c/s320/23.jpg" width="320" /></a></div>
<div style="text-align: center;">
<br /></div>
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgeDH5BmPEO-x031PqYlhg5AiSCjIGJzWGBZ4s1boKCoLZAAOhZcDW0mz24aR9Kthst5dPZCkuo6CBY9rdyhan0UuadJmkUKoxKVVWTPD2xfj3eQy6crlsvlrRhD9OaPJWawAq7SYas-Hs/s1600/24.jpg" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" height="180" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgeDH5BmPEO-x031PqYlhg5AiSCjIGJzWGBZ4s1boKCoLZAAOhZcDW0mz24aR9Kthst5dPZCkuo6CBY9rdyhan0UuadJmkUKoxKVVWTPD2xfj3eQy6crlsvlrRhD9OaPJWawAq7SYas-Hs/s320/24.jpg" width="320" /></a></div>
<div style="text-align: center;">
<br /></div>
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjCxjb2SOn7HTnJxlrjH_4yCckklmSaY-g3eIJCv_1KHZUL19Y4sZL1sOxSd1ADEjxyY5zjHNe1Y1keSaHN76lDWYo3Eh7tkg7tzbj7H0MHORBTtttAB8PldsfNGFSS7kTNOfAZsxgZTzw/s1600/25.jpg" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" height="400" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjCxjb2SOn7HTnJxlrjH_4yCckklmSaY-g3eIJCv_1KHZUL19Y4sZL1sOxSd1ADEjxyY5zjHNe1Y1keSaHN76lDWYo3Eh7tkg7tzbj7H0MHORBTtttAB8PldsfNGFSS7kTNOfAZsxgZTzw/s400/25.jpg" width="225" /></a></div>
<div style="text-align: center;">
<br /></div>
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiokWFD6TJpvbaCRrzEhoaVjnQI9FL2TbJqvybsB4VIQwtBQ07EKmOuW_l5ADg5ExdJwOB2oYboVaQZTlgWKa2sECBEZFgrtfc3YPV6NQJg_fDjt-UxanJdLGym1qLSJE6LoOhzT8kwrTE/s1600/26.jpg" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" height="277" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiokWFD6TJpvbaCRrzEhoaVjnQI9FL2TbJqvybsB4VIQwtBQ07EKmOuW_l5ADg5ExdJwOB2oYboVaQZTlgWKa2sECBEZFgrtfc3YPV6NQJg_fDjt-UxanJdLGym1qLSJE6LoOhzT8kwrTE/s400/26.jpg" width="400" /></a></div>
<div style="text-align: center;">
<br /></div>
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjVpzEP-13NT7MncJyq5b3j3Ibwz4Z4JwrXDF01-D3FZcmw_M4GsXm8SCZH9t1eKIfj0u3rNY8YppnuDOfrfF4yDo3cc407OG9byRzJ2JpL8DHONbqia2X2242sH3eNPtzphp0yPkSuHLk/s1600/27.jpg" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" height="173" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjVpzEP-13NT7MncJyq5b3j3Ibwz4Z4JwrXDF01-D3FZcmw_M4GsXm8SCZH9t1eKIfj0u3rNY8YppnuDOfrfF4yDo3cc407OG9byRzJ2JpL8DHONbqia2X2242sH3eNPtzphp0yPkSuHLk/s400/27.jpg" width="400" /></a></div>
<div style="text-align: center;">
<br /></div>
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgX8I5CuAughukzdRA7XU8paRozEmjHzQHhikBqJQ7-4IsArChey_0rIHiRRh-v31n5frFb6rpDGX-J7WPJ1GT2PCXzjAGzpflcv-4tmYjv9buMPxo4s3fXDCegag1rMr5J47ExQCvvc5Y/s1600/28.jpg" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" height="209" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgX8I5CuAughukzdRA7XU8paRozEmjHzQHhikBqJQ7-4IsArChey_0rIHiRRh-v31n5frFb6rpDGX-J7WPJ1GT2PCXzjAGzpflcv-4tmYjv9buMPxo4s3fXDCegag1rMr5J47ExQCvvc5Y/s320/28.jpg" width="320" /></a></div>
<div style="text-align: center;">
<br /></div>
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhtHHU6Vn8ANAtL_9l3CPwtWFjK8TJVP7Xgb71l4zES9QvAE_OJdMuKhy1GELHbirtoO4VGtClu3SAinKGUmQNXcrQsgjBuqQIgDPk9PePnYMt7vmYz_AQxZAlrQY364A-51lv0kn0me2A/s1600/29.jpg" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" height="180" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhtHHU6Vn8ANAtL_9l3CPwtWFjK8TJVP7Xgb71l4zES9QvAE_OJdMuKhy1GELHbirtoO4VGtClu3SAinKGUmQNXcrQsgjBuqQIgDPk9PePnYMt7vmYz_AQxZAlrQY364A-51lv0kn0me2A/s320/29.jpg" width="320" /></a></div>
<div style="text-align: center;">
<br /></div>
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEg1wRpBQADj6-cBhwlMcAatv3ZbFxgiLOjiEcFfhEMj1GZBUXrKuEqE47RxZ8nyTAyuW7nKmk5e5tAz02Wtl6c3_XbvZJC3Ib7tboQq2C6C8jSl-9wjqN3AFGSzB7vIrhlDpCUSIfuAG40/s1600/30.jpg" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" height="400" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEg1wRpBQADj6-cBhwlMcAatv3ZbFxgiLOjiEcFfhEMj1GZBUXrKuEqE47RxZ8nyTAyuW7nKmk5e5tAz02Wtl6c3_XbvZJC3Ib7tboQq2C6C8jSl-9wjqN3AFGSzB7vIrhlDpCUSIfuAG40/s400/30.jpg" width="258" /></a></div>
<div style="text-align: center;">
<br /></div>
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEip3im0QayuP4OFuY8TYzlsUTW_aD_WLn-ybOBq-GmMCxqZa3p9iom3QDJcX2csvlJ5ZlpFqbBpvCBPjj4ntDR-FUPgXj-XiRmtmlhnWMBqmMWTq36oa2WAyb9dyzpMs2txNzSuylB66RE/s1600/31.jpg" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" height="400" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEip3im0QayuP4OFuY8TYzlsUTW_aD_WLn-ybOBq-GmMCxqZa3p9iom3QDJcX2csvlJ5ZlpFqbBpvCBPjj4ntDR-FUPgXj-XiRmtmlhnWMBqmMWTq36oa2WAyb9dyzpMs2txNzSuylB66RE/s400/31.jpg" width="272" /></a></div>
<div style="text-align: center;">
<br /></div>
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEg_XGR7PNAlc2imZKOti6YxpbAQYY4K8dsLMTH3V4I1vR8232ksWOgkOdTQ42FQJu-2yAVMaS2Q9HEL8nUIpis2Sm7aE2rH1fO1_MiOhRlXj7-unyZmJSjt7PUMG1Yx__uRKYDKNHgYkkg/s1600/32.jpg" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" height="198" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEg_XGR7PNAlc2imZKOti6YxpbAQYY4K8dsLMTH3V4I1vR8232ksWOgkOdTQ42FQJu-2yAVMaS2Q9HEL8nUIpis2Sm7aE2rH1fO1_MiOhRlXj7-unyZmJSjt7PUMG1Yx__uRKYDKNHgYkkg/s320/32.jpg" width="320" /></a></div>
<div style="text-align: center;">
<br /></div>
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhnUUIxkxHZtvT5T2sSc32ygaG3ZC7XXgL7il61pPqrZeUiFC9Qa_Vmph_39xIAdvtTtkGjk6LnPD7I0jmUyuXrsLEqeaHe7Hx_AImIpl8C8hyphenhyphenA9esGk_EjjJ-mXSWYFyxjlES_dDB0fRo/s1600/33.jpg" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" height="375" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhnUUIxkxHZtvT5T2sSc32ygaG3ZC7XXgL7il61pPqrZeUiFC9Qa_Vmph_39xIAdvtTtkGjk6LnPD7I0jmUyuXrsLEqeaHe7Hx_AImIpl8C8hyphenhyphenA9esGk_EjjJ-mXSWYFyxjlES_dDB0fRo/s400/33.jpg" width="400" /></a></div>
<div style="text-align: center;">
<br /></div>
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEj30MjhsMa67KW3JrsHo3I5I7Qsgw9S72CV02Mc2hgD_122CeMMFFFIAZVxqBa6hMxQS-g_SRvUvmI1Zf46SldMIL3RV9KzbWiOXooocKkKFXo_o2fzgTZVzQE2tFhuTUrRK4GQHXLoN_8/s1600/34.jpg" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" height="400" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEj30MjhsMa67KW3JrsHo3I5I7Qsgw9S72CV02Mc2hgD_122CeMMFFFIAZVxqBa6hMxQS-g_SRvUvmI1Zf46SldMIL3RV9KzbWiOXooocKkKFXo_o2fzgTZVzQE2tFhuTUrRK4GQHXLoN_8/s400/34.jpg" width="300" /></a></div>
<div style="text-align: center;">
<br /></div>
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgTNp9C5h3a2LWLKNv3aXYg7P1nT28-qQmmyqImwvV5K8Xx4TmMauZHdd4pJ-23Gl6zTzc0UZxovqUgg_zcV61FxbHudUmFpAOW9dHPCseFoawDHwoHWt9vdTQjqpxmvXt2bvfvnhIq5N8/s1600/35.jpg" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" height="400" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgTNp9C5h3a2LWLKNv3aXYg7P1nT28-qQmmyqImwvV5K8Xx4TmMauZHdd4pJ-23Gl6zTzc0UZxovqUgg_zcV61FxbHudUmFpAOW9dHPCseFoawDHwoHWt9vdTQjqpxmvXt2bvfvnhIq5N8/s400/35.jpg" width="197" /></a></div>
<div style="text-align: center;">
<br /></div>
Dustin Kirklandhttp://www.blogger.com/profile/12464590128908584782noreply@blogger.com0Barcelona, Spain41.3850639 2.173403499999949441.1944764 1.8506799999999495 41.5756514 2.4961269999999494tag:blogger.com,1999:blog-3822757291061444396.post-31707671851507362762017-02-23T18:42:00.000-06:002017-03-04T15:47:18.255-06:00The Questions that You're Afraid to Ask about Containers<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgXM_yLGVm_SmMkCYYEmZ53XFr1hcDHTYvkJ0TFpwwM-L6-E1pVx_lPj_q0KqRj42I0BbNmJtVumHllejdOGfBXknL5qvuT_zDOfRFSZD7chqcx7RuiQqxRHpZecRQ8n5Bs7PcGo5pXVZ4/s1600/Screenshot+from+2017-02-23+16-32-11.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" height="223" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgXM_yLGVm_SmMkCYYEmZ53XFr1hcDHTYvkJ0TFpwwM-L6-E1pVx_lPj_q0KqRj42I0BbNmJtVumHllejdOGfBXknL5qvuT_zDOfRFSZD7chqcx7RuiQqxRHpZecRQ8n5Bs7PcGo5pXVZ4/s400/Screenshot+from+2017-02-23+16-32-11.png" width="400" /></a></div>
<br />
<br />
Yesterday, I delivered a talk to a lively audience at <a href="https://tmt.knect365.com/container-world/speakers/dustin-kirkland">ContainerWorld</a> in Santa Clara, California.<br />
<br />
If I measured "the most interesting slides" by counting "the number of people who took a picture of the slide", then by far "the most interesting slides" are slides 8-11, which pose an answer the question:<br />
<blockquote class="tr_bq">
"Should I run my PaaS on top of my IaaS, or my IaaS on top of my PaaS"?</blockquote>
In the Ubuntu world, that answer is super easy -- however you like! At Canonical, we're happy to support:<br />
<ol>
<li><a href="https://jujucharms.com/kubernetes-core/">Kubernetes running on top</a> of <a href="https://www.ubuntu.com/cloud/openstack">Ubuntu OpenStack</a></li>
<li><a href="https://github.com/sapcc/openstack-helm">OpenStack running on top</a> of <a href="https://www.ubuntu.com/cloud/kubernetes">Canonical Kubernetes</a></li>
<li><a href="http://kubernetes.io/">Kubernetes</a> running along side <a href="http://openstack.org/">OpenStack</a></li>
</ol>
<div>
In all cases, the underlying substrate is perfectly consistent:</div>
<div>
<ul>
<li>you've got 1 to N physical or virtual machines</li>
<li>which are dynamically provisioned by MAAS or your cloud provider</li>
<li>running stable, minimal, secure Ubuntu server image</li>
<li>carved up into fast, efficient, independently addressable LXD machine containers</li>
</ul>
<div>
With that as your base, we'll easily to <a href="http://conjure-up.io/">conjure-up</a> a Kubernetes, an OpenStack, or both. And once you have a Kubernetes or OpenStack, we'll gladly conjure-up one inside the other.</div>
</div>
<br />
<br />
As always, I'm happy to share my slides with you here. You're welcome to <a href="https://drive.google.com/file/d/0B82l96Y5_w3FXzBDbm9ZWm9Tems/view?usp=sharing">download the PDF</a>, or flip through the embedded slides below.<br />
<br />
<br />
<center>
<iframe allowfullscreen="" frameborder="0" height="485" marginheight="0" marginwidth="0" scrolling="no" src="//www.slideshare.net/slideshow/embed_code/key/t7lDnw6KzQ3mNB" style="border-width: 1px; border: 1px solid #ccc; margin-bottom: 5px; max-width: 100%;" width="595"> </iframe> <div style="margin-bottom: 5px;">
<span style="font-size: x-small;"><strong> <a href="https://www.slideshare.net/dustinkirkland/container-world-2017-the-questions-youre-afraid-to-ask-about-containers" target="_blank" title="[Container world 2017] The Questions You're Afraid to Ask about Containers">[Container world 2017] The Questions You're Afraid to Ask about Containers</a> </strong> from <strong><a href="https://www.slideshare.net/dustinkirkland" target="_blank">Dustin Kirkland</a></strong></span> </div>
</center>
<br />
Cheers,<br />
DustinDustin Kirklandhttp://www.blogger.com/profile/12464590128908584782noreply@blogger.com0tag:blogger.com,1999:blog-3822757291061444396.post-18821106360660895832017-02-14T10:19:00.001-06:002017-02-14T10:19:15.598-06:00Kubernetes InstallFest at ContainerWorld -- Feb 21, 2017!<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhK34j9WTHxXzan4Em420msCWGmUGXgpJjgcbO_3YxT-EhQZW7xX7mZwHoG8Jbfz59hirmbqff9ov8fauemLERdoYXJm7XC8Ro2MIyXxoWIoNf0DOjfhyphenhyphenlPA1-zMZLbCE5yZNg1ht6NiKg/s1600/Screenshot+from+2017-02-14+10-16-17.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" height="400" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhK34j9WTHxXzan4Em420msCWGmUGXgpJjgcbO_3YxT-EhQZW7xX7mZwHoG8Jbfz59hirmbqff9ov8fauemLERdoYXJm7XC8Ro2MIyXxoWIoNf0DOjfhyphenhyphenlPA1-zMZLbCE5yZNg1ht6NiKg/s400/Screenshot+from+2017-02-14+10-16-17.png" width="380" /></a></div>
<br />
We at Canonical have been super busy fine tuning your experience with <a href="http://kubernetes.io/">Kubernetes</a>, <a href="http://docker.com/">Docker</a>, and <a href="http://linuxcontainers.org/">LXD</a> on <a href="http://ubuntu.com/">Ubuntu</a>!<br />
<br />
Amazingly, you're merely two commands away from standing up a fully functional, minimal Kubernetes cluster on any Ubuntu 16.04 LTS system...<br />
<br />
<pre>$ sudo snap install --classic conjure-up
$ conjure-up kubernetes-core
</pre>
<br />
Or, if you're feeling more enterprisey and want the full experience, try:<br />
<br />
<pre>$ conjure-up canonical-kubernetes
</pre>
<br />
I hope to meet some of you at <a href="https://tmt.knect365.com/container-world/">ContainerWorld</a> in Santa Clara next week. Marco Ceppi and I are running a <a href="https://tmt.knect365.com/container-world/agenda/1?format=Workshop&topic=Kubernetes#getting-started-with-containers-and-kubernetes">Kubernetes installfest workshop</a> on Tuesday, February 21, 2017, from 3pm - 4:30pm. I can guarantee that every single person who attends will succeed in deploying their own Kubernetes cluster to a public cloud (AWS, Azure, or Google), or to their Ubuntu laptop or VM.<br />
<br />
Also, I'm giving a talk entitled, <a href="https://tmt.knect365.com/container-world/agenda/2#use-the-right-container-technology-for-the-job">"Using the Right Container Technology for the Job"</a>, on Wednesday, February 22, 2017 from 1:30pm - 2:10pm.<br />
<br />
Finally, I invite you to check out this <a href="http://devopschat.net/2017/02/12/containers-kubernetes/">30-minute podcast</a> with David Daly, from <a href="http://devopschat.net/">DevOpsChat</a>, where we talked quite a bit about Containers and Kubernetes and the experience we're working on in Ubuntu...<br />
<br />
<center>
<iframe allowfullscreen="" frameborder="0" height="315" src="https://www.youtube.com/embed/lMSEbQKXGb0" width="560"></iframe>
</center>
<br />
Cheers,<br />
:-DustinDustin Kirklandhttp://www.blogger.com/profile/12464590128908584782noreply@blogger.com0tag:blogger.com,1999:blog-3822757291061444396.post-86903460583674664012016-12-12T07:42:00.000-06:002016-12-12T07:42:03.938-06:00Ubiquiti Networks UniFi Controller in an Ubuntu LXD Machine Container<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEg6q_oy4RPCFqQ_YiM13mVl-C8HrpTmMIZufc-0jfnx2QsZMiBDKhJ_ZuXap17RM5JFhHtqJLECGYUlCJ1UBslRMareUwg4HNXC6wkF3NZ6UVDWeJpYswD9198bkKOkDnMqfLPXKGekbxA/s1600/Screenshot+from+2016-12-10+09-32-58.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" height="212" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEg6q_oy4RPCFqQ_YiM13mVl-C8HrpTmMIZufc-0jfnx2QsZMiBDKhJ_ZuXap17RM5JFhHtqJLECGYUlCJ1UBslRMareUwg4HNXC6wkF3NZ6UVDWeJpYswD9198bkKOkDnMqfLPXKGekbxA/s400/Screenshot+from+2016-12-10+09-32-58.png" width="400" /></a></div>
<br />
<br />
I've been one of DD-WRT's biggest fans, for more than 10 years. I've always flashed my router with custom firmware, fine-tuned my wired and wireless networks, and locked down a VPN back home. I've genuinely always loved tinkering with network gear.<br />
<br />
A couple of weeks ago, I decided to re-deploy my home network. I've been hearing about Ubiquiti Networks from my colleagues at Canonical, where we use Ubiquiti gear for our many and varied company events. Moreover, it seems a number of us have taken to running the same kits in our home offices.<br />
<br />
So I ordered a <a href="https://www.amazon.com/gp/product/B00LV8YZLK">Ubiquiti UniFi Security Gateway (USG)</a> and a pair of <a href="https://www.amazon.com/gp/product/B015PRO512">Dual Radio PRO Wireless Access Points</a>, and I couldn't be more pleased with the end result! Screaming fast wireless access, beautiful command line and web interfaces, and a fantastic product.<br />
<br />
There's something quite unique about the UniFi Controller -- the server that "controls" your router, gateway, and access points. Rather than being built into the USG itself, you run the server somewhere else.<br />
<br />
Sure you can buy <a href="https://www.amazon.com/Ubiquiti-Unifi-Cloud-Key-Control/dp/B017T2QB22">their hardware appliance</a> (which I'm sure is nice). But you can just as easily run it on an Ubuntu machine yourself. That machine could be a physical machine on your network, a virtual machine locally or in the cloud, or it could be an LXD machine container.<br />
<br />
I opted for the latter. I'm happily running the UniFi Controller in a <a href="http://linuxcontainers.org/">LXD</a> machine container, and it's easy for you to setup, too.<br />
<br />
I'm running Ubuntu 16.04 LTS 64-bit on an Intel NUC somewhere in my house. It happens to be running Ubuntu Desktop, as it's attached to one of the TVs in my house, as a media playing device. In it's spare time, it's a server I use for LXD, Docker, and other development purposes.<br />
<br />
I've configured the network on the machine to "bridge" LXD to my USG router, which happens to be running DHCP and DNS. I'm going to move that to a MAAS server, but that's a post for another day.<br />
<br />
Here's /etc/network/interfaces on that machine:<br />
<br />
<pre>kirkland@masterbr:~⟫ cat /etc/network/interfaces
# interfaces(5) file used by ifup(8) and ifdown(8)
auto lo
iface lo inet loopback
auto eth0
iface eth0 inet manual
auto br0
iface br0 inet dhcp
bridge_ports eth0
bridge_stp off
bridge_fd 0
bridge_maxwait 0
</pre>
<br />
So eth0 is bridged, to br0. ifconfig looks like this:<br />
<br />
<pre>kirkland@masterbr:~⟫ ifconfig eth0
eth0 Link encap:Ethernet HWaddr ec:a8:6b:fb:a1:f2
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:1111309 errors:0 dropped:8294 overruns:0 frame:0
TX packets:539270 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:850773437 (850.7 MB) TX bytes:85706158 (85.7 MB)
Interrupt:20 Memory:f7c00000-f7c20000
kirkland@masterbr:~⟫ ifconfig br0
br0 Link encap:Ethernet HWaddr ec:a8:6b:fb:a1:f2
inet addr:10.0.0.8 Bcast:10.0.0.255 Mask:255.255.255.0
inet6 addr: fe80::eea8:6bff:fefb:a1f2/64 Scope:Link
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:435576 errors:0 dropped:0 overruns:0 frame:0
TX packets:182097 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:325950072 (325.9 MB) TX bytes:35439980 (35.4 MB)
</pre>
And I've <a href="https://insights.ubuntu.com/2015/11/10/converting-eth0-to-br0-and-getting-all-your-lxc-or-lxd-onto-your-lan/">configured LXD to have its default profile instances draw their IP address from br0</a>, rather than from the default, internally NAT'd dnsmasq lxdbr0.<br />
<br />
<pre>kirkland@masterbr:/etc⟫ lxc profile show default
name: default
config: {}
description: Default LXD profile
devices:
eth0:
name: eth0
nictype: bridged
parent: br0
type: nic
</pre>
<br />
Now, let's launch a LXD container running Ubuntu 16.04 LTS.<br />
<br />
<pre>kirkland@masterbr:~⟫ lxc launch ubuntu:xenial unifi-controller
Creating unifi-controller
Starting unifi-controller
kirkland@masterbr:~⟫ lxc list
+------------------+---------+-------------------+------+------------+-----------+
| NAME | STATE | IPV4 | IPV6 | TYPE | SNAPSHOTS |
+------------------+---------+-------------------+------+------------+-----------+
| unifi-controller | RUNNING | 10.0.0.183 (eth0) | | PERSISTENT | 0 |
+------------------+---------+-------------------+------+------------+-----------+
</pre>
<br />
It's important to notice that this container drew an IP address on my 10.0.0.0/24 LAN. It will need this, to detect, federate, and manage the Ubiquiti hardware.<br />
<br />
Now, let's exec into it, and import our SSH keys, so that we can SSH into it later.<br />
<br />
<pre>kirkland@masterbr:~⟫ lxc exec unifi-controller bash
root@unifi-controller:~# ssh-import-id kirkland
2016-12-09 21:56:36,558 INFO Authorized key ['4096', 'd3:dd:e4:72:25:18:f3:ea:93:10:1a:5b:9f:bc:ef:5e', 'kirkland@x220', '(RSA)']
2016-12-09 21:56:36,568 INFO Authorized key ['2048', '69:57:f9:b6:11:73:48:ae:11:10:b5:18:26:7c:15:9d', 'kirkland@mac', '(RSA)']
2016-12-09 21:56:36,569 INFO [2] SSH keys [Authorized]
root@unifi-controller:~# exit
exit
kirkland@masterbr:~⟫ ssh root@10.0.0.183
The authenticity of host '10.0.0.183 (10.0.0.183)' can't be established.
ECDSA key fingerprint is SHA256:we0zAxifd0dcnAE2tVE53NFbQCop61f+MmHGsyGj0Xg.
Are you sure you want to continue connecting (yes/no)? yes
Warning: Permanently added '10.0.0.183' (ECDSA) to the list of known hosts.
root@unifi-controller:~#</pre>
<br />
Now, let's add the Unifi repository and install the deb and all its dependencies. It's a big pile of Java and MongoDB, which I'm happy to keep nicely "contained" in this LXD instance!<br />
<br />
<pre>root@unifi-controller:~# echo deb http://www.ubnt.com/downloads/unifi/debian stable ubiquiti
deb http://www.ubnt.com/downloads/unifi/debian stable ubiquiti
root@unifi-controller:~# echo "deb http://www.ubnt.com/downloads/unifi/debian stable ubiquiti" | sudo tee -a /etc/apt/sources.list
deb http://www.ubnt.com/downloads/unifi/debian stable ubiquiti
root@unifi-controller:~# apt-key adv --keyserver keyserver.ubuntu.com --recv C0A52C50
Executing: gpg --ignore-time-conflict --no-options --no-default-keyring --homedir /tmp/tmp.hhgdd0ssJQ --no-auto-check-trustdb --trust-model always --keyring /etc/apt/trusted.gpg --primary-keyring /etc/apt/trusted.gpg --keyserver keyserver.ubuntu.com --recv C0A52C50
gpg: requesting key C0A52C50 from hkp server keyserver.ubuntu.com
gpg: key C0A52C50: public key "UniFi Developers <unifi-dev ubnt.com="">" imported
gpg: Total number processed: 1
gpg: imported: 1 (RSA: 1)
root@unifi-controller:~# apt update >/dev/null 2>&1
root@unifi-controller:~# apt install unifi
Reading package lists... Done
Building dependency tree
Reading state information... Done
The following package was automatically installed and is no longer required:
os-prober
Use 'apt-get autoremove' to remove it.
The following extra packages will be installed:
binutils ca-certificates-java default-jre-headless fontconfig-config
fonts-dejavu-core java-common jsvc libasyncns0 libavahi-client3
libavahi-common-data libavahi-common3 libboost-filesystem1.54.0
libboost-program-options1.54.0 libboost-system1.54.0 libboost-thread1.54.0
libcommons-daemon-java libcups2 libflac8 libfontconfig1 libgoogle-perftools4
libjpeg-turbo8 libjpeg8 liblcms2-2 libnspr4 libnss3 libnss3-nssdb libogg0
libpcrecpp0 libpcsclite1 libpulse0 libsctp1 libsnappy1 libsndfile1
libtcmalloc-minimal4 libunwind8 libv8-3.14.5 libvorbis0a libvorbisenc2
lksctp-tools mongodb-clients mongodb-server openjdk-7-jre-headless tzdata
tzdata-java
Suggested packages:
binutils-doc default-jre equivs java-virtual-machine cups-common
liblcms2-utils pcscd pulseaudio icedtea-7-jre-jamvm libnss-mdns
sun-java6-fonts fonts-dejavu-extra fonts-ipafont-gothic fonts-ipafont-mincho
ttf-wqy-microhei ttf-wqy-zenhei ttf-indic-fonts-core ttf-telugu-fonts
ttf-oriya-fonts ttf-kannada-fonts ttf-bengali-fonts
The following NEW packages will be installed:
binutils ca-certificates-java default-jre-headless fontconfig-config
fonts-dejavu-core java-common jsvc libasyncns0 libavahi-client3
libavahi-common-data libavahi-common3 libboost-filesystem1.54.0
libboost-program-options1.54.0 libboost-system1.54.0 libboost-thread1.54.0
libcommons-daemon-java libcups2 libflac8 libfontconfig1 libgoogle-perftools4
libjpeg-turbo8 libjpeg8 liblcms2-2 libnspr4 libnss3 libnss3-nssdb libogg0
libpcrecpp0 libpcsclite1 libpulse0 libsctp1 libsnappy1 libsndfile1
libtcmalloc-minimal4 libunwind8 libv8-3.14.5 libvorbis0a libvorbisenc2
lksctp-tools mongodb-clients mongodb-server openjdk-7-jre-headless
tzdata-java unifi
The following packages will be upgraded:
tzdata
1 upgraded, 44 newly installed, 0 to remove and 10 not upgraded.
Need to get 133 MB of archives.
After this operation, 287 MB of additional disk space will be used.
Do you want to continue? [Y/n] y
...
done.
</unifi-dev></pre>
<br />
Finally, we point a web browser at this server, http://10.0.0.183:8443/ in my case, and run through the UniFi setup there.<br />
<br />
Enjoy!<br />
<br />
:-DustinDustin Kirklandhttp://www.blogger.com/profile/12464590128908584782noreply@blogger.com0tag:blogger.com,1999:blog-3822757291061444396.post-66651860091412933002016-12-08T07:28:00.000-06:002016-12-08T07:28:05.888-06:00Ubuntu 16.04 LTS Security: A Comprehensive Overview<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgqKm77xBIe0BTeUHpIrWsn-o2phxgkFtqitLJ7tloQ-kwBt3yjbipZ71BaC1ZgVcdCEyQzXoBvuZXwJsCzriQyZrf3ZwwQ_5DRNE8WPGb1PdFaJxtlJPYvDwYADeZRNOyznGw1IZEdxpY/s1600/Screenshot+from+2016-12-07+08-25-15.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" height="178" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgqKm77xBIe0BTeUHpIrWsn-o2phxgkFtqitLJ7tloQ-kwBt3yjbipZ71BaC1ZgVcdCEyQzXoBvuZXwJsCzriQyZrf3ZwwQ_5DRNE8WPGb1PdFaJxtlJPYvDwYADeZRNOyznGw1IZEdxpY/s320/Screenshot+from+2016-12-07+08-25-15.png" width="320" /></a></div>
<br />
From Linux kernel livepatches to encryption to ASLR to compiler optimizations and configuration hardening, we strive to ensure that Ubuntu 16.04 LTS is the most secure Linux distribution out of the box.<br />
<br />
These <a href="http://www.slideshare.net/dustinkirkland/ubuntu-1604-lts-security-features">slides</a> try to briefly explain:<br />
<br />
<ul>
<li>what we do to secure Ubuntu</li>
<li>how the underlying technology works</li>
<li>when the features took effect in Ubuntu</li>
</ul>
<br />
I hope you find <a href="http://www.slideshare.net/dustinkirkland/ubuntu-1604-lts-security-features">this slide deck</a> informative and useful! The information herein is largely collected from <a href="https://wiki.ubuntu.com/Security/Features">the Ubuntu Security Features wiki page</a>, where you can always find up to date information.<br />
<br />
<center>
<iframe allowfullscreen="" frameborder="0" height="420" marginheight="0" marginwidth="0" scrolling="no" src="//www.slideshare.net/slideshow/embed_code/key/rmxsqqUqUFPCkZ" style="border-width: 1px; border: 1px solid #ccc; margin-bottom: 5px; max-width: 100%;" width="510"> </iframe> <div style="margin-bottom: 5px;">
<strong> <a href="https://www.slideshare.net/dustinkirkland/ubuntu-1604-lts-security-features" target="_blank" title="Ubuntu 16.04 LTS Security Features">Ubuntu 16.04 LTS Security Features</a> </strong> from <strong><a href="https://www.slideshare.net/dustinkirkland" target="_blank">Dustin Kirkland</a></strong> </div>
</center>
<br />
<br />
Cheers,<br />
DustinDustin Kirklandhttp://www.blogger.com/profile/12464590128908584782noreply@blogger.com0San Francisco, CA, USA37.7749295 -122.4194155000000136.9717915 -123.71030900000001 38.578067499999996 -121.12852200000002tag:blogger.com,1999:blog-3822757291061444396.post-13592838610686683542016-10-29T03:33:00.001-05:002016-10-29T03:46:49.482-05:00Dirty COW was Livepatched in Ubuntu within Hours of PublicationIf you haven't heard about last week's <i><a href="https://dirtycow.ninja/">Dirty COW</a></i> vulnerability, I hope all of your Linux systems are automatically patching themselves...<br />
<div>
<br /></div>
<div>
Why? <i>Because every single Linux-based phone, router, modem, tablet, desktop, PC, server, virtual machine, and absolutely everything in between -- including all versions of Ubuntu since 2007 -- was vulnerable to this face-palming critical security vulnerability.</i></div>
<div>
<br /></div>
<div>
Any non-root local user of a vulnerable system can easily <a href="https://github.com/dirtycow/dirtycow.github.io/wiki/PoCs">exploit the vulnerability and become</a> the root user in a matter of a few seconds. Watch...</div>
<div>
<br /></div>
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhymnMvZQIGzGPjVaQBjZB7QQLrLPZX8MRcadjLZuupeJYrZf2mDbfak5xSH-z-AFfNPfT665VMroEdu8yKV0_bpz9rIjwBc02aW6hKl9RBkVv0yBzWz7LyAvwyPI9Lh7oGQkHrrVO_140/s1600/Screenshot+from+2016-10-29+11-13-46.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" height="185" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhymnMvZQIGzGPjVaQBjZB7QQLrLPZX8MRcadjLZuupeJYrZf2mDbfak5xSH-z-AFfNPfT665VMroEdu8yKV0_bpz9rIjwBc02aW6hKl9RBkVv0yBzWz7LyAvwyPI9Lh7oGQkHrrVO_140/s400/Screenshot+from+2016-10-29+11-13-46.png" width="400" /></a></div>
<div>
<br /></div>
<div>
Coincidentally, just before the vulnerability was published, we <a href="http://blog.dustinkirkland.com/2016/10/canonical-livepatch.html">released</a> the Canonical Livepatch Service for Ubuntu 16.04 LTS. The thousands of users who enabled <i>canonical-livepatch</i> on their Ubuntu 16.04 LTS systems with those first few hours received and applied the fix to Dirty COW, automatically, in the background, and <i>without rebooting</i>!</div>
<div>
<br /></div>
<div>
If you haven't already enabled the Canonical Livepatch Service on your Ubuntu 16.04 LTS systems, you should really consider doing so, with 3 easy steps:</div>
<ol>
<li>Go to <a href="https://ubuntu.com/livepatch">https://ubuntu.com/livepatch</a> and retrieve your livepatch token</li>
<li>Install the canonical-livepatch snap <br /><span style="font-family: "courier new" , "courier" , monospace;">$ sudo snap install canonical-livepatch</span> </li>
<li>Enable the service with your token <br /><span style="font-family: "courier new" , "courier" , monospace;">$ sudo canonical-livepatch enable [TOKEN]</span></li>
</ol>
And you’re done! You can check the status at any time using:<br />
<br />
<div>
<span style="font-family: "courier new" , "courier" , monospace;">$ canonical-livepatch status --verbose</span><br />
<div>
<br /></div>
<div>
Let's retry that same vulnerability, on the same system, but this time, having been livepatched...</div>
<div>
<br /></div>
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhWb46QUVyKXSKJoPBxmaqhn-Ng3wpKyUjEHNbJUMEC6cPd9kPFGiszSoUHU0VB5GqWlURT1x6NOF-f7I8295nKvBlfMJQVJHIhvEK_lm-KPDrUC1eo-ClrRC1Xe3Eo7ahfRgIr_F-oi9s/s1600/Screenshot+from+2016-10-29+11-29-19.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" height="187" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhWb46QUVyKXSKJoPBxmaqhn-Ng3wpKyUjEHNbJUMEC6cPd9kPFGiszSoUHU0VB5GqWlURT1x6NOF-f7I8295nKvBlfMJQVJHIhvEK_lm-KPDrUC1eo-ClrRC1Xe3Eo7ahfRgIr_F-oi9s/s400/Screenshot+from+2016-10-29+11-29-19.png" width="400" /></a></div>
<div>
<br /></div>
<div>
Aha! Thwarted!</div>
<div>
<br /></div>
<div>
So that's the Ubuntu 16.04 LTS kernel space... What about userspace? Most of the other recent, branded vulnerabilities (<a href="http://heartbleed.com/">Heartbleed</a>, <a href="https://en.wikipedia.org/wiki/Shellshock_(software_bug)">ShellShock</a>, <a href="https://en.wikipedia.org/wiki/CRIME">CRIME</a>, <a href="http://www.webopedia.com/TERM/S/ssl_beast.html">BEAST</a>) have been critical vulnerabilities in userspace packages.</div>
<div>
<br /></div>
<div>
As of Ubuntu 16.04 LTS, the <i>unattended-upgrades</i> package is now part of the default package set, so you should already have it installed on your Ubuntu desktops and servers. If you don't already have it installed, you can install it with:</div>
<div>
<br /></div>
<div>
<span style="font-family: "courier new" , "courier" , monospace;">$ sudo apt install unattended-upgrades</span></div>
<div>
<br /></div>
<div>
And moreover, as of Ubuntu 16.04 LTS, the <i>unattended-upgrades</i> package automatically downloads and installs important security updates once per day, automatically patching critical security vulnerabilities and keeping your Ubuntu systems safe by default. Older versions of Ubuntu (or Ubuntu systems that upgraded to 16.04) might need to enable this behavior using:</div>
<div>
<br /></div>
<div>
<span style="font-family: "courier new" , "courier" , monospace;">$ sudo dpkg-reconfigure unattended-upgrades</span></div>
<div>
<br /></div>
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEg6L7rPB9-EQEm3nGOj8QstaKn3KUgWkdRqljo2JYJD7u5ng8thF0bGGBqj7r6LdqqjouWy4qK1cvbYNf2TU_gOUPWlQFef5N3FnMzHJafsAi-bINy7pKOvQHMpJm9T8PqxVj1wwUY_Zjw/s1600/Screenshot+from+2016-10-29+11-17-08.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" height="186" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEg6L7rPB9-EQEm3nGOj8QstaKn3KUgWkdRqljo2JYJD7u5ng8thF0bGGBqj7r6LdqqjouWy4qK1cvbYNf2TU_gOUPWlQFef5N3FnMzHJafsAi-bINy7pKOvQHMpJm9T8PqxVj1wwUY_Zjw/s400/Screenshot+from+2016-10-29+11-17-08.png" width="400" /></a></div>
<div>
<br /></div>
<div>
With that combination enabled -- (1) automatic livepatches to your kernel, plus (2) automatic application of security package updates -- <i>Ubuntu 16.04 LTS is the most secure Linux distribution to date</i>. Period.</div>
<div>
<br /></div>
<div>
Mooooo,</div>
<div>
:-Dustin</div>
</div>
Dustin Kirklandhttp://www.blogger.com/profile/12464590128908584782noreply@blogger.com0Bucharest, Romania44.4267674 26.10253839999995844.0639659 25.457091399999957 44.789568900000006 26.747985399999958tag:blogger.com,1999:blog-3822757291061444396.post-40305696280719328352016-10-18T10:00:00.000-05:002017-02-23T17:46:43.983-06:00Hotfix Your Ubuntu Kernels with the Canonical Livepatch Service!<table align="center" cellpadding="0" cellspacing="0" class="tr-caption-container" style="margin-left: auto; margin-right: auto; text-align: center;"><tbody>
<tr><td style="text-align: center;"><a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEh4yrxByanTQSgdoJrFO3ASW6cj7gtqAwj-qzutGhaa2KhshM80I8hCYRGXxat-ldRLipmmRGN-k9grb4ZlYaA9bdGTO70v3DcbnTrBffn1xFCT-6nL-8ldd2O7bfNoUi8W6QRCuPQhH9I/s1600/Screenshot+from+2016-10-18+07-38-12.png" imageanchor="1" style="margin-left: auto; margin-right: auto;"><img border="0" height="223" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEh4yrxByanTQSgdoJrFO3ASW6cj7gtqAwj-qzutGhaa2KhshM80I8hCYRGXxat-ldRLipmmRGN-k9grb4ZlYaA9bdGTO70v3DcbnTrBffn1xFCT-6nL-8ldd2O7bfNoUi8W6QRCuPQhH9I/s400/Screenshot+from+2016-10-18+07-38-12.png" width="400" /></a></td></tr>
<tr><td class="tr-caption" style="text-align: center;"><i>Introducting the <a href="http://www.ubuntu.com/server/livepatch/">Canonical Livepatch Service</a></i></td></tr>
</tbody></table>
Howdy!<br />
<br />
Ubuntu 16.04 LTS’s 4.4 Linux kernel includes an important new security capability in Ubuntu -- the ability to modify the running Linux kernel code, without rebooting, through a mechanism called <i>kernel livepatch</i>.<br />
<br />
Today, Canonical has <a href="https://lists.ubuntu.com/archives/ubuntu-announce/2016-October/thread.html">publicly launched</a> the <i><a href="http://www.ubuntu.com/server/livepatch">Canonical Livepatch Service</a></i> -- an authenticated, encrypted, signed stream of Linux livepatches that apply to the 64-bit Intel/AMD architecture of the Ubuntu 16.04 LTS (Xenial) Linux 4.4 kernel, addressing the highest and most critical security vulnerabilities, without requiring a reboot in order to take effect. This is particularly amazing for Container hosts -- Docker, LXD, etc. -- as all of the containers share the same kernel, and thus all instances benefit.<br />
<br />
<br />
<center>
<iframe allowfullscreen="" frameborder="0" height="315" src="https://www.youtube.com/embed/9hvqFfwE4u0" width="560"></iframe></center>
<br />
I’ve tried to answer below some questions that you might have. As you have others, you’re welcome<br />
to add them to the comments below or on Twitter with hastag <a href="https://twitter.com/search?q=%23Livepatch&src=typd">#Livepatch</a>.<br />
<br class="Apple-interchange-newline" />
<table align="center" cellpadding="0" cellspacing="0" class="tr-caption-container" style="margin-left: auto; margin-right: auto; text-align: center;"><tbody>
<tr><td><a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjJwqwQqmLq2say4nBoqwP6wgfaFkAHW4FHiKqJmISKZRkVQTyiWMIgO5ilauZPR5tlbpstPYayka3rgz22B-4oA1GT_k3zNE964JH8BSWtMqTSaFS-zjeMLLpSbhwmlc0mPkNdNP5n_xo/s1600/Screenshot+from+2016-10-18+07-17-43.png" imageanchor="1" style="margin-left: auto; margin-right: auto;"><img border="0" height="221" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjJwqwQqmLq2say4nBoqwP6wgfaFkAHW4FHiKqJmISKZRkVQTyiWMIgO5ilauZPR5tlbpstPYayka3rgz22B-4oA1GT_k3zNE964JH8BSWtMqTSaFS-zjeMLLpSbhwmlc0mPkNdNP5n_xo/s400/Screenshot+from+2016-10-18+07-17-43.png" width="400" /></a></td></tr>
<tr><td class="tr-caption" style="font-size: 12.8px;">Retrieve your token from <a href="http://ubuntu.com/livepatch">ubuntu.com/livepatch</a></td></tr>
</tbody></table>
<div>
<h3>
Q: How do I enable the Canonical Livepatch Service?</h3>
A: Three easy steps, on a fully up-to-date 64-bit Ubuntu 16.04 LTS system.<br />
<ol>
<li>Go to <a href="https://ubuntu.com/livepatch">https://ubuntu.com/livepatch</a> and retrieve your livepatch token<br /><ol></ol>
</li>
<li>Install the canonical-livepatch snap <br /><span style="font-family: "courier new" , "courier" , monospace;">$ sudo snap install canonical-livepatch </span></li>
<li>Enable the service with your token <br /><span style="font-family: "courier new" , "courier" , monospace;">$ sudo canonical-livepatch enable [TOKEN] </span></li>
</ol>
And you’re done! You can check the status at any time using:<br />
<br />
<span style="font-family: "courier new" , "courier" , monospace;">$ canonical-livepatch status --verbose</span><br />
<div style="font-size: medium; font-weight: normal;">
<div>
<ul>
</ul>
</div>
</div>
<div style="font-size: medium; font-weight: normal;">
</div>
<h3>
Q: What are the system requirements?</h3>
A: The <i><a href="http://www.ubuntu.com/server/livepatch/">Canonical Livepatch Service</a></i> is available for the generic and low latency <a href="https://wiki.ubuntu.com/Kernel/Dev/Flavours">flavors</a> of the 64-bit Intel/AMD (aka, x86_64, amd64) builds of the Ubuntu 16.04 LTS (Xenial) kernel, which is a Linux 4.4 kernel. Canonical livepatches work on Ubuntu 16.04 LTS Servers and Desktops, on physical machines, virtual machines, and in the cloud. The safety, security, and stability firmly depends on <i><b>unmodified</b></i> Ubuntu kernels and network access to the <i><a href="http://www.ubuntu.com/server/livepatch/">Canonical Livepatch Service</a></i> (<a href="https://livepatch.canonical.com/">https://livepatch.canonical.com:443</a>). You also will need to apt update/upgrade to the latest version of <i><a href="http://pad.lv/u/snapd">snapd</a></i> (at least 2.15).</div>
<div>
<h3>
Q: What about other architectures?</h3>
A: The upstream Linux livepatch functionality is currently limited to the 64-bit x86 architecture, at this time. IBM is working on support for <a href="https://patchwork.kernel.org/patch/8651281/">POWER8</a> and <a href="https://lwn.net/Articles/681038/">s390x</a> (LinuxOne mainframe), and there’s also active upstream development on <a href="https://lkml.org/lkml/2016/6/27/432">ARM64</a>, so we do plan to support these eventually. The livepatch plumbing for 32-bit ARM and 32-bit x86 are not under upstream development at this time.</div>
<h3>
Q: What about other flavors?</h3>
<div>
A: We are providing the <i><a href="http://www.ubuntu.com/server/livepatch/">Canonical Livepatch Service</a></i> for the generic and low latency (telco) flavors of the the Linux kernel at this time.</div>
<div>
<h3>
Q: What about other releases of Ubuntu?</h3>
A: The <i><a href="http://www.ubuntu.com/server/livepatch/">Canonical Livepatch Service</a></i> is provided for Ubuntu 16.04 LTS’s Linux 4.4 kernel. Older releases of Ubuntu will not work, because they’re missing the Linux kernel support. Interim releases of Ubuntu (e.g. Ubuntu 16.10) are targeted at developers and early adopters, rather than Long Term Support users or systems that require maximum uptime. We will consider providing livepatches for the <a href="https://wiki.ubuntu.com/Kernel/LTSEnablementStack">HWE</a> kernels in 2017.</div>
<div>
<h3>
Q: What about derivatives of Ubuntu?</h3>
A: Canonical livepatches are fully supported on the 64-bit Ubuntu 16.04 LTS Desktop, Cloud, and Server operating systems. <i>On other Ubuntu derivatives, your mileage may vary!</i> These are not part of our automated continuous integration quality assurance testing framework for Canonical Livepatches. Canonical Livepatch safety, security, and stability will firmly depend on unmodified Ubuntu generic kernels and network access to the <i><a href="http://www.ubuntu.com/server/livepatch/">Canonical Livepatch Service</a></i>.</div>
<div>
<h3>
Q: How does Canonical test livepatches?<br /><span style="font-size: small;"><br /></span></h3>
<span style="font-weight: normal;"><span style="font-size: small;">A: Every livepatch is rigorously tested in Canonical's in-house CI/CD (Continuous Integration / Continuous Delivery) quality assurance system, which tests hundreds of combinations of livepatches, kernels, hardware, physical machines, and virtual machines. Once a livepatch passes CI/CD and regression tests, it's rolled out on a <i>canary testing</i> basis, first to a tiny percentage of the Ubuntu Community users of the <i><a href="http://www.ubuntu.com/server/livepatch/">Canonical Livepatch Service</a></i>. Based on the success of that microscopic rollout, a moderate rollout follows. And assuming those also succeed, the livepatch is delivered to all free Ubuntu Community and paid Ubuntu Advantage users of the service. Systemic failures are automatically detected and raised for inspection by Canonical engineers. Ubuntu Community users of the <i><a href="http://www.ubuntu.com/server/livepatch/">Canonical Livepatch Service</a></i> who want to eliminate the small chance of being randomly chosen as a canary should enroll in the Ubuntu Advantage program (starting at $12/month).</span></span>
<br />
<h3>
Q: What kinds of updates will be provided by the <i>Canonical Livepatch Service</i>?</h3>
A: The <i><a href="http://www.ubuntu.com/server/livepatch/">Canonical Livepatch Service</a></i> is intended to address high and critical severity Linux kernel security vulnerabilities, as identified by Ubuntu Security Notices and the <a href="https://cve.mitre.org/">CVE</a> database. Note that there are some limitations to the kernel livepatch technology -- some Linux kernel code paths cannot be safely patched while running. We will do our best to supply Canonical Livepatches for high and critical vulnerabilities in a timely fashion whenever possible. There may be occasions when the traditional kernel upgrade and reboot might still be necessary. We’ll communicate that clearly through the usual mechanisms -- USNs, Landscape, Desktop Notifications, Byobu, /etc/motd, etc.</div>
<div>
<h3>
Q: What about non-security bug fixes, stability, performance, or hardware enablement updates?</h3>
A: Canonical will continue to provide Linux kernel updates addressing bugs, stability issues, performance problems, and hardware compatibility on our usual cadence -- about every 3 weeks. These updates can be easily applied using ‘<span style="font-family: "courier new" , "courier" , monospace;">sudo apt update; sudo apt upgrade -y</span>’, using the Desktop “Software Updates” application, or <a href="http://landscape.canonical.com/">Landscape</a> systems management. These standard (non-security) updates will still require a reboot, as they always have.</div>
<div>
<h3>
Q: Can I rollback a Canonical Livepatch?</h3>
A: Currently rolling-back/removing an already inserted livepatch module is disabled in Linux 4.4. This is because we need a way to determine if we are currently executing inside a patched function before safely removing it. We can, however, safely apply new livepatches on top of each other and even repatch functions over and over.</div>
<div>
<h3>
Q: What about low and medium severity CVEs?</h3>
A: We’re currently focusing our Canonical Livepatch development and testing resources on high and critical security vulnerabilities, as determined by the <a href="https://wiki.ubuntu.com/SecurityTeam">Ubuntu Security Team</a>. We'll livepatch other CVEs opportunistically.<br />
<h3>
Q: Why are Canonical Livepatches provided as a subscription service?</h3>
</div>
<div>
A: The <i>Canonical Livepatch Service</i> provides a secure, encrypted, authenticated connection, to ensure that only properly signed livepatch kernel modules -- and most importantly, the right modules -- are delivered directly to your system, with extremely high quality testing wrapped around it.</div>
<div>
<h3>
Q: But I don’t want to buy UA support!</h3>
A: You don’t have to! Canonical is providing the <i><a href="http://www.ubuntu.com/server/livepatch/">Canonical Livepatch Service</a></i> to community users of Ubuntu, at no charge for up to 3 machines (desktop, server, virtual machines, or cloud instances). A randomly chosen subset of the free users of Canonical Livepatches will receive their Canonical Livepatches slightly earlier than the rest of the free users or UA users, as a lightweight canary testing mechanism, benefiting all Canonical Livepatch users (free and UA). Once those canary livepatches apply safely, all Canonical Livepatch users will receive their live updates.<br />
<h3>
Q: But I don’t have an Ubuntu SSO account!</h3>
A: An Ubuntu SSO account is free, and provides services similar to Google, Microsoft, and Apple for Android/Windows/Mac devices, respectively. You can create your Ubuntu SSO account <a href="https://login.ubuntu.com/">here</a>.<br />
<h3>
Q: But I don’t want login to ubuntu.com!</h3>
A: You don’t have to! Canonical Livepatch is absolutely not required maintain the security of any Ubuntu desktop or server! You may continue to freely and anonymously ‘<span style="font-family: "courier new" , "courier" , monospace;">sudo apt update; sudo apt upgrade; sudo reboot</span>’ as often as you like, and receive all of the same updates, and simply reboot after kernel updates, as you always have with Ubuntu.<br />
<h3>
Q: But I don't have Internet access to livepatch.canonical.com:443!</h3>
A: You should think of the <i><a href="http://www.ubuntu.com/server/livepatch/">Canonical Livepatch Service</a></i> much like you think of Netflix, Pandora, or Dropbox. It's an Internet streaming service for security hotfixes for your kernel. You have access to the stream of bits when you can connect to the service over the Internet. On the flip side, your machines are already thoroughly secured, since they're so heavily firewalled off from the rest of the world!<br />
<h3>
Q: Where’s the source code?</h3>
A: The source code of livepatch modules can be found <a href="https://git.launchpad.net/~ubuntu-livepatch/+git/xenial-livepatches/">here</a>. The source code of the <i>canonical-livepatch</i> client is part of Canonical's Landscape system management product and is commercial software.<br />
<h3>
Q: What about Ubuntu Core?</h3>
A: Canonical Livepatches for Ubuntu Core are on the roadmap, and may be available in late 2016, for 64-bit Intel/AMD architectures. Canonical Livepatches for ARM-based IoT devices depend on upstream support for livepatches.<br />
<h3>
Q: How does this compare to Oracle Ksplice, RHEL Live Patching and SUSE Live Patching?</h3>
A: While the <a href="https://en.wikipedia.org/wiki/Kpatch">concepts</a> are largely the same, the technical implementations and the commercial terms are very different:<br />
<br />
<ul>
<li>Oracle Ksplice uses it’s own technology which is not in upstream Linux.</li>
<li>RHEL and SUSE currently use their own homegrown kpatch/kgraft implementations, respectively.</li>
<li>Canonical Livepatching uses the upstream Linux <a href="https://lwn.net/Articles/619390/">Kernel Live Patching</a> technology.</li>
<li>Ksplice is free, but unsupported, for Ubuntu Desktops, and only available for Oracle Linux and RHEL servers with an Oracle Linux Premier Support license (<a href="https://shop.oracle.com/pls/ostore/f?p=dstore:2:0::NO:RIR,RP,2:PROD_HIER_ID:4510272175861805728468">$2299/node/year</a>).</li>
<li>It’s a little unclear how to subscribe to RHEL Kernel Live Patching, but it appears that you need to first be a RHEL customer, and then enroll in the SIG (Special Interests Group) through your TAM (Technical Account Manager), which requires Red Hat Enterprise Linux Server Premium Subscription at <a href="https://www.redhat.com/wapps/store/catalog.html">$1299/node/year</a>. <i>(I'm happy to be corrected and update this post)</i></li>
<li><a href="https://www.suse.com/products/live-patching/how-to-buy">SUSE Live Patching</a> is available as an add-on to SUSE Linux Enterprise Server 12 Priority Support subscription at <a href="https://www.suse.com/products/server/how-to-buy">$1,499/node/year</a>, but does come with <a href="https://www.youtube.com/watch?v=SYRlTISvjww">a free music video</a>.</li>
<li>Canonical Livepatching is available for every Ubuntu Advantage customer, starting at our entry level UA Essential for <a href="http://www.ubuntu.com/management/ubuntu-advantage">$150/node/year</a>, and available for free to community users of Ubuntu.</li>
</ul>
<br />
<h3>
Q: What happens if I run into problems/bugs with Canonical Livepatches?</h3>
A: Ubuntu Advantage customers will file a support request at <a href="http://support.canonical.com/">support.canonical.com</a> where it will be serviced according to their UA <a href="https://www.ubuntu.com/legal/ubuntu-advantage/service-description">service level agreement</a> (Essential, Standard, or Advanced). Ubuntu community users will <a href="https://bugs.launchpad.net/canonical-livepatch-client/+filebug">file a bug</a> report on Launchpad and we'll service it on a best effort basis.<br />
<h3>
Q: Why does canonical-livepatch client/server have a proprietary license?</h3>
A: The <i>canonical-livepatch</i> client is part of the Landscape family of tools available to Canonical support customers. We are enabling free access to the <i><a href="http://www.ubuntu.com/server/livepatch/">Canonical Livepatch Service</a></i> for Ubuntu community users as a mark of our appreciation for the broader Ubuntu community, and in exchange for occasional, automatic canary testing.<br />
<h3>
Q: How do I build my own livepatches?</h3>
A: It’s certainly possible for you to build your own Linux kernel live patches, but it requires considerable skill, time, computing power to produce, and even more effort to comprehensively test. Rest assured that this is the real value of using the <i><a href="http://www.ubuntu.com/server/livepatch/">Canonical Livepatch Service</a></i>! That said, Chris Arges has blogged a howto for the curious a while back:<br />
<br />
<a href="http://chrisarges.net/2015/09/21/livepatch-on-ubuntu.html">http://chrisarges.net/2015/09/21/livepatch-on-ubuntu.html</a><br />
<h3>
Q: How do I get notifications of which CVEs are livepatched and which are not?</h3>
A: You can, at any time, query the status of the canonical-livepatch daemon using: ‘<span style="font-family: "courier new" , "courier" , monospace;">canonical-livepatch status --verbose</span>’. This command will show any livepatches successfully applied, any outstanding/unapplied livepatches, and any error conditions. Moreover, you can monitor the <a href="http://www.ubuntu.com/usn/">Ubuntu Security Notices</a> <a href="http://www.ubuntu.com/usn/rss.xml">RSS</a> feed and the <a href="https://lists.ubuntu.com/mailman/listinfo/ubuntu-security-announce">ubuntu-security-announce</a> mailing list.<br />
<h3>
Q: Isn't livepatching just a big ole rootkit?</h3>
A: Canonical Livepatches inject kernel modules to replace sections of binary code in the running kernel. This requires the<span style="font-family: "courier new" , "courier" , monospace;"> CAP_SYS_MODULE</span> capability. This is required to modprobe any module into the Linux kernel. If you already have that capability (root does, by default, on Ubuntu), then you already have the ability to arbitrarily modify the kernel, with or without Canonical Livepatches. If you’re an Ubuntu sysadmin and you want to disable module loading (and thereby also disable Canonical Livepatches), simply ‘<span style="font-family: "courier new" , "courier" , monospace;">echo 1 | sudo tee /proc/sys/kernel/modules_disabled</span>’.</div>
<div>
<br />
Keep the uptime!</div>
<div>
:-Dustin</div>
Dustin Kirklandhttp://www.blogger.com/profile/12464590128908584782noreply@blogger.com0Portland, OR, USA45.5230622 -122.6764815999999945.167186199999996 -123.32192859999999 45.8789382 -122.03103459999998tag:blogger.com,1999:blog-3822757291061444396.post-53962714468579046742016-10-04T07:07:00.000-05:002016-10-04T07:07:07.844-05:00A Parody within a ParodyMy wife, Kimberly, and I watch <i><a href="https://en.wikipedia.org/wiki/Saturday_Night_Live">Saturday Night Live</a></i> religiously. As in, we probably haven't missed a single episode since we started dating more than 12 years ago. And in fact, we both watched our fair share of <i>SNL</i> before we had even met, going back to our teenage years.<br />
<br />
We were catching up on <i>SNL's</i> 42nd season premier late this past Sunday night, after putting the kids to bed, when I was excited to see a hilarious sketch/parody of <i><a href="https://en.wikipedia.org/wiki/Mr._Robot_(TV_series)">Mr. Robot</a></i>.<br />
<br />
If <i>SNL</i> is my oldest TV favorite, <i>Mr. Robot</i> is certainly my newest! Just wrapping its 2nd season, it's a <a href="https://en.wikipedia.org/wiki/Sam_Esmail">brilliantly written</a>, <a href="http://deadline.com/2016/09/emmys-2016-rmie-malek-wins-outstanding-actor-in-a-drama-series-mr-robot-1201821891/">flawlessly acted</a>, impeccably set techno drama series on <i>USA</i>. I'm completely smitten, and the story seems to be just getting started!<br />
<br />
Okay, so Kim and I are watching a hilarious sketch where <a href="http://www.imdb.com/name/nm0428656/?ref_=fn_al_nm_1">Leslie Jones</a> asks <i>Elliot</i> to track down the person who recently hacked her social media accounts. And, as always, I take note of what's going in the background on the computer screen. It's just something I do. I love to try and spot the app, the OS, the version, identify the Linux kernel oops, etc., of anything on any computer screen on TV.<br />
<br />
At about <a href="https://www.nbc.com/saturday-night-live/video/mr-robot/3108917">the 1:32 mark of the <i>SNL/Mr.Robot</i> skit</a>, there was something unmistakable on the left computer, just over actor <a href="http://www.imdb.com/name/nm0203457/?ref_=nv_sr_1">Pete Davidson</a>'s right shoulder. Merely a fraction of a second, and I recognized it instantly! A dark terminal, split into a dozen sections. A light grey boarder, with a thicker grey highlighting one split. The green drip of text from <i>The Matrix</i> in one of the splits. A flashing, bouncing yellow audio wave in another. An instant rearrangement of all of those windows each second.<br />
<br />
It was <i>Byobu</i> and <i>Hollywood</i>! I knew it. Kim didn't believe me at first, until I proved it ;-)<br />
<br />
A couple of years ago, after seeing a <i>007</i> film in the theater, I created a bit of silliness -- a joke of a program that could turn any Linux terminal into a <i>James Bond</i> caliber hacker screen. The result is a package called <i><a href="http://blog.dustinkirkland.com/2014/12/hollywood-technodrama.html">hollywood</a></i>, which any Ubuntu user can install and run by simply typing:<br />
<br />
<pre>$ sudo apt install hollywood
$ hollywood
</pre>
<br />
And a few months ago , <i>Hollywood</i> found its way into <a href="http://www.nbcnews.com/widget/video-embed/681663043970">an NBC News piece</a> that took itself perhaps a little too seriously, as it drummed up a bit of fear around "<i>Ransomware</i>".<br />
<br />
But, far more appropriately, I'm absolutely delighted to see another NBC program -- <i>Saturday Night Live</i> -- using <i>Hollywood</i> exactly as intended -- for <i><a href="https://en.wikipedia.org/wiki/Parody">parody</a>!</i><br />
<br />
Enjoy a few screenshots below...<br />
<br />
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhnav2pNP1ociad22g9Jd15a6kzWKsN9QBJOjxMQWAERp7HFxitfxyBtU0bl3KTqW0jVVrQ4KSb-wm5dU3M7l5bUvi3H7nNmqj3h0Zl_REEgnANNS-CHkpfFRDVYvr8QTIssoXWer7WkFQ/s1600/Screenshot+from+2016-10-03+23-25-06.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" height="225" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhnav2pNP1ociad22g9Jd15a6kzWKsN9QBJOjxMQWAERp7HFxitfxyBtU0bl3KTqW0jVVrQ4KSb-wm5dU3M7l5bUvi3H7nNmqj3h0Zl_REEgnANNS-CHkpfFRDVYvr8QTIssoXWer7WkFQ/s400/Screenshot+from+2016-10-03+23-25-06.png" width="400" /></a></div>
<br />
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiiz7ZcyPjUlX1bX2Qn2eCNqTdx47pHf4K3rrOGSKtdQNv00cdiRRD9L_ssrEhKn9u1wqN1KqcRY2XYWqB3xKac-kRYJJPebKiBYBX0waSMYhgsIHZIQ2d7XdtqPQaFgGa6tM6d0EE298Q/s1600/Screenshot+from+2016-10-03+23-25-15.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" height="225" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiiz7ZcyPjUlX1bX2Qn2eCNqTdx47pHf4K3rrOGSKtdQNv00cdiRRD9L_ssrEhKn9u1wqN1KqcRY2XYWqB3xKac-kRYJJPebKiBYBX0waSMYhgsIHZIQ2d7XdtqPQaFgGa6tM6d0EE298Q/s400/Screenshot+from+2016-10-03+23-25-15.png" width="400" /></a></div>
<br />
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEi4cvHKC-b1_5W_pPpjhku8r0EMqoiE-DeRo4tIs-KXerApmB3jungGcRiWQ5g7VRSTpPPtaDtP-jtUqxuqxAgrChfY_cUOPSka7YODTImslQ0f3AeInpWdZEoUSXQhgMit5OE4g0HLO0w/s1600/Screenshot+from+2016-10-03+23-25-22.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" height="225" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEi4cvHKC-b1_5W_pPpjhku8r0EMqoiE-DeRo4tIs-KXerApmB3jungGcRiWQ5g7VRSTpPPtaDtP-jtUqxuqxAgrChfY_cUOPSka7YODTImslQ0f3AeInpWdZEoUSXQhgMit5OE4g0HLO0w/s400/Screenshot+from+2016-10-03+23-25-22.png" width="400" /></a></div>
<br />
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjJsKbG-o3Jr0hij1HTrvmCeWrunbeM8G0NxDA-si0YmuVqbqV4AfF9jY_19M8Jqpnr4bje-8edCw9YXXJs64_8FI0T1Zx6skHnMbW5MSdLZJm7ELOMyHj2KPe6YGVoLKOcE3WbQsx26hQ/s1600/Screenshot+from+2016-10-03+23-25-31.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" height="225" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjJsKbG-o3Jr0hij1HTrvmCeWrunbeM8G0NxDA-si0YmuVqbqV4AfF9jY_19M8Jqpnr4bje-8edCw9YXXJs64_8FI0T1Zx6skHnMbW5MSdLZJm7ELOMyHj2KPe6YGVoLKOcE3WbQsx26hQ/s400/Screenshot+from+2016-10-03+23-25-31.png" width="400" /></a></div>
<br />
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjK3CrepmIvG4SxRsOY5Y9Udko9uCWp6YahjTMn8X1iqSHUVdQKZlLcWNxgLaMwTXbK0Z5878Z2_Sw9LvPeDQDIdD2WMGg21Xi-fGYxwozkgHJeWK7Cpc79RmUcaVlb_BlWR0x_QDISVPo/s1600/Screenshot+from+2016-10-03+23-25-40.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" height="225" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjK3CrepmIvG4SxRsOY5Y9Udko9uCWp6YahjTMn8X1iqSHUVdQKZlLcWNxgLaMwTXbK0Z5878Z2_Sw9LvPeDQDIdD2WMGg21Xi-fGYxwozkgHJeWK7Cpc79RmUcaVlb_BlWR0x_QDISVPo/s400/Screenshot+from+2016-10-03+23-25-40.png" width="400" /></a></div>
<br />
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiOtMYhOCWz0TMInOSXsoIbrjeuyCNT89LSLIoeZh_OM1EKqLbzUNS7qN8_3KXEa9UzZzKSTGwue3PDsTm_ii6zt9S9hDck8V0BmTRc4UKQtFlFJ5dd3ZCoBRvbvEI_XBa0sElUtxaigYk/s1600/Screenshot+from+2016-10-03+23-25-47.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" height="225" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiOtMYhOCWz0TMInOSXsoIbrjeuyCNT89LSLIoeZh_OM1EKqLbzUNS7qN8_3KXEa9UzZzKSTGwue3PDsTm_ii6zt9S9hDck8V0BmTRc4UKQtFlFJ5dd3ZCoBRvbvEI_XBa0sElUtxaigYk/s400/Screenshot+from+2016-10-03+23-25-47.png" width="400" /></a></div>
<br />
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhvTH56Wi4ab-pRjTLl8Lx5Hc2YklqCKOvS8n2QOGDAConBgXKxi700RJxel5j3vQohqddfrDDJxQD0gIYEFTW2msIwBExUSYkaX4gEEXvk0eADQZ_i5fPqw_9oL5TocmEsTYV8nbUVWAY/s1600/Screenshot+from+2016-10-03+23-25-55.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" height="225" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhvTH56Wi4ab-pRjTLl8Lx5Hc2YklqCKOvS8n2QOGDAConBgXKxi700RJxel5j3vQohqddfrDDJxQD0gIYEFTW2msIwBExUSYkaX4gEEXvk0eADQZ_i5fPqw_9oL5TocmEsTYV8nbUVWAY/s400/Screenshot+from+2016-10-03+23-25-55.png" width="400" /></a></div>
<br />
Cheers!<br />
:-DustinDustin Kirklandhttp://www.blogger.com/profile/12464590128908584782noreply@blogger.com0tag:blogger.com,1999:blog-3822757291061444396.post-51233522900261335092016-09-29T15:53:00.001-05:002016-09-29T15:53:22.025-05:00OpenZFS Developer Summit Keynote: Everything Old is New Again...But Better!<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjdeS8QaTEUpE_qkuUQF2aixXzZX9smSa_MRoRT0YK9-9y7Zm2xaqdCGUabWuKNvq0Lw_FtiASXqUaEuiO7b-Fqcq2qFcw1ufWIXTznst8ZW6b1CzBfXWUMwXsWAR-CeUoH0ULNHyLe-7w/s1600/Screenshot+from+2016-09-29+13-45-02.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" height="270" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjdeS8QaTEUpE_qkuUQF2aixXzZX9smSa_MRoRT0YK9-9y7Zm2xaqdCGUabWuKNvq0Lw_FtiASXqUaEuiO7b-Fqcq2qFcw1ufWIXTznst8ZW6b1CzBfXWUMwXsWAR-CeUoH0ULNHyLe-7w/s400/Screenshot+from+2016-09-29+13-45-02.png" width="400" /></a></div>
<br />
On Monday this week, I was afforded the distinct privilege to deliver the opening keynote at the <a href="http://open-zfs.org/wiki/OpenZFS_Developer_Summit">OpenZFS Developer Summit</a> in San Francisco. It was a beautiful little event, with a full day of informative presentations and lots of networking during lunch and breaks.<br />
<br />
Below, you can <a href="http://www.slideshare.net/dustinkirkland/open-zfs-keynote-public">view my slides</a>, download the <a href="https://drive.google.com/file/d/0B82l96Y5_w3FaEl6Y0M3amJZeVU/view?usp=sharing">PDF</a>, or <a href="http://livestream.com/accounts/15501788/events/6340478/videos/136999982">watch the talk (starts at 31:10)</a> and demo in its entirety.<br />
<br />
Hopefully you'll enjoy the demo -- especially the most interesting raw tracing system new in the Ubuntu 16.04 LTS Linux 4.4 kernel, something called <a href="https://en.wikipedia.org/wiki/Berkeley_Packet_Filter">The Berkeley Packet Filter</a>, or "BPF" for short. I used a series of open source utilities from Brendan Gregg (from Netflix), called <a href="https://github.com/iovisor/bcc">iovisor/bcc</a>. Quoting the README.md on Github:<br />
<br />
<blockquote class="tr_bq">
<i>BCC is a toolkit for creating efficient kernel tracing and manipulation programs, and includes several useful tools and examples. It makes use of extended BPF (Berkeley Packet Filters), formally known as eBPF, a new feature that was first added to Linux 3.15. Much of what BCC uses requires Linux 4.1 and above.</i></blockquote>
I'll follow up this post with another one, formally introducing BPF and how to install and use bcc in Ubuntu 16.04 LTS, if anyone is interested...<br />
<br />
<br />
<center>
<iframe allowfullscreen="" frameborder="0" height="315" id="ls_embed_1475181732" scrolling="no" src="https://livestream.com/accounts/15501788/events/6340478/videos/136999982/player?width=560&height=315&enableInfo=true&autoPlay=false&mute=false" width="560"> </iframe>
</center>
<br />
<center>
<iframe allowfullscreen="" frameborder="0" height="485" marginheight="0" marginwidth="0" scrolling="no" src="//www.slideshare.net/slideshow/embed_code/key/25ryJ2P19RSj8g" style="border-width: 1px; border: 1px solid #ccc; margin-bottom: 5px; max-width: 100%;" width="595"> </iframe> <div style="margin-bottom: 5px;">
<strong> <a href="https://www.slideshare.net/dustinkirkland/open-zfs-keynote-public" target="_blank" title="Open ZFS Keynote (public)">Open ZFS Keynote (public)</a> </strong> from <strong><a href="https://www.slideshare.net/dustinkirkland" target="_blank">Dustin Kirkland</a></strong> </div>
</center>
<br />
:-DustinDustin Kirklandhttp://www.blogger.com/profile/12464590128908584782noreply@blogger.com0tag:blogger.com,1999:blog-3822757291061444396.post-62249972387611900332016-09-26T15:13:00.000-05:002016-09-26T15:13:54.401-05:00Container Camp London: Streamlining HPC Workloads with Containers<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjnEqc3k0nlIfZAtCd7aOu-_8yMHyT54oXNLaRfRJOBKpEOVanex3g0ljZx68KbTpAv9JNtO5GWqg20JsGgTTJvFwcbaco2ZQdzTIxSd58Hm8PlW0UTiU8eJ9-A6nH2FauDtCOIEjctLPc/s1600/Screenshot+from+2016-09-26+12-53-52.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" height="222" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjnEqc3k0nlIfZAtCd7aOu-_8yMHyT54oXNLaRfRJOBKpEOVanex3g0ljZx68KbTpAv9JNtO5GWqg20JsGgTTJvFwcbaco2ZQdzTIxSd58Hm8PlW0UTiU8eJ9-A6nH2FauDtCOIEjctLPc/s400/Screenshot+from+2016-09-26+12-53-52.png" width="400" /></a></div>
<div class="separator" style="clear: both; text-align: center;">
<br /></div>
A couple of weeks ago, I delivered a talk at the <a href="https://container.camp/uk/2016">Container Camp UK 2016</a>. It was an brilliant event, on a beautiful stage at Picturehouse Central in Picadilly Circus in London.<br />
<br />
You're welcome to <a href="http://www.slideshare.net/dustinkirkland/streamlining-hpc-workloads-with-containers">view the slides</a> or <a href="https://drive.google.com/file/d/0B82l96Y5_w3FNWVwM3UtMVFDZFE/view?usp=sharing">download them as a PDF</a>, or <a href="https://www.youtube.com/watch?v=TPdRbD1kSUU&feature=youtu.be">watch my talk below</a>.<br />
<br />
And for the techies who want to skip the slide fluff and get their hands dirty, setup your OpenStack and LXD and <a href="https://github.com/openstack/nova-lxd/blob/master/doc/source/exclusive_machine.rst">start streamlining your HPC workloads using this guide</a>.<br />
<br />
<center>
<iframe allowfullscreen="" frameborder="0" height="315" src="https://www.youtube.com/embed/TPdRbD1kSUU" width="560"></iframe></center>
<br />
<br />
<center>
<iframe allowfullscreen="" frameborder="0" height="485" marginheight="0" marginwidth="0" scrolling="no" src="//www.slideshare.net/slideshow/embed_code/key/oModraTu1XQZIk" style="border-width: 1px; border: 1px solid #ccc; margin-bottom: 5px; max-width: 100%;" width="595"> </iframe> <div style="margin-bottom: 5px;">
<strong> <a href="https://www.slideshare.net/dustinkirkland/streamlining-hpc-workloads-with-containers" target="_blank" title="Streamlining HPC Workloads with Containers">Streamlining HPC Workloads with Containers</a> </strong> from <strong><a href="https://www.slideshare.net/dustinkirkland" target="_blank">Dustin Kirkland</a></strong> </div>
</center>
<br />
Enjoy,<br />
:-DustinDustin Kirklandhttp://www.blogger.com/profile/12464590128908584782noreply@blogger.com0tag:blogger.com,1999:blog-3822757291061444396.post-35099542830240756802016-09-21T10:03:00.001-05:002016-09-21T10:03:54.153-05:00HOWTO: Launch an Ubuntu Cloud Image with KVM from the Command Line<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhUNzPFHkvyYY73LJ3T-XSoxx4CxDPJGnJVn_rcSe5Y6UE7Qsl0OsfDosizUfoqfJ8m17M2YJWNbE4dYWJFQjhPnI0DHWHeEbt-jSeSCh9cN43Rq1AVoew2wCpxc14VdypOgL4-TRkLaSM/s1600/Screenshot+from+2016-09-21+10-00-41.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" height="223" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhUNzPFHkvyYY73LJ3T-XSoxx4CxDPJGnJVn_rcSe5Y6UE7Qsl0OsfDosizUfoqfJ8m17M2YJWNbE4dYWJFQjhPnI0DHWHeEbt-jSeSCh9cN43Rq1AVoew2wCpxc14VdypOgL4-TRkLaSM/s400/Screenshot+from+2016-09-21+10-00-41.png" width="400" /></a></div>
<br />
I reinstalled my primary laptop (Lenovo x250) about 3 months ago (June 30, 2016), when I got a shiny new SSD, with a fresh Ubuntu 16.04 LTS image.<br />
<br />
Just yesterday, I needed to test something in KVM. Something that could <i>only</i> be tested in KVM.<br />
<br />
<pre>kirkland@x250:~⟫ kvm
The program 'kvm' is currently not installed. You can install it by typing:
sudo apt install qemu-kvm
127 kirkland@x250:~⟫
</pre>
<br />
<i>I don't have <a href="http://blog.dustinkirkland.com/search/label/KVM">KVM</a> installed? How is that even possible? I used to be the maintainer of the virtualization stack in Ubuntu (kvm, qemu, libvirt, virt-manager, et al.)! I lived and breathed virtualization on Ubuntu for years...</i><br />
<br />
Alas, it seems that I've use <a href="http://blog.dustinkirkland.com/search/label/LXD">LXD</a> for everything these days! It's built into every Ubuntu 16.04 LTS server, and one 'apt install lxd' away from having it on your desktop. With ZFS, instances start in under 3 seconds. Snapshots, live migration, an image store, a REST API, all built in. Try it out, if you haven't, it's great!<br />
<br />
<pre>kirkland@x250:~⟫ time lxc launch ubuntu:x
Creating supreme-parakeet
Starting supreme-parakeet
real 0m1.851s
user 0m0.008s
sys 0m0.000s
kirkland@x250:~⟫ lxc exec supreme-parakeet bash
root@supreme-parakeet:~#
</pre>
<br />
But that's enough of a LXD advertisement...back to the title of the blog post.<br />
<br />
Here, I want to download an Ubuntu cloud image, and boot into it. There's one extra step nowadays. You need to create your "user data" and feed it into cloud-init.<br />
<br />
First, create a simple text file, called "seed":<br />
<br />
<pre>kirkland@x250:~⟫ cat seed
#cloud-config
password: passw0rd
chpasswd: { expire: False }
ssh_pwauth: True
ssh_import_id: kirkland
</pre>
<br />
Now, generate a "seed.img" disk, like this:<br />
<br />
<pre>kirkland@x250:~⟫ cloud-localds seed.img seed
kirkland@x250:~⟫ ls -halF seed.img
-rw-rw-r-- 1 kirkland kirkland 366K Sep 20 17:12 seed.img
</pre>
<br />
Next, download your image from <a href="http://cloud-images.ubuntu.com/">cloud-images.ubuntu.com</a>:<br />
<br />
<pre>kirkland@x250:~⟫ wget http://cloud-images.ubuntu.com/xenial/current/xenial-server-cloudimg-amd64-disk1.img
--2016-09-20 17:13:57-- http://cloud-images.ubuntu.com/xenial/current/xenial-server-cloudimg-amd64-disk1.img
Resolving cloud-images.ubuntu.com (cloud-images.ubuntu.com)... 91.189.88.141, 2001:67c:1360:8001:ffff:ffff:ffff:fffe
Connecting to cloud-images.ubuntu.com (cloud-images.ubuntu.com)|91.189.88.141|:80... connected.
HTTP request sent, awaiting response... 200 OK
Length: 312606720 (298M) [application/octet-stream]
Saving to: ‘xenial-server-cloudimg-amd64-disk1.img’
xenial-server-cloudimg-amd64-disk1.img
100%[=================================] 298.12M 3.35MB/s in 88s
2016-09-20 17:15:25 (3.39 MB/s) - ‘xenial-server-cloudimg-amd64-disk1.img’ saved [312606720/312606720]
</pre>
<br />
In the nominal case, you can now just launch KVM, and add your user data as a cdrom disk. When it boots, you can login with "ubuntu" and "passw0rd", which we set in the seed:<br />
<br />
<pre>kirkland@x250:~⟫ kvm -cdrom seed.img -hda xenial-server-cloudimg-amd64-disk1.img
</pre>
<br />
Finally, let's enable more bells an whistles, and speed this VM up. Let's give it all 4 CPUs, a healthy 8GB of memory, a virtio disk, and let's port forward ssh to 2222:<br />
<br />
<pre>kirkland@x250:~⟫ kvm -m 8192 \
-smp 4 \
-cdrom seed.img \
-device e1000,netdev=user.0 \
-netdev user,id=user.0,hostfwd=tcp::5555-:22 \
-drive file=xenial-server-cloudimg-amd64-disk1.img,if=virtio,cache=writeback,index=0
</pre>
<br />
And with that, we can how ssh into the VM, with the public SSH key specified in our seed:<br />
<br />
<pre>kirkland@x250:~⟫ ssh -p 5555 ubuntu@localhost
The authenticity of host '[localhost]:5555 ([127.0.0.1]:5555)' can't be established.
RSA key fingerprint is SHA256:w2FyU6TcZVj1WuaBA799pCE5MLShHzwio8tn8XwKSdg.
No matching host key fingerprint found in DNS.
Are you sure you want to continue connecting (yes/no)? yes
Welcome to Ubuntu 16.04.1 LTS (GNU/Linux 4.4.0-36-generic x86_64)
* Documentation: https://help.ubuntu.com
* Management: https://landscape.canonical.com
* Support: https://ubuntu.com/advantage
Get cloud support with Ubuntu Advantage Cloud Guest:
http://www.ubuntu.com/business/services/cloud
0 packages can be updated.
0 updates are security updates.
ubuntu@ubuntu:~⟫
</pre>
<br />
Cheers,<br />
:-DustinDustin Kirklandhttp://www.blogger.com/profile/12464590128908584782noreply@blogger.com0tag:blogger.com,1999:blog-3822757291061444396.post-56626515139191028802016-08-09T08:26:00.000-05:002016-08-09T08:26:28.185-05:00Howdy, Windows! A Six-part Series about Ubuntu-on-Windows for Linux.com<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgzywSczqHOtrwMwcCyfOh7f-pNCq-QYTXTDv3TzuIHkd5Z7naAsTXdNRds21k-t188pJ-bCnON7pM7TX-AHif71uoET_L1hy230GXioNrogChOGXBoPB-AeUO6phOPP0cIjS8vRz8z6Pk/s1600/linux-on-windows-dustin-kirkland-firefly_1.jpg" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" height="152" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgzywSczqHOtrwMwcCyfOh7f-pNCq-QYTXTDv3TzuIHkd5Z7naAsTXdNRds21k-t188pJ-bCnON7pM7TX-AHif71uoET_L1hy230GXioNrogChOGXBoPB-AeUO6phOPP0cIjS8vRz8z6Pk/s400/linux-on-windows-dustin-kirkland-firefly_1.jpg" width="400" /></a></div>
<br />
I hope you'll enjoy a <i>shiny</i> new 6-part blog series I recently published at <a href="http://linux.com/">Linux.com</a>.<br />
<ol>
<li>The <a href="https://www.linux.com/learn/howdy-ubuntu-windows-intro-canonicals-dustin-kirkland">first article</a> is a bit of back story, perhaps a behind-the-scenes look at the motivations, timelines, and some of the work performed between Microsoft and Canonical to bring Ubuntu to Windows.</li>
<li>The <a href="https://www.linux.com/learn/howdy-ubuntu-windows-getting-started">second article</a> is an updated getting-started guide, with screenshots, showing a Windows 10 user exactly how to enable and run Ubuntu on Windows.</li>
<li>The <a href="https://www.linux.com/learn/howdy-ubuntu-windows-ubuntu-commands-every-windows-user-should-learn">third article</a> walks through a dozen or so examples of the most essential command line utilities a Windows user, new to Ubuntu (and Bash), should absolutely learn.</li>
<li>The <a href="https://www.linux.com/learn/howdy-ubuntu-windows-write-and-execute-your-first-program">fourth article</a> shows how to write and execute your first script, "Howdy, Windows!", in 6 different dynamic scripting languages (Bash, Python, Perl, Ruby, PHP, and NodeJS).</li>
<li>The <a href="https://www.linux.com/learn/howdy-ubuntu-windows-writing-compiled-languages">fifth article</a> demonstrates how to write, compile, and execute your first program in 7 different compiled programming languages (C, C++, Fortran, Golang).</li>
<li>The <a href="https://www.linux.com/learn/howdy-ubuntu-windows-how-fast-it">sixth and final article</a> conducts some performance benchmarks of the CPU, Memory, Disk, and Network, in both native Ubuntu on a physical machine, and Ubuntu on Windows running on the same system.</li>
</ol>
I really enjoyed writing these. Hopefully you'll try some of the examples, and share your experiences using Ubuntu native utilities on a Windows desktop. You can find the source code of the programming examples in <a href="http://github.com/">Github</a> and <a href="http://launchpad.net/">Launchpad</a>:<br />
<ul>
<li><a href="https://github.com/dustinkirkland/howdy-windows">https://github.com/dustinkirkland/howdy-windows</a></li>
<li><a href="http://bazaar.launchpad.net/~kirkland/howdy-windows/trunk/files">http://bazaar.launchpad.net/~kirkland/howdy-windows/trunk/files</a></li>
</ul>
Cheers,<br />
DustinDustin Kirklandhttp://www.blogger.com/profile/12464590128908584782noreply@blogger.com0tag:blogger.com,1999:blog-3822757291061444396.post-50911672731338968192016-06-20T14:35:00.001-05:002016-06-20T14:35:59.274-05:00HOWTO: Classic, apt-based Ubuntu 16.04 LTS Server on the rpi2!<div>
<table align="center" cellpadding="0" cellspacing="0" class="tr-caption-container" style="margin-left: auto; margin-right: auto; text-align: center;"><tbody>
<tr><td style="text-align: center;"><a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgwI2P3nk5olwAZK1vD6vfY-pYtKpq__NsJVcDgTAXVenbvOMysq8ok8onSlJmrD57U_OSiRSRzYq7hYnD_DkWMbAqJs8-kZMsIVFepNjLAncBAAFXJ6-QeEkt-eWzPm-QwfQdEFpcOakw/s1600/rpi2.jpg" imageanchor="1" style="margin-left: auto; margin-right: auto;"><img border="0" height="209" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgwI2P3nk5olwAZK1vD6vfY-pYtKpq__NsJVcDgTAXVenbvOMysq8ok8onSlJmrD57U_OSiRSRzYq7hYnD_DkWMbAqJs8-kZMsIVFepNjLAncBAAFXJ6-QeEkt-eWzPm-QwfQdEFpcOakw/s320/rpi2.jpg" width="320" /></a></td></tr>
<tr><td class="tr-caption" style="text-align: center;"><i>Classic Ubuntu 16.04 LTS, on an rpi2</i></td></tr>
</tbody></table>
Hopefully by now you're well aware of Ubuntu Core -- <i><a href="https://developer.ubuntu.com/en/snappy/start/raspberry-pi-2/">the snappiest way</a></i> to run Ubuntu on a Raspberry Pi...<br />
<br />
But have you ever wanted to run classic (<a href="http://manpg.es/apt"><i>apt</i></a>/<i>deb)</i> <a href="http://ubuntu.com/server">Ubuntu Server</a> on a <a href="https://www.raspberrypi.org/products/raspberry-pi-2-model-b/">RaspberryPi2</a>?</div>
<div>
<br />
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEh3KdQpDjaQfofTr8U0qRpzh1DGQF00Xsg4y3Ms1L16kompA9EyDUz_dmbKjiPJwuqJLpSCCZST2d_mK_ySU3n-lCwCH95g7m_gRpQqPnlDvUBz82KxLbHm9SKyB9eEO4jY3bpp6ud0SIA/s1600/Screenshot+from+2016-06-20+14-32-38.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" height="208" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEh3KdQpDjaQfofTr8U0qRpzh1DGQF00Xsg4y3Ms1L16kompA9EyDUz_dmbKjiPJwuqJLpSCCZST2d_mK_ySU3n-lCwCH95g7m_gRpQqPnlDvUBz82KxLbHm9SKyB9eEO4jY3bpp6ud0SIA/s400/Screenshot+from+2016-06-20+14-32-38.png" width="400" /></a></div>
<br />
Well, you're in luck! Follow these instructions, and you'll be up in running in minutes!</div>
<div>
<br /></div>
<div>
First, download the released image (<i>214MB</i>):</div>
<div>
<br /></div>
<pre>$ wget http://cdimage.ubuntu.com/releases/16.04/release/ubuntu-16.04-preinstalled-server-armhf+raspi2.img.xz
</pre>
<div>
<br /></div>
Next, uncompress it:<br />
<br />
<pre>$ unxz *xz
</pre>
<br />
Now, write it to a microSD card using <a href="http://manpg.es/dd"><i>dd</i></a>. I'm using the card reader built into my Thinkpad, but you might use a USB adapter. You'll need to <a href="http://manpg.es/fdisk"><i>figure</i> <i>out</i></a> the block device of your card, and perhaps <a href="http://manpg.es/umount"><i>unmount</i></a> it, if necessary. Then, you can write the image to disk:<br />
<br />
<pre>$ sudo dd if=ubuntu-16.04-preinstalled-server-armhf+raspi2.img of=/dev/mmcblk0 bs=32M
$ sync
</pre>
<br />
Now, pop it into your rpi2, and power it on.<br />
<br />
If it's connected to a USB mouse and an HDMI monitor, then you'll land in a console where you can login with the username '<i>ubuntu</i>' and password '<i>ubuntu</i>', and then you'll be forced to choose a new password.<br />
<br />
Assuming it has an Ethernet connection, it should DHCP. You might need to check your router to determine what IP address it got, or it sets it's hostname to 'ubuntu'. In my case, I could automatically resolve it on my network, at <i>ubuntu.canyonedge</i>, with IP address <i>10.0.0.113</i>, and ssh to it:<br />
<br />
<pre>$ ssh ubuntu@ubuntu.canyonedge
</pre>
<br />
Again, you can login on first boot with password '<i>ubuntu</i>' and you're required to choose a new password.<br />
<br />
On first boot, it will automatically resize the filesystem to use all of the available space on the MicroSD card -- much nicer than having to <a href="http://manpg.es/resize2fs"><i>resize2fs</i></a> yourself in some offline mode!<br />
<br />
Now, you're off and running. Have fun with <i><a href="http://manpg.es/sudo">sudo</a></i>, <i><a href="http://manpg.es/apt">apt</a></i>, <i><a href="http://manpg.es/byobu">byobu</a></i>, <i><a href="http://manpg.es/lxd">lxd</a></i>, <i><a href="http://manpg.es/docker.io">docker</a></i>, and everything else you'd expect to find on a classic Ubuntu server ;-) Heck, you'll even find the <i><a href="http://snapcraft.io/">snap</a></i> command, where you'll be able to install snap packages, right on top of your classic Ubuntu Server! And if that doesn't just bake your noodle...<br />
<br />
Cheers,<br />
DustinDustin Kirklandhttp://www.blogger.com/profile/12464590128908584782noreply@blogger.com0tag:blogger.com,1999:blog-3822757291061444396.post-64030069133686894812016-05-16T13:42:00.000-05:002016-05-17T02:07:52.063-05:00Byobu Hollywood Melodrama and Ubuntu Featured on NBCNews!A few years ago, <a href="http://www.nbcnews.com/tech/security/americans-are-getting-freaked-out-about-doing-stuff-internet-n574661">I wrote and released a fun little script</a> that would carve up an <a href="http://ubuntu.com/">Ubuntu</a> <a href="http://byobu.org/">Byobu</a> terminal into a bunch of splits, running various random command line status utilities.<br />
<br />
100% complete technical mumbo jumbo. The goal was to turn your terminal into something that belongs in a Hollywood hacker film.<br />
<br />
I am proud to see it included in <a href="http://www.nbcnews.com/tech/security/americans-are-getting-freaked-out-about-doing-stuff-internet-n574661">this NBCNews piece about "Ransomware"</a>. All of the screenshots, demonstrating what a "hacker" is doing with a system are straight from Ubuntu, Byobu, and Hollywood!<br />
<br />
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhytVQtDoD8A-LPoFkGSujgrftsFBlO7lSsPtgILsk_0MoC_WWzCZ4j-i58eNuMLVR2hYXzmAgcpUolAaEAm2QK6NydVlbinjTxg2PXrQVGE2o7c7hpqdmdcZsVO8ErBNu1g77ZAFtcXiQ/s1600/Screenshot+from+2016-05-16+09-31-28.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" height="153" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhytVQtDoD8A-LPoFkGSujgrftsFBlO7lSsPtgILsk_0MoC_WWzCZ4j-i58eNuMLVR2hYXzmAgcpUolAaEAm2QK6NydVlbinjTxg2PXrQVGE2o7c7hpqdmdcZsVO8ErBNu1g77ZAFtcXiQ/s320/Screenshot+from+2016-05-16+09-31-28.png" width="320" /></a></div>
<br />
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjT3vPwhrBYV2q62iQEFt4-K77z_TBA8xUFRXL0bIX_7Yn3TYuBGpzvPcW8G2TXkelj8Eg-xkdI1R2Cbs_c9mQANh9ibQ7ZUXKnkTxjgzO5YhGltlJesFpRirx9TzHgXhjBePPkx-ee9z0/s1600/Screenshot+from+2016-05-16+09-35-02.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" height="165" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjT3vPwhrBYV2q62iQEFt4-K77z_TBA8xUFRXL0bIX_7Yn3TYuBGpzvPcW8G2TXkelj8Eg-xkdI1R2Cbs_c9mQANh9ibQ7ZUXKnkTxjgzO5YhGltlJesFpRirx9TzHgXhjBePPkx-ee9z0/s320/Screenshot+from+2016-05-16+09-35-02.png" width="320" /></a></div>
<br />
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEj6l-sdHtgMn-RDdz13SNzYfoXJxn4uXcgdpc-hBTrS-pxHPTZfBb35P0cAjjuuBtJlQ7KKKlOdqX-K_-1AmGEK8SG2KlsaMNGapj8unkso2TkaKIIkTs-WzuWuPdnM_gps-nM-Fa_Pao8/s1600/Screenshot+from+2016-05-16+09-49-05.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" height="156" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEj6l-sdHtgMn-RDdz13SNzYfoXJxn4uXcgdpc-hBTrS-pxHPTZfBb35P0cAjjuuBtJlQ7KKKlOdqX-K_-1AmGEK8SG2KlsaMNGapj8unkso2TkaKIIkTs-WzuWuPdnM_gps-nM-Fa_Pao8/s320/Screenshot+from+2016-05-16+09-49-05.png" width="320" /></a></div>
<br />
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhGwL7coVxXXnGY08WmhbraU33SNIS6Ti2vqCWFXqAPnvdv-oCrumsEJGQw1Fi8kghXVvqHcUzgGNAt_2eNNvZy-icjH7sKcZSzGONncxlRIHB-7FgAp8RWAVSnZkP5LVvOxDfb0Vck_uA/s1600/Screenshot+from+2016-05-16+09-49-41.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" height="159" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhGwL7coVxXXnGY08WmhbraU33SNIS6Ti2vqCWFXqAPnvdv-oCrumsEJGQw1Fi8kghXVvqHcUzgGNAt_2eNNvZy-icjH7sKcZSzGONncxlRIHB-7FgAp8RWAVSnZkP5LVvOxDfb0Vck_uA/s320/Screenshot+from+2016-05-16+09-49-41.png" width="320" /></a></div>
<br />
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjopxrkFUev2eODnH60lPV23ex3bXJUR_KJPdCLfI5FWeHmxCsSV2KZbWpc83NQ8mi9EbJi0QcAxl6sHV6961v1oi7d09v3CMYZzS-kaE-9ihWJswEyNycANx40wpsM8iW9A-b3VqkXVTQ/s1600/Screenshot+from+2016-05-16+09-50-00.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" height="160" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjopxrkFUev2eODnH60lPV23ex3bXJUR_KJPdCLfI5FWeHmxCsSV2KZbWpc83NQ8mi9EbJi0QcAxl6sHV6961v1oi7d09v3CMYZzS-kaE-9ihWJswEyNycANx40wpsM8iW9A-b3VqkXVTQ/s320/Screenshot+from+2016-05-16+09-50-00.png" width="320" /></a></div>
<br />
<br />
Here are a few screenshots, and the <a href="http://www.nbcnews.com/widget/video-embed/681663043970">video</a> is embedded below...<br />
<br />
<center>
<iframe allowfullscreen="" frameborder="0" height="315" src="http://www.nbcnews.com/widget/video-embed/681663043970" width="560"></iframe>
</center>
<br />
<br />
Enjoy!<br />
:-DustinDustin Kirklandhttp://www.blogger.com/profile/12464590128908584782noreply@blogger.com0tag:blogger.com,1999:blog-3822757291061444396.post-36051935274703119212016-05-09T07:26:00.000-05:002016-05-09T09:34:09.507-05:00Using Containers to Create the World's Fastest OpenStack<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEj9DSBP29sLcnvim-SAwvp2r69RCogzY0WTyLPtz14y6kTo3p0lQsp6Us6gXu6Ry_RLmQyCpbeBRcTCgqcYLIzBFqOATRKqXjOBh2kyrgmSYa7XT8I2bryldkpeF7L9iVPWkBwmjd8mjQg/s1600/Screenshot+from+2016-05-07+13-25-48.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" height="222" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEj9DSBP29sLcnvim-SAwvp2r69RCogzY0WTyLPtz14y6kTo3p0lQsp6Us6gXu6Ry_RLmQyCpbeBRcTCgqcYLIzBFqOATRKqXjOBh2kyrgmSYa7XT8I2bryldkpeF7L9iVPWkBwmjd8mjQg/s400/Screenshot+from+2016-05-07+13-25-48.png" width="400" /></a></div>
<center style="text-align: left;">
</center>
<center style="text-align: left;">
<br /></center>
<center style="text-align: left;">
Below you can find the <a href="https://www.youtube.com/watch?time_continue=1&v=lM2wwYDLB2M">audio/video recording</a> of my OpenStack Austin presentation, where I demonstrated <a href="http://ubuntu.com/openstack">Ubuntu OpenStack Mitaka,</a> running on top of Ubuntu 16.04 LTS, entirely within <a href="http://ubuntu.com/lxd">LXD</a> machine containers. You can also download the <a href="http://people.canonical.com/~kirkland/Using%20containers%20to%20create%20the%20World%27s%20fastest%20OpenStack%20%28public%29.pdf">PDF of the slides here</a>. And there are a number of other excellent talks <a href="https://pages.ubuntu.com/Track_Day_channel.html?utm_source=sales&utm_medium=email&utm_campaign=FY17_ODS_Austin_Track_Day&">here</a>!</center>
<center style="text-align: left;">
<br /></center>
<center>
</center>
<center>
<iframe allowfullscreen="" frameborder="0" height="315" src="https://www.youtube.com/embed/lM2wwYDLB2M" width="560"></iframe>
</center>
<br />
<br />
<center>
<iframe allowfullscreen="true" frameborder="0" height="329" mozallowfullscreen="true" src="https://docs.google.com/presentation/d/1Sl9OlAPA5_rV78YQ3VRES0oeKbpT9YayTzCpg5VvbVA/embed?start=false&loop=false&delayms=3000" webkitallowfullscreen="true" width="535"></iframe>
</center>
<center>
</center>
<center style="text-align: left;">
Cheers,</center>
<center style="text-align: left;">
Dustin</center>
Dustin Kirklandhttp://www.blogger.com/profile/12464590128908584782noreply@blogger.com0