Canonical’s first DockerCon

May 27th will be Canonical’s first time as a DockerCon sponsor. That’s exciting!

Since our joint announcement back in November, the relationship between Canonical and Docker has become stronger as more projects arise. There’s still a lot to be done in a cloud-native world to make Open Source available to everyone in its purest form.

We strongly believe in Open Source Software, and our mission hasn’t changed. Our vision, however, has been more focused recently on Cloud and Security. Now is a very special time as we’ve got the motivation, the ability, and the opportunity.

  • Motivation, our mission to make free software available to the most;
  • Ability, a wide range of open source applications and the tooling to operate;
  • Opportunity, with the world moving to cloud-native software, whether it’s on public, private, or micro clouds.

Ubuntu, the most popular base layer

It would be fair to ask why, suddenly, we care so much about container images. After all, we only published our first OCIs as an organisation last year (*although some teams at Canonical have been building Docker images for quite some time).

It is even more surprising as demand is there. Ubuntu is the most popular base layer on Docker Hub, the preferred choice for developers.

Being the base layer for billions of containerised applications gives us a considerable responsibility that we take very seriously. As we’ve been looking at the landscape of container images, we found publications showing that most of them had known vulnerabilities with very long times to remediation. Consequently, adoption of open-source software could be limited and generate additional costs as enterprises need to build internal pipelines to cover their app dependencies.

In the near future, we plan to offer enterprises the same security and stability they already have with Ubuntu Pro and ESM (Extended Security Maintenance) programs on containers.

Hardened-er, better, faster, simpler

The state of open source security in the cloud-native world is far from perfect, and it often requires engaging with multiple companies or organisations.

As the years went by, we found ourselves in a trusted Open Source partner position for many projects. It definitely isn’t a surprise, as our Security expertise grew over the years from the 24/7 commercial support included in Ubuntu Advantage, the Extended Security Maintenance (ESM) for Ubuntu and other major software components, Ubuntu Pro on cloud platforms and now on-prem, and, most recently, the same commitments for an expanding Universe of Applications.

Our first response in the container world has been with the “LTS Docker Image Portfolio,” a curated set of secure container application images hardened by Canonical and available with a long-term security commitment.

These hardened application OCIs have been made available, for the first time, on Docker Hub, free to use by the developer community.

Our next steps are extending the portfolio and building a sense of “hardened-er, better, faster, simpler” container images; for anyone to use with simplicity during the development and serenity while in production.

“Simpler open source application ops on K8s” with Mark Shuttleworth

For our talk at DockerCon, we long brainstormed the most helpful content for you, the audience. We quickly eliminated ideas around our LTS Docker images; although helpful, developers know the value so there’s not much to be said. We also wandered around a “Pebble” introduction, but that would have been too big a step in the time we have together.

Looking at the results from our Kubecon survey, we found that proving how charmed operators make Kubernetes operations MUCH simpler to Docker developers would be the most practical we could do. So join us, at DockerCon 2021, to learn:

What does an “apt install mysql” on Kubernetes look like with charmed operators?


Come find out, don’t miss our presentation at DockerCon LIVE 2021!

ubuntu logo

What’s the risk of unsolved vulnerabilities in Docker images?

Recent surveys found that many popular containers had known vulnerabilities. Container images provenance is critical for a secure software supply chain in production. Benefit from Canonical’s security expertise with the LTS Docker images portfolio, a curated set of application images, free of vulnerabilities, with a 24/7 commitment.

Integrate with hardened LTS images ›

Newsletter signup

Select topics you're
interested in

In submitting this form, I confirm that I have read and agree to Canonical's Privacy Notice and Privacy Policy.

Related posts

Cloud PaaS through the lens of open source – opinion

Opinion piece by Rob Gibbon – Product Manager at Canonical. All views expressed are the author’s own. The open source perspective viz. PaaS Open source...

Atresmedia modernises Spain’s most popular streaming platform with Canonical Charmed Kubernetes

The streaming service for the leading communication group in Spain leaves behind outdated applications and adopts a microservices architecture enabled by...

Running FIPS 140 workloads on Ubuntu

This is the first article in a two-article series regarding FIPS 140 and Ubuntu. The first part of this series, this article, covers running FIPS 140...