May 27th will be Canonical’s first time as a DockerCon sponsor. That’s exciting!
Since our joint announcement back in November, the relationship between Canonical and Docker has become stronger as more projects arise. There’s still a lot to be done in a cloud-native world to make Open Source available to everyone in its purest form.
We strongly believe in Open Source Software, and our mission hasn’t changed. Our vision, however, has been more focused recently on Cloud and Security. Now is a very special time as we’ve got the motivation, the ability, and the opportunity.
- Motivation, our mission to make free software available to the most;
- Ability, a wide range of open source applications and the tooling to operate;
- Opportunity, with the world moving to cloud-native software, whether it’s on public, private, or micro clouds.
Ubuntu, the most popular base layer
It would be fair to ask why, suddenly, we care so much about container images. After all, we only published our first OCIs as an organisation last year (*although some teams at Canonical have been building Docker images for quite some time).
It is even more surprising as demand is there. Ubuntu is the most popular base layer on Docker Hub, the preferred choice for developers.
Being the base layer for billions of containerised applications gives us a considerable responsibility that we take very seriously. As we’ve been looking at the landscape of container images, we found publications showing that most of them had known vulnerabilities with very long times to remediation. Consequently, adoption of open-source software could be limited and generate additional costs as enterprises need to build internal pipelines to cover their app dependencies.
In the near future, we plan to offer enterprises the same security and stability they already have with Ubuntu Pro and ESM (Extended Security Maintenance) programs on containers.
Hardened-er, better, faster, simpler
The state of open source security in the cloud-native world is far from perfect, and it often requires engaging with multiple companies or organisations.
As the years went by, we found ourselves in a trusted Open Source partner position for many projects. It definitely isn’t a surprise, as our Security expertise grew over the years from the 24/7 commercial support included in Ubuntu Advantage, the Extended Security Maintenance (ESM) for Ubuntu and other major software components, Ubuntu Pro on cloud platforms and now on-prem, and, most recently, the same commitments for an expanding Universe of Applications.
Our first response in the container world has been with the “LTS Docker Image Portfolio,” a curated set of secure container application images hardened by Canonical and available with a long-term security commitment.
These hardened application OCIs have been made available, for the first time, on Docker Hub, free to use by the developer community.
Our next steps are extending the portfolio and building a sense of “hardened-er, better, faster, simpler” container images; for anyone to use with simplicity during the development and serenity while in production.
“Simpler open source application ops on K8s” with Mark Shuttleworth
For our talk at DockerCon, we long brainstormed the most helpful content for you, the audience. We quickly eliminated ideas around our LTS Docker images; although helpful, developers know the value so there’s not much to be said. We also wandered around a “Pebble” introduction, but that would have been too big a step in the time we have together.
Looking at the results from our Kubecon survey, we found that proving how charmed operators make Kubernetes operations MUCH simpler to Docker developers would be the most practical we could do. So join us, at DockerCon 2021, to learn:
What does an “apt install mysql” on Kubernetes look like with charmed operators?
Come find out, don’t miss our presentation at DockerCon LIVE 2021!
Recent surveys found that many popular containers had known vulnerabilities. Container images provenance is critical for a secure software supply chain in production. Benefit from Canonical’s security expertise with the LTS Docker images portfolio, a curated set of application images, free of vulnerabilities, with a 24/7 commitment.