Canonical is excited to partner with AWS and feature on this week’s episode of AWS on Air. Watch us live on September 16, at 12pm PT.
As the publisher of the Linux distribution Ubuntu, Canonical support, secure, and manage Ubuntu infrastructure and devices for thousands of businesses. Ubuntu runs from cloud to edge. It is the platform that everybody uses on the public cloud including AWS, and the preferred workstation experience for builders all over the world!
In this blog we will do a deep dive into key reasons why enterprises choose Ubuntu and how it helps companies run open source securely in the cloud.
1. Ubuntu is the builder’s OS of choice.
Whether it be from software development to machine learning data scientists and engineers, from your desktop to the cloud, from the ones who want freedom and low time to market to the ones who need security and compliance, Ubuntu has you covered!
According to Hackerearth Developer Survey 2021, Ubuntu is the preferred Linux operating system by developers.
This story applies on the cloud as well. Ubuntu is the most used third party Operating System running production workloads. Ubuntu powers more than 60% of the cloud workloads today.
Why is Ubuntu the builder’s OS of choice?
There are several reasons behind this. While every case has it’s unique particularities, the reason builders prefer Ubuntu can be summarized into three points:
- It gives users the freedom of linux and a way to consume or use open source software with no toil on configuration, maintenance, security and so on.
- The strong community behind Ubuntu makes it the best supported OS on the market. A simple google on how to do something in Ubuntu will get you hundreds of relevant results. Its third party open source repository “Universe” is also maintained and supported by both the community and Canonical.
- Ubuntu has a dedicated version for those that require additional security and compliance. Upgrade to Ubuntu Pro to enjoy extended maintenance support (including more than 30,000 third party open source packages), livepatch, FIPS for FedRamp compliance and CIS/Disa-Stig hardening profiles.
2. Ubuntu is secure by design
Did you know that according to a study done this year by Synopsys with over 2,400 commercial codebases, 78% of code reviewed was open source, which shows that open source is everywhere! The study revealed that 88% of these codebases contained components with outdated versions with 81% containing at least one vulnerability. The main reasons for these vulnerabilities were that the majority of the reviewed apps were either running with components over 4 years or had no updates from the vendor. If you recall equifax’s data breach or log4j vulnerability episode, you will understand the danger this poses.
This shows that security should be prioritized not only in enterprises but everyone. Having a way to get in-call-support, committed or SLA’d maintenance and enterprise compliance is more critical than ever. Nobody should deploy an open source application with no support or further maintenance. Just imagine. What happens if tomorrow someone discovers a security vulnerability on a package in your app?
Security is in the core of Ubuntu. No system is perfectly secure and vulnerabilities will always arise. This makes the speed and success with which these issues are resolved evermore important. Ubuntu also comes with automatic critical updates and committed security maintenance as part of its LTS model, which covers Ubuntu for 5 years from its release date.
Ubuntu Pro is the same Ubuntu everybody knows and loves with further access to extended maintenance and security support up to 10 years from the release date. It includes kernel livepatch, FIPS for FedRamp compliance, CIS and Disa-stig automated hardening profiles. Additionally it includes security maintenance for more than 30,000 third party open source packages from Ubuntu repositories.
Our team is here to ensure our users can consume OSS securely and consistently.
3. Ubuntu is the first choice on public clouds
Ubuntu server is available as a first citizen on all major cloud platforms, running more than 60% of the cloud workloads.
We have had an active collaboration with AWS for over a decade. Ubuntu is available as a native and optimized OS on EC2 and other AWS services such as EKS, Lightsail, and even as container images on ECR Public Gallery.
You will always find the latest and greatest Ubuntu on AWS.
4. Ubuntu ensures security even on containers
Containers are great! We believe that they are the natural evolution of cloud services where you can focus on the top layer of the stack, while getting more portability, scalability, easier management, and much more.
But, according to a study done by Unit42 from Palo Alto Networks on 2021, they found out that 96% of third-party container applications deployed in cloud infrastructure contained known vulnerabilities.
This means that the security concerns remain the same, if not more in containers. Even if you are using managed services to keep the risk low, what goes into the container needs to be secure; from the base layers to the packages you are installing into it (i.e. provenance and maintenance).
On top of that, containers are more challenging, since they are harder to keep up to date compared to a VM. They are immutable assets as once you publish a container, it runs with a different lifecycle than a VM. In other words, you don’t log in and run an update but have to rebuild and redeploy.
We have Ubuntu LTS containers for free which you can grab from the ECR public Gallery so that users can build and launch their own applications on top of a 5-years-supported base container. There you can also find other LTS container images for important third party open source applications such as redis, apache2, nginx, cassandra, mysql and more, ready to use out of the box.
Finally, to close off with the latest news, we are currently working on Alpine-sized Ubuntu containers. We call them Chiseled images which are the smallest possible containers that reduce footprint and the attack surface while still being the same Ubuntu you know and love; No additional packages, no package manager, no shell, no root, etc. We are confident that this will undoubtedly improve security while creating lightweight containers with a lower resource utilization.
Less than a month ago, we launched our first chiseled container with .net runtimes which got astounding support from the community.
How do you get it?
You can find Ubuntu directly on the EC2 console and Ubuntu Pro on AWS Marketplace.
Our container images are available on ECR Public Gallery and Docker Hub.
Visit Ubuntu Pro on AWS to learn more. If you already have Ubuntu Pro visit our onboarding guide to learn how to get started and get the best value from Ubuntu Pro.
Ubuntu offers all the training, software infrastructure, tools, services and support you need for your public and private clouds.