Your submission was sent successfully! Close

Jump to main content
  1. Blog
  2. Article

Carlos Bravo
on 15 September 2022

Canonical is excited to partner with AWS and feature on this week’s episode of AWS on Air. Watch us live on September 16, at 12pm PT.

As the publisher of the Linux distribution Ubuntu, Canonical support, secure, and manage Ubuntu infrastructure and devices for thousands of businesses. Ubuntu runs from cloud to edge. It is the platform that everybody uses on the public cloud including AWS, and the preferred workstation experience for builders all over the world!

In this blog we will do a deep dive into key reasons why enterprises choose Ubuntu and how it helps companies run open source securely in the cloud.

1. Ubuntu is the builder’s OS of choice.

Whether it be from software development to machine learning data scientists and engineers, from your desktop to the cloud, from the ones who want freedom and low time to market to the ones who need security and compliance, Ubuntu has you covered!

According to Hackerearth Developer Survey 2021, Ubuntu is the preferred Linux operating system by developers.

This story applies on the cloud as well. Ubuntu is the most used third party Operating System running production workloads. Ubuntu powers more than 60% of the cloud workloads today.

Why is Ubuntu the builder’s OS of choice?

There are several reasons behind this. While every case has it’s unique particularities, the reason builders prefer Ubuntu can be summarized into three points:

  • It gives users the freedom of linux and a way to consume or use open source software with no toil on configuration, maintenance, security and so on.
  • The strong community behind Ubuntu makes it the best supported OS on the market. A simple google on how to do something in Ubuntu will get you hundreds of relevant results. Its third party open source repository “Universe” is also maintained and supported by both the community and Canonical.
  • Ubuntu has a dedicated version for those that require additional security and compliance. Upgrade to Ubuntu Pro to enjoy extended maintenance support (including more than 30,000 third party open source packages), livepatch, FIPS for FedRamp compliance and CIS/Disa-Stig hardening profiles.

2. Ubuntu is secure by design

Did you know that according to a study done this year by Synopsys with over 2,400 commercial codebases, 78% of code reviewed was open source, which shows that open source is everywhere! The study revealed that  88% of these codebases contained components with outdated versions with 81% containing at least one vulnerability. The main reasons for these vulnerabilities were that the majority of the reviewed apps were either running with components over 4 years or had no updates from the vendor. If you recall equifax’s data breach or log4j vulnerability episode, you will understand the danger this poses. 

This shows that security should be prioritized not only in enterprises but everyone. Having a way to get in-call-support, committed or SLA’d maintenance and enterprise compliance is more critical than ever. Nobody should  deploy an open source application with no support or further maintenance. Just imagine. What happens if tomorrow someone discovers a security vulnerability on a package in your app?

Security is in the core of Ubuntu. No system is perfectly secure and vulnerabilities will always arise. This makes the speed and success with which these issues are resolved evermore important. Ubuntu also comes with automatic critical updates and committed security maintenance as part of its LTS model, which covers Ubuntu for 5 years from its release date.

For companies and enterprises that need professional solutions, such as SLA’d support, compliance, and other additional features, upgrade to Ubuntu Pro on the AWS Marketplace.

Ubuntu Pro is the same Ubuntu everybody knows and loves with further access to extended maintenance and security support up to 10 years from the release date. It includes kernel livepatch, FIPS for FedRamp compliance, CIS and Disa-stig automated hardening profiles. Additionally it includes security maintenance for more than 30,000 third party open source packages from Ubuntu repositories. 

Our team is here to ensure our users can consume OSS securely and consistently.

3. Ubuntu is the first choice on public clouds

Ubuntu server is available as a first citizen on all major cloud platforms, running more than 60% of the cloud workloads. 

We have had an active collaboration with AWS for over a decade. Ubuntu is available as a native and optimized OS on EC2 and other AWS services such as EKS, Lightsail, and even as container images on ECR Public Gallery.

You will always find the latest and greatest Ubuntu on AWS.

4. Ubuntu ensures security even on containers

Containers are great! We believe that they are the natural evolution of cloud services where you can focus on the top layer of the stack, while getting more portability, scalability, easier management, and much more.

But, according to a study done by Unit42 from Palo Alto Networks on 2021, they found out that 96% of third-party container applications deployed in cloud infrastructure contained known vulnerabilities. 

This means that the security concerns remain the same, if not more in containers. Even if you are using managed services to keep the risk low, what goes into the container needs to be secure; from the base layers to the packages you are installing into it (i.e. provenance and maintenance).

On top of that, containers are more challenging, since they are harder to keep up to date compared to a VM. They are immutable assets as once you publish a container, it runs with a different lifecycle than a VM. In other words, you don’t log in and run an update but have to rebuild and redeploy.

We have Ubuntu LTS containers for free which you can grab from the ECR public Gallery so that users can build and launch their own applications on top of a 5-years-supported base container. There you can also find other LTS container images for important third party open source applications such as redis, apache2, nginx, cassandra, mysql and more, ready to use out of the box.

Finally, to close off with the latest news, we are currently working on Alpine-sized Ubuntu containers. We call them Chiseled images which are the smallest possible containers that reduce footprint and the attack surface while still being the same Ubuntu you know and love; No additional packages, no package manager, no shell, no root, etc. We are confident that this will undoubtedly improve security while creating lightweight containers with a lower resource utilization.

Less than a month ago, we launched our first chiseled container with .net runtimes which got astounding  support from the community.

Learn more in “AWS On Air” featuring Canonical

Discover more reasons why you should use Ubuntu on AWS in this AWS On Air episode with Carlos Bravo, Public Cloud Alliance Director at Canonical.

How do you get it?

You can find Ubuntu directly on the EC2 console and Ubuntu Pro on AWS Marketplace. 

Our container images are available on ECR Public Gallery and Docker Hub.
Visit Ubuntu Pro on AWS to learn more. If you already have Ubuntu Pro visit our onboarding guide to learn how to get started and get the best value from Ubuntu Pro.

Related posts

Aaron Whitehouse
12 September 2023

Ubuntu updates, releases and repositories explained

Cloud and server Article

Since we launched Ubuntu Pro’s Expanded Security Maintenance for additional packages, and we now integrate more closely with public cloud update management tools, more people have been asking us about the Ubuntu archive and how this is divided and security patched. In this blog we will therefore explain Ubuntu releases, how the Ubuntu arc ...

5 September 2023

도커(Doker) 컨테이너 보안: 우분투 프로(Ubuntu Pro)로 FIPS 지원 컨테이너 이해하기

FIPS Security

오늘날 급변하는 디지털 환경에서 강력한 도커 컨테이너 보안 조치의 중요성은 아무리 강조해도 지나치지 않습니다. 컨테이너화된 계층도 규정 준수 표준의 적용을 받기 때문에 보안 문제 및 규정 준수 요구 사항이 발생합니다. 도커 컨테이너 보안 조치는 경량의 어플라이언스 유형 컨테이너(각 캡슐화 코드 및 해당 종속성)를 위협 및 취약성으로부터 보호하는 것을 수반합니다. 민감한 개인 데이터를 처리하는 데 의존하는 ...

Alex Murray
20 July 2023

Securing open source through CVE prioritisation

Cloud and server Article

According to a recent study, 96% of applications in the enterprise market use open-source software. As the open source landscape becomes more and more fragmented, the task to assess the impact of potential security vulnerabilities for an organisation can become overwhelming. Ubuntu is known as one of the most secure operating systems, but ...