Securing the Open-Source supply chain with Ubuntu Pro on Google Cloud

It’s official: since the outbreak of the COVID-19 pandemic, cybercrime has increased by 600%. Among these, ransomware attacks are estimated to cost $6 trillion in 2021 alone. And there were nearly 550,000 ransomware attacks per day in 2020. The question is: are your workloads secure enough? In this blog, we will discuss how to make your Open Source workloads more secure in one second.

Run your mission-critical applications with Ubuntu Pro on Google Cloud

If your workloads are running on Ubuntu, congratulations! Ubuntu has been the most secure operating system since 2013, according to UK Government Communications Headquarters (GCHQ). This is thanks to Canonical’s teams, who strive to keep Ubuntu at the forefront of safety and reliability. Earlier this year, Canonical and Google launched Ubuntu Pro on Google Cloud, a premium image designed to deliver the most comprehensive security and compliance features on public clouds. Ubuntu Pro allows instant access to security patching, covering more than 30,000 open source applications for up to 10 years. It also comes with critical compliance features essential to running workloads in regulated environments.

Upgrading Ubuntu LTS workloads to Pro in seconds

Now you can run your mission-critical applications on this brand new Ubuntu Pro. But how about your running workloads on Ubuntu LTS? How to migrate them to new Ubuntu Pro virtual machines?

The good news is, you don’t have to. Google and Canonical have been working together to give you the most seamless experience while getting industry-leading protection. Today, you can upgrade your Ubuntu LTS to Ubuntu Pro with one command.

Suppose you have one VM running on Ubuntu 16.04 LTS. Here is how it works:

• Step 1: Stop that machine

$ gcloud compute instances stop $INSTANCE_NAME

• Step 2: Append Ubuntu Pro license to the disk

$ gcloud beta compute disks update $INSTANCE_NAME –zone=$ZONE –update-user-licenses=”https://www.googleapis.com/compute/v1/projects/ubuntu-os-pro-cloud/global/licenses/ubuntu-pro-1604-lts”

• Step 3: Start the machine

$ gcloud compute instances start $INSTANCE_NAME

And that is it! Now you have upgraded your Ubuntu 16.04 LTS into Ubuntu 16.04 Pro. Let’s see what it looks like now. When you SSH into this machine, input the following:

$ ua status

You should see:

Since you have upgraded your Ubuntu to Ubuntu Pro, this versatile machine will immediately update kernel patches whenever available, extend security coverage for the most important open source applications, such as Apache Kafka, NGINX, MongoDB, Redis and PostgreSQL…

A spell to rule them all

Now, if you just want all these great security features at once, here us the single magic spell you need to remember:

$ gcloud beta compute disks update BOOT_DISK_NAME   –zone=ZONE   –update-user-licenses=”LICENSE_URI”

Replace the following:

• BOOT_DISK_NAME: the name of the boot disk to append the license to
• ZONE: the zone containing the boot disk to append the license to
• LICENSE_URI: the license URI for the version of Ubuntu Pro you are upgrading to. The following table shows the license URI for the supported versions of Ubuntu Pro:

Ubuntu Pro version	License URI
Ubuntu Pro 16.04 LTS	https://www.googleapis.com/compute/v1/projects/ubuntu-os-pro-cloud/global/licenses/ubuntu-pro-1604-lts
Ubuntu Pro 18.04 LTS	https://www.googleapis.com/compute/v1/projects/ubuntu-os-pro-cloud/global/licenses/ubuntu-pro-1804-lts
Ubuntu Pro 20.04 LTS	https://www.googleapis.com/compute/v1/projects/ubuntu-os-pro-cloud/global/licenses/ubuntu-pro-2004-lts

For comprehensive instruction, please refer to official Google Cloud documentation: Upgrade from Ubuntu to Ubuntu Pro.

Please subscribe to ubuntu.com/blog, we will dive deep into all these security features soon.