Canonical provides a 12-year long-term support option for all publicly available Docker images.

Share it

Canonical Introduces Extended Support Option for Docker Images

Canonical, on the 26th of June 2024, announced a significant expansion to its LTS services by unveiling a new distroless Docker image creation and maintenance service capable of providing security updates for up to 12 years. The CEO of Canonical, Mark Shuttleworth, highlighted the comprehensive nature of this LTS offering, ensuring CVE maintenance for the entire open source dependency tree, including components not traditionally packaged in Ubuntu deb packages.

This initiative, called ‘Everything LTS’, broadens the Ubuntu Pro ecosystem with a multitude of new open source elements, such as cutting-edge AI/ML tools. By committing to securing these components, Canonical aims to aid compliance with various regulatory standards, including FIPS and FedRAMP, offering customers peace of mind regardless of the complexity of their open source stack.

Customers can engage Canonical to design custom Docker images for open source applications or base images containing all necessary dependencies for their proprietary software. These distroless containers boast a minimal attack surface and are supported across various platforms, ensuring longevity and security with over a decade of CVE maintenance.

Distroless Containers: Stripping Down for Security

Research indicates that a vast majority of codebases harbor open source vulnerabilities, with a noteworthy percentage being deemed high risk. Distroless containers adhere to a design philosophy focused on containing only essential files required to operate a single application efficiently. By eliminating extraneous utilities, these containers become harder to exploit, offering enhanced security postures when vulnerabilities emerge.

Canonical introduces Chiselled Ubuntu containers, a subset of distroless containers engineered with Chisel to meticulously include only indispensable application dependencies. By shedding surplus metadata and tools, these containers lessen their attack surface, presenting a streamlined and fortified environment for applications.

Developers leverage the familiar Ubuntu toolchain to construct these containers, streamlining the process and ensuring compatibility. Chisel integration facilitates a seamless transition between a distribution-based development workflow and a sleek, distroless production setting, simplifying debugging and enhancing operational efficiency.

Precision Runtimes for .NET Enterprise Applications

Canonical and Microsoft have collaborated to optimize chiselled containers for the .NET ecosystem, reducing container size significantly for improved performance. This partnership emphasizes enhancing customer workflows, ease of use, and security, resulting in leaner, more efficient containers tailored for enterprise-grade .NET applications.

Wide Platform Support for Enhanced Flexibility

Canonical’s LTS commitment extends beyond Ubuntu environments, catering to enterprises bound by specific host OS requirements. By standardizing on the OCI format, supported across diverse Linux distributions, Canonical ensures seamless integration and operation on various platforms such as RHEL, VMware, and public cloud Kubernetes clusters.

Ensuring compliance with stringent regulations like FedRAMP and HIPAA is simplified through Canonical’s approach, offering a cost-effective means to manage container estates across hybrid and public clouds. The integration of Ubuntu Pro with certified public cloud providers streamlines access to LTS containers, optimizing security and scalability for customer workloads.

Robust Support for AI/ML Toolchains

Canonical’s partnership network and customer base benefit from extensive AI/ML container offerings, leveraging top-tier open source dependencies maintained alongside Ubuntu. This collection includes LTS containers catering to diverse AI workloads and solutions, empowering enterprises and ISVs to accelerate AI initiatives effortlessly.

Securing the Future with LTS Commitments

Canonical’s comprehensive LTS service encapsulates a 12-year support commitment, ensuring prolonged security maintenance for custom Docker images. Leveraging their expertise and community partnerships, Canonical emerges as a reliable partner poised to navigate evolving regulatory landscapes and emerging security challenges.

Staying Compliant and Forward-Looking

Canonical assists organizations in meeting stringent vulnerability management requirements, enabling seamless compliance with regulations like the EU Cyber Resilience Act. The use of Canonical-supported containers in highly regulated environments underscores their trustworthiness and security, aligning with industry standards and certifications.

By offering access to FIPS 140-2 certified cryptographic packages, Canonical shores up compliance for a range of regulatory frameworks, delivering secure containers aligned with the highest industry standards.

Unveiling Distroless Solutions from Canonical

To learn more about Canonical’s groundbreaking LTS services for Docker images, visit Canonical’s Blog.

🤞 Don’t miss these tips!

🤞 Don’t miss these tips!

Solverwp- WordPress Theme and Plugin