What’s Golden Picture
A Golden picture is a base picture that’s used as a template on your group’s numerous digital machines both on-prem or within the public cloud. It streamlines software program growth processes since mission-critical purposes are depending on a licensed setting. Utilizing Golden Pictures saves quite a few hours and assets as they create constant environments on your builders and operation groups. Golden Pictures not solely assist forestall human errors but additionally standardize VM configurations.
Why we use Ubuntu Professional to create Golden Pictures
Amongst many different advantages, Ubuntu Professional provides safety protection for crucial open-source purposes like Apache Kafka, NGINX, MongoDB, Redis, and PostgreSQL. I consider this safety assurance does align along with your goal of constructing Golden Pictures.
Create Ubuntu Professional Golden Picture on Google Cloud
We are going to use Cloud Shell to create a Golden Picture. After all, you should use different instruments, equivalent to Packer, to create Golden Pictures. We could talk about these instruments in one other article. We are going to use Ubuntu Professional 22.04 as the bottom picture for the picture. You need to use any Ubuntu Professional photos that you just discover in your Google Cloud Console.
As soon as we logged in to Google Cloud Console, in Cloud Shell, we enter:
gcloud compute photos record --project=ubuntu-os-pro-cloud | grep ubuntu-pro
NAME: ubuntu-pro-1604-xenial-v20220810
FAMILY: ubuntu-pro-1604-lts
NAME: ubuntu-pro-1804-bionic-v20220902
FAMILY: ubuntu-pro-1804-lts
NAME: ubuntu-pro-2004-focal-v20220905
FAMILY: ubuntu-pro-2004-lts
NAME: ubuntu-pro-2204-jammy-v20220923
FAMILY: ubuntu-pro-2204-lts
NAME: ubuntu-pro-fips-1804-bionic-v20220829
FAMILY: ubuntu-pro-fips-1804-lts
NAME: ubuntu-pro-fips-2004-focal-v20220829
FAMILY: ubuntu-pro-fips-2004-lts
We discover 6 totally different variations of Ubuntu Professional photos. We are going to decide Ubuntu Professional 22.04 for this demo. Let’s create a Gloden Picture from this Ubuntu Professional 22.04 official picture:
gcloud compute photos create golden-image3 --source-image-family=ubuntu-pro-2204-lts --source-image-project=ubuntu-os-pro-cloud
Created [https://www.googleapis.com/compute/v1/projects/[YOUR_PROJECT]/world/photos/golden-image].
NAME: golden-image
PROJECT: [YOUR_PROJECT]
FAMILY:
DEPRECATED:
STATUS: READY
Performed. We’ve created a Golden Picture. You will see it in your picture gallery.
Let’s examine if this Golden Picture accommodates the Ubuntu Professional license:
gcloud compute photos describe golden-image
structure: X86_64
archiveSizeBytes: '1000068480'
creationTimestamp: '2022-09-28T15:24:56.705-07:00'
diskSizeGb: '10'
guestOsFeatures:
- kind: VIRTIO_SCSI_MULTIQUEUE
- kind: SEV_CAPABLE
- kind: UEFI_COMPATIBLE
- kind: GVNIC
id: '550225037951072087'
variety: compute#picture
labelFingerprint: 42WmSpB8rSM=
licenseCodes:
- '2592866803419978320'
licenses:
- https://www.googleapis.com/compute/v1/tasks/ubuntu-os-pro-cloud/world/licenses/ubuntu-pro-2204-lts
identify: golden-image
selfLink: https://www.googleapis.com/compute/v1/tasks/confident-sweep-285415/world/photos/golden-image3
shieldedInstanceInitialState:
[...]
The license block “licenses: – https://www.googleapis.com/compute/v1/tasks/ubuntu-os-pro-cloud/world/licenses/ubuntu-pro-2204-lts” exhibits that this picture accommodates the Ubuntu Professional license.
Let’s use this Golden Picture to create an occasion:
gcloud compute situations create instance-from-golden-image --image=golden-image
Created [https://www.googleapis.com/compute/v1/projects/[YOUR_PROJECT]/zones/us-east1-b/situations/instance-from-golden-image].
NAME: instance-from-golden-image
ZONE: us-east1-b
MACHINE_TYPE: n1-standard-1
PREEMPTIBLE:
INTERNAL_IP: 10.142.0.45
EXTERNAL_IP: 34.139.200.39
STATUS: RUNNING
Then SSH into this machine to examine its license:
gcloud compute ssh instance-from-golden-image
ua standing
This machine is entitled to all of the Ubuntu Professional options, equivalent to ESM and Livepatch.
We’ve efficiently created a Ubuntu Professional Golden Picture. It’s time for the entire group to make use of this Golden Picture.
Share Golden Picture
To ensure that different customers in my group to make use of this Golden Picture, I have to authorize them to Compute Picture Person position (roles/compute.imageUser). So they may have permission to record, learn, and use photos. This apply follows the Least Privilege precept, so these picture customers don’t produce other permissions to change this Golden Picture.
We choose the Golden Picture within the Picture Gallery, and click on ADD PRINCIPAL within the INFO PANEL:
Then enter the e-mail handle of the identification I wish to share the picture with (I entered my e-mail handle for this demo). And I choose Picture Person within the Function record.
We might also grant customers the Viewer IAM position (roles/viewer) for the picture undertaking to make sure that the shared picture seems within the picture choice record.
That’s it. We created a Golden Picture on Google Cloud and shared it with the customers who want to make use of it. We could talk about how you can use Packer to create Golden Picture, how you can create a Golden Picture with the preinstalled software, and how you can create a Golden Picture from a working digital machine subsequent time. Keep tuned!