Build Ubuntu Pro golden image¶
A golden image is a base image that is used as a template for your virtual machines. You can create it from your Google Cloud console’s Cloud Shell (as explained below) or using other tools like Packer.
We’ll be using Ubuntu Pro 22.04 as the base image, although the steps should work fine for all Pro images available in your console.
Create a golden image¶
In your Google Cloud console, search for the ‘Cloud Shell’ product and open it by selecting Go to console. Once in, look for the available Ubuntu Pro images:
gcloud compute images list --project=ubuntu-os-pro-cloud | grep ubuntu-pro
NAME: ubuntu-pro-1604-xenial-v20230710
FAMILY: ubuntu-pro-1604-lts
NAME: ubuntu-pro-1804-bionic-arm64-v20230921
FAMILY: ubuntu-pro-1804-lts-arm64
NAME: ubuntu-pro-1804-bionic-v20230921
FAMILY: ubuntu-pro-1804-lts
NAME: ubuntu-pro-2004-focal-arm64-v20230920
FAMILY: ubuntu-pro-2004-lts-arm64
NAME: ubuntu-pro-2004-focal-v20230920
FAMILY: ubuntu-pro-2004-lts
NAME: ubuntu-pro-2204-jammy-arm64-v20230921
FAMILY: ubuntu-pro-2204-lts-arm64
NAME: ubuntu-pro-2204-jammy-v20230921
FAMILY: ubuntu-pro-2204-lts
NAME: ubuntu-pro-fips-1804-bionic-v20230530
FAMILY: ubuntu-pro-fips-1804-lts
NAME: ubuntu-pro-fips-2004-focal-v20230920
FAMILY: ubuntu-pro-fips-2004-lts
From the options seen, choose Ubuntu Pro 22.04 and use its family name in the golden image creation command below:
gcloud compute images create golden-image --source-image-family=ubuntu-pro-2204-lts --source-image-project=ubuntu-os-pro-cloud
In a bit you’ll see output similar to the following and the created golden image will be available in your image gallery.
Created [https://www.googleapis.com/compute/v1/projects/[YOUR_PROJECT]/global/images/golden-image].
NAME: golden-image
PROJECT: [YOUR_PROJECT]
FAMILY:
DEPRECATED:
STATUS: READY
Verify that the image contains the Ubuntu Pro license:
gcloud compute images describe golden-image
architecture: X86_64
archiveSizeBytes: '1094443008'
creationTimestamp: '2023-09-29T03:56:22.275-07:00'
diskSizeGb: '10'
guestOsFeatures:
- type: VIRTIO_SCSI_MULTIQUEUE
- type: SEV_CAPABLE
- type: SEV_SNP_CAPABLE
- type: SEV_LIVE_MIGRATABLE
- type: UEFI_COMPATIBLE
- type: GVNIC
id: '8518177910815396794'
kind: compute#image
labelFingerprint: 42WmSpB8rSM=
licenseCodes:
- '2592866803419978320'
licenses:
- https://www.googleapis.com/compute/v1/projects/ubuntu-os-pro-cloud/global/licenses/ubuntu-pro-2204-lts
name: golden-image
selfLink: https://www.googleapis.com/compute/v1/projects/ubuntu-dimple/global/images/golden-image
shieldedInstanceInitialState:
[...]
The line starting with “licenses:” shows the expected Pro license.
Create an instance using the golden image¶
To create an instance based on this golden image, run:
gcloud compute instances create instance-from-golden-image --image=golden-image
Created [https://www.googleapis.com/compute/v1/projects/ubuntu-dimple/zones/asia-southeast1-a/instances/instance-from-golden-image].
NAME: instance-from-golden-image
ZONE: asia-southeast1-a
MACHINE_TYPE: n1-standard-1
PREEMPTIBLE:
INTERNAL_IP: 10.148.0.2
EXTERNAL_IP: 34.143.153.215
STATUS: RUNNING
Now SSH into this new instance:
gcloud compute ssh instance-from-golden-image
The SSH command might need you to create an SSH key for gcloud if you don’t have one already. Once you complete the steps and reach the prompt of the new instance, check its license by running:
pro status
The output should be similar to the following and indicates that Pro features such as ESM and livepatch are enabled.
SERVICE ENTITLED STATUS DESCRIPTION
anbox-cloud yes disabled Scalable Android in the cloud
esm-apps yes enabled Expanded Security Maintenance for Applications
esm-infra yes enabled Expanded Security Maintenance for Infrastructure
livepatch yes enabled Canonical Livepatch service
usg yes disabled Security compliance and audit tools
For a list of all Ubuntu Pro services, run 'pro status --all'
Enable services with: pro enable <service>
Account: ubuntu-dimple
Subscription: ubuntu-dimple
Valid until: Fri Dec 31 00:00:00 9999 UTC
Technical support level: essential