machine

The machine project attempts to provide a managed endpoint.

Goals

The goals of this project are to:

• Use same configuration for bare metal machines and cloud VMs.

• Support Canonical's Enterprise services but support unlicensed users as well.

• Identify and satisfy cybersecurity and compliance requirements with open source solutions.

• Develop a free and open source reference implementation of a managed Linux endpoint.

• Apply updates to managed endpoints by committing changes to Git.

Feature set

The core feature set we've identified thus far is as follows:

• Run Ubuntu LTS

• Provision with cloud-init, autoinstall

• Manage with Ansible

• Secure boot

• Full-disk encryption

• Auto-install security updates

• Pre-installed with cloud native developer tools

• Integration points for site-specific management software (e.g. Crowdstrike)

• (stretch goal) Managed identities with Active Directory

• (stretch goal) TPM-backed disk encryption

• (stretch goal) Atomic distribution upgrades