Add GCP how-to: Create different instance types on GCP

google/canonical-offerings.rst

@@ -0,0 +1,49 @@
+Canonical's Offerings on GCP
+============================
+
+With an optimised Ubuntu GCP kernel built in collaboration between Google and Canonical to deliver the very
+best performance on the Google Cloud hypervisor, Ubuntu is a popular Linux OS on GCP for both virtual machines 
+and container workloads - i.e. for both Google Cloud Engine (GCE) and Google Kubernetes Engine (GKE).
+
+The ``linux-gcp`` kernel enables accelerated networking with the Compute Engine Virtual Ethernet device and supports the Google latest Tau VM, enabling scale-out optimised workloads. These advantages contribute to Ubuntu being the default host images for Anthos Multi-cloud.
+
+Another useful feature is the native integration of Ubuntu images with the Administrator console. This enables things like patch management and in-place upgrade of Ubuntu LTS images to Ubuntu Pro without the need for workload redeployment.
+
+GCE Images
+~~~~~~~~~~
+
+For each active Ubuntu release, at least two image variants are created for GCE: 
+
+* **Base** images that contain a full Ubuntu development environment
+* **Minimal** images that have a smaller footprint than base images, and are designed for production instances that will never be accessed by a human
+
+Apart from these, 
+
+* **Ubuntu Pro** images are created for 16.04, 18.04, 20.04, 22.04 and 
+* **Ubuntu Pro FIPS** images are created for 18.04 and 20.04
+
+Finally, there's a special sub-family of Google images:
+
+* **Guest** images that are built with the Google guest agent and
+* **Kernel** images that are built with the Google kernel
+
+These are used by Google to do automated testing of new kernels and/or guests.
+
+
+GKE images
+~~~~~~~~~~
+
+GKE is Google Cloud's Kubernetes offering. Canonical produces host images for GKE that act as a base for running end user containers. These images include GKE's own custom cloud ``gke`` kernel and custom NVIDIA drivers for use with the custom kernel.
+
+
+
+Anthos - Google's multi-cloud GKE strategy
+~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+
+For the various Anthos versions available for different clouds, Canonical provides the following:
+
+* **Anthos on AWS** - Consultation support
+* **Anthos on Azure** - Consultation support
+* **Anthos on bare metal** - Ubuntu images based on a DISA STIG hardened 20.04 FIPS compliant version.
+* **Anthos on VMware** - A series of CIS hardened and unhardened Ubuntu images in the form of OVAs to be used with VMware
+

google/google-how-to/create-different-instance-types.rst

@@ -0,0 +1,53 @@
+Create different instance types on GCP
+======================================
+
+The procedure for creating different instance types on GCP basically boils down to choosing the correct options on your google console. Some specific examples are given below.
+
+
+Create and Ubuntu Pro 22.04 instance
+------------------------------------
+
+On your google console, while creating a new instance from :guilabel:`Compute Engine` > :guilabel:`VM instances`> :guilabel:`CREATE INSTANCE`:
+
+* select ``Ubuntu Pro`` and ``Ubuntu 22.04 Pro Server`` in :guilabel:`Boot disk` > :guilabel:`CHANGE` > :guilabel:`Operating system` and :guilabel:`Version`
+
+Once the instance is up, ssh into it and run
+
+.. code::
+
+   ua status
+
+to check that ``livepatch``, ``esm-apps`` and ``esm-infra`` are enabled.
+
+
+
+Create an ARM-based instance
+----------------------------
+
+On your google console, while creating a new instance from :guilabel:`Compute Engine` > :guilabel:`VM instances`> :guilabel:`CREATE INSTANCE`:
+
+* choose the ARM CPU platform ``T2A`` in :guilabel:`Machine configuration` > :guilabel:`Series`
+* choose an ARM compatible OS and version, say ``Ubuntu`` and ``Ubuntu 22.04 LTS Minimal`` in :guilabel:`Boot disk` > :guilabel:`CHANGE` > :guilabel:`Operating system` and :guilabel:`Version` 
+
+
+
+Create a confidential compute enabled VM
+----------------------------------------
+
+On your google console, while creating a new instance from :guilabel:`Compute Engine` > :guilabel:`VM instances`> :guilabel:`CREATE INSTANCE`:
+
+* select :guilabel:`Confidential VM service` > :guilabel:`ENABLE`
+
+It'll show you the available machine type - ``N2d-standard-2`` and OS image - ``Ubuntu 20.04 LTS Pro FIPS Server``. On selecting :guilabel:`ENABLE` again, the changes will be reflected under the :guilabel:`Machine configuration` and :guilabel:`Boot disk` sections.
+
+To check that confidential computing has been enabled correctly, once the instance is up, ssh into it and run
+
+.. code::
+
+   dmesg | grep SEV | head
+
+A statement containing: ``AMD Secure Encryption Virtulization (SEV) active`` should be displayed. 
+
+Back on the google console, select the instance and open :guilabel:`Logs` > :guilabel:`Cloud Logging`. From the list of logs, expand the one for ``sevLaunchAttestationReportEvent`` and check that the field ``integrityEvaluationPassed`` is set to ``true``.
+
+

google/google-how-to/index.rst

@@ -0,0 +1,12 @@
+How-to guides
+=============
+
+Linked below are step-by-step guides for some key operations such as: creating instances of different types on GCP, deploying Kubernetes on Ubuntu Pro and upgrading from Ubuntu 20.04 to 22.04.
+
+
+.. toctree::
+   :maxdepth: 1
+
+   create-different-instance-types
+   deploy-kubernetes-with-ubuntu-pro
+   upgrade-from-focal-to-jammy

google/index.rst

@@ -15,69 +15,6 @@ and features needed to run specific workloads.
 
 ---------
 
-Canonical's Offerings on Google Cloud
--------------------------------------
-
-With an optimised Ubuntu GCP kernel built in collaboration between Google and Canonical to deliver the very
-best performance on the Google Cloud hypervisor, Ubuntu is a popular Linux OS on GCP for both virtual machines 
-and container workloads - i.e. for both Google Cloud Engine (GCE) and Google Kubernetes Engine (GKE).
-
-The ``linux-gcp`` kernel enables accelerated networking with the Compute Engine Virtual Ethernet device and supports the Google latest Tau VM, enabling scale-out optimised workloads. These advantages contribute to Ubuntu being the default host images for Anthos Multi-cloud.
-
-Another useful feature is the native integration of Ubuntu images with the Administrator console. This enables things like patch management and in-place upgrade of Ubuntu LTS images to Ubuntu Pro without the need for workload redeployment.
-
-GCE Images
-~~~~~~~~~~
-
-For each active Ubuntu release, at least two image variants are created for GCE: 
-
-* **Base** images that contain a full Ubuntu development environment
-* **Minimal** images that have a smaller footprint than base images, and are designed for production instances that will never be accessed by a human
-
-Apart from these, 
-
-* **Ubuntu Pro** images are created for 16.04, 18.04, 20.04, 22.04 and 
-* **Ubuntu Pro FIPS** images are created for 18.04 and 20.04
-
-Finally, there's a special sub-family of Google images:
-
-* **Guest** images that are built with the Google guest agent and
-* **Kernel** images that are built with the Google kernel
-
-These are used by Google to do automated testing of new kernels and/or guests.
-
-
-GKE images
-~~~~~~~~~~
-
-GKE is Google Cloud's Kubernetes offering. Canonical produces host images for GKE that act as a base for running end user containers. These images include GKE's own custom cloud ``gke`` kernel and custom NVIDIA drivers for use with the custom kernel.
-
-
-
-Anthos - Google's multi-cloud GKE strategy
-~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
-
-For the various Anthos versions available for different clouds, Canonical provides the following:
-
-* **Anthos on AWS** - Consultation support
-* **Anthos on Azure** - Consultation support
-* **Anthos on bare metal** - Ubuntu images based on a DISA STIG hardened 20.04 FIPS compliant version.
-* **Anthos on VMware** - A series of CIS hardened and unhardened Ubuntu images in the form of OVAs to be used with VMware
-
-
-----------
-
-How-to guides
--------------
-
-Linked below are step-by-step guides for some key operations: deploying Kubernetes with Ubuntu Pro on GCE, enabling confidential computing and upgrading from Ubuntu 20.04 to 22.04.
-
-* :doc:`./google-how-to/deploy-kubernetes-with-ubuntu-pro`
-* :doc:`./google-how-to/enable-confidential-computing`
-* :doc:`./google-how-to/upgrade-from-focal-to-jammy`
-
----------
-
 Project and community
 ---------------------
 
@@ -94,9 +31,9 @@ suggestions, fixes and constructive feedback.
    :hidden:
    :maxdepth: 2
 
-   google-how-to/deploy-kubernetes-with-ubuntu-pro
-   google-how-to/enable-confidential-computing
-   google-how-to/upgrade-from-focal-to-jammy
+   canonical-offerings
+   google-how-to/index
+
 
 .. _Code of conduct: https://ubuntu.com/community/governance/code-of-conduct
 .. _Get support: https://ubuntu.com/cloud/public-cloud

reuse/common-intro.txt

@@ -1,5 +1,7 @@
 .. Introduction to clouds
 
+==============================================================
+
 Start: Product need and user
 
 **The images create a stable and secure cloud platform** that is ideal for scaling development work
@@ -13,6 +15,9 @@ various security-certified images are also available.
 
 End: Product need and user
 
+==============================================================
+
+
 Start: Confidential computing
 
 Data can be thought of as being in one of three states:  
@@ -26,3 +31,5 @@ Both data in-transit and data at-rest can be encrypted using well-known techniqu
 Confidential computing is the protection of data in-use by performing computation in a hardware-based trusted execution environment. It allows the encryption of data while it is in the system memory. This requires the support of both hardware and the OS. For example, your hardware could be based on AMD's Secure Encrypted Virtualisation (SEV) architecture and the OS could be Ubuntu. 
 
 End: Confidential computing
+
+==============================================================