Re: Ubuntu 1604 Iso
Velasco Thibault
I have recently enabled the Ubuntu 1404 and Ubuntu 1604 patch sites, for which we have a small number of endpoints. The instructions (see link below) and IBM support specifically say that the task Setup Download Whitelist for Ubuntu (Linux Server) is necessary for setting up these Ubuntu patch sites - but I cannot find this task anywhere in either of the Patches for Ubuntu 1404 or Patches for Ubuntu 1604 sites.
I manually added the following two entries to the DownloadWhitelist.txt file under BES Server -> Mirror Server -> Config, but am not sure if this is enough or if this is even necessary with these patch sites:
I eventually found them - for some reason the whitelist fixlets are showing as not relevant, and I thought I had that particular box checked when doing the search for them (Show Non-Relevant Content), but apparently not, because this is how I ultimately found them (although I am, of course, unable to run them, since they are not relevant to the Bigfix server, or any endpoint).
We are excited to announce a new Ubuntu 16.04-based machine executor image, ubuntu-1604:202004-01, which is similar to the existing ubuntu-1604:201903-01 but with Docker 19.03 installed as well as updates to other software installed on the image. See the machine executor docs for more information about how to use the image.
How can someone even rely upon having deterministic builds for their products if patches are shipped silently. Additionally it makes debugging even harder if something accidently go wrong for pipeline execution.
I have some build pipelines that build Linux based Docker images and run on the Hosted Linux Preview pool. Recently I noticed a pool called Hosted Ubuntu 1604. On this page, Hosted Linux Preview is not mentioned, and Ubuntu 1604 is recommended for Docker.
The Microsoft-hosted agents page now has information on the deprecation of the Hosted Linux Preview pool and how to migrate over to the Hosted Ubuntu 1604 pool. (I'm sure this information wasn't there when I asked this question, but I could be wrong...).
I am new to ROS2 and wanted to install it on Ubuntu 16.04. I could find the binaries for ubuntu bionic and windows but there isnt one for Ubunutu xenial. Is there a way to use ROS2 with xenial ? Thank you
Easier may be to use Docker. There are official Docker images available for all (recent) ROS 2 releases. Refer to Announcing Official Docker Images for ROS2 for the announcement (note: it refers to crystal, which is an older ROS 2 release. Current images would be for eloquent and foxy).
Docker is an application that makes it simple and easy to run application processes in a container, which are like virtual machines, only more portable, more resource-friendly, and more dependent on the host operating system. For a detailed introduction to the different components of a Docker container, check out The Docker Ecosystem: An Introduction to Common Components.
There are two methods for installing Docker on Ubuntu 16.04. One method involves installing it on an existing installation of the operating system. The other involves spinning up a server with a tool called Docker Machine that auto-installs Docker on it.
The Docker installation package available in the official Ubuntu 16.04 repository may not be the latest version. To get this latest version, install Docker from the official Docker repository. This section shows you how to do just that.
After an image has been downloaded, you may then run a container using the downloaded image with the run subcommand. If an image has not been downloaded when docker is executed with the run subcommand, the Docker client will first download the image, then run a container using it:
The hello-world container you ran in the previous step is an example of a container that runs and exits after emitting a test message. Containers can be much more useful than that, and they can be interactive. After all, they are similar to virtual machines, only more resource-friendly.
When you start up a Docker image, you can create, modify, and delete files just like you can with a virtual machine. The changes that you make will only apply to that container. You can start and stop it, but once you destroy it with the docker rm command, the changes will be lost for good.
After installing Node.js inside the Ubuntu container, you now have a container running off an image, but the container is different from the image you used to create it. But you might want to reuse this Node.js container as the basis for new images later.
The -m switch is for the commit message that helps you and others know what changes you made, while -a is used to specify the author. The container ID is the one you noted earlier in the tutorial when you started the interactive Docker session. Unless you created additional repositories on Docker Hub, the repository is usually your Docker Hub username.
In the above example, ubuntu-nodejs is the new image, which was derived from the existing ubuntu image from Docker Hub. The size difference reflects the changes that were made. In this example, the change was that Node.js was installed. Next time you need to run a container using Ubuntu with Node.js pre-installed, you can just use the new image.
The next logical step after creating a new image from an existing image is to share it with a select few of your friends, the whole world on Docker Hub, or another Docker registry that you have access to. To push an image to Docker Hub or any other Docker registry, you must have an account there.
Note: If your Docker registry username is different from the local username you used to create the image, you will have to tag your image with your registry username. For the example given in the last step, you would type:
It should be noted that if you are installing this on a VPS using OpenVZ (ovz) for virtualization, you may encounter problems as older versions of ovz use a 2.6.* kernel which is incompatible with docker. AFAIK your options are to find a different vps or not user docker.
Last week Ubuntu 16.04 transitioned to ESM (Extended Security Maintenance). I wrote a blog about the transition and what it means, and the available options. @rhys-davies put together a wiki page to explain some of the terminology.
When you install Ubuntu Advantage (package ubuntu-advantage-tools) on Xenial, and enable only esm-infra service, it installs the file /etc/apt/sources.list.d/ubuntu-esm-infra.list with the two following lines:
so no xenial-updates since we only wanted to have pure security updates and no more (e.g. bugfix) updates (to keep the change minimal), can we delete the line with xenial-infra-updates from /etc/apt/sources.list.d/ubuntu-esm-infra.list, so we stay on the security-only chanel?
The xenial-infra-updates pocket is used to deliver bug fixes for packages in ESM - and pretty much corresponds to the xenial-updates pocket during the LTS phase of the release - so you can treat it the same way (ie. include it in addition to the -security one if you prefer, or not).
Background: We learned that once you enabled xenial-updates in /etc/apt/sources.list you cannot remove it anymore (leaving only xenial-security), because afterwards you cannot install new packages that depend on other packages that had been updated through xenial-updates before, so the version of the depended packages is newer than the to-be-installed package expects, so you have broken dependencies
When the security team prepares updates for the security pocket (aka -security) (whether ESM or during the normal support timeframe) we take whichever is the highest version from either the updates OR the security pocket and then patch that and release it to the security pocket. As such, -security can end up containing the changes from -updates anyway, so it is not strictly true that disabling -updates means you only ever get just security updates. This is just the nature of package versioning that we need to ensure that for all users (regardless of whether they have only security or both security+updates enabled) that they can always upgrade to the security updated version (ie the version number has to be strictly greater than anything prior to that).
We also try and make sure that we also bring to the security pocket any dependent packages from updates (say since the new version might require a newer version of a given dependency that is only in the updates pocket).
Saying that, if you have never used -updates it should be fine to use just -security - and the same goes for the ESM sources as well - this is a supported configuration as far as the security team is concerned. However, the default on install is to use both -security and -updates and this is what the vast majority of Ubuntu machines end up using.
Answering myself I guess it should be safe on a host with both xenial-security and xenial-updates enabled in LTS repo to have only the ESM-Repo xenial-infra-security without xenial-infra-updates, because xenial-infra-security can stand alone for itself and has no dependencies on xenial-infra-updates, so if the latter is absent, still a new version from xenial-infra-security will be newer than both xenial-updates and xenial-security, and so no package from the EOL LTS repo will miss something, that it just does not know.
Just noticed that unfortunately the package ubuntu-advantage-tools (needed for ESM) is in repo xenial-updates.
So we would need our Xenial Hosts that have currently only xenial-security and not xenial-updates do include the latter and update then many packages (which we wanted to avoid) just to have access to the ubuntu-advantage-tools package. That is not nice. While I can understand that a new package does not suit to xenial-security well since it is not a security patch for an existing package, without it you just do not have any ESM security patches at all, so this is somehow paradox. I think the ubuntu-advantage-tools package is a security meta package, so it should better have been included in the xenial-security repo after LTS EOL.