With 12 years of support, Landscape 24.04 LTS adds snap and repository management controls to a modernised systems management web portal and API.

London, 30 April 2024.

Today Canonical announced the availability of Landscape’s first LTS release. Landscape 24.04 LTS features a new versioned API, a new web portal with accessibility and performance in mind, and intuitive controls for software distribution. Landscape 24.04 LTS comprises Landscape Server and Landscape Client. With a modernised backend and web portal in place, engineering teams can work efficiently, focusing on patches and new features.

Predictable release cadence and 12 years of support for LTS versions

Building on Canonical’s commitment to reliability, Landscape releases going forward will align with Ubuntu LTS and interim releases for predictable security coverage, feature patches, and bug fixes.

Landscape Server 24.04 can be installed on Ubuntu 22.04 LTS and Ubuntu 24.04 LTS releases with Ubuntu Pro. Landscape Server 24.04 is compatible with the previous four Ubuntu LTS releases (Ubuntu 16.04 LTS onwards), and will manage future Ubuntu releases including Ubuntu 26.04 LTS.

Like Ubuntu 24.04 LTS, this Landscape release gets a 12 year commitment for security maintenance and support. Landscape 24.04 LTS will get five years of bug fixes and incremental feature patches until August 2029. Ubuntu Pro subscribers can continue using Landscape 24.04 LTS after these 5 years for a total of 12 years, with the Legacy Support add-on.

A new web portal built with Canonical’s Vanilla Framework

Vanilla Framework provides consistent and uniform design patterns across Canonical’s products. Landscape joins MAAS, LXD UI, and others with a responsive React JS driven user interface. This web portal is built using a new versioned API serving JSON data. This API enhancement ensures seamless integration for developers, offering a forward-looking assurance that applications developed with a particular API version will remain robust and reliable, regardless of future updates to Landscape and its accompanying API endpoints.

The Monitoring feature from the legacy Landscape web portal has not yet been migrated to Landscape 24.04 LTS, yet. Monitoring will arrive as an incremental patch for Landscape 24.04 LTS with a modern charting library, a monitoring API, and companion documentation.

Lastly, the web portal provides a significant improvement in Lighthouse scores for Accessibility. The dashboard’s accessibility scores as measured by Lighthouse improved from 70% to 95%. Landscape 24.04 LTS has a web portal which is accessible to users with deficiencies in colour vision, complete colour blindness, and other visual impairments.

Save terabytes in storage and bandwidth with point-in-time repository snapshots

Landscape’s new web portal includes an intuitive point-and-click repository mirroring experience, and the repository snapshot service is available as a source when mirroring repositories. In late 2023, Canonical became the first Linux provider to integrate a repository snapshot service with Microsoft Azure’s update mechanisms. Landscape 24.04 LTS brings this simplified and safe deployment practice capability on-premises, and to mixed and hybrid cloud environments.

Benefits of Landscape’s repository snapshot service include predictable updates, consistency across deployments, and simplified repository mirroring, providing improved resilience and security for Ubuntu workloads.

Beyond the conveniences afforded to system administrators, the repository snapshots implementation also saves over 100 terabytes of disk space and network throughput, for organisations making complete repository mirrors every week. Canonical’s on-demand repository snapshot capability extends back to February 2023 for non-ESM (Expanded Security Maintenance) repositories. This innovation frees storage and network resources, because scheduled mirroring and archival of these mirrors becomes unnecessary.

Snap management for Ubuntu and Ubuntu Core

Beyond managing Ubuntu interim and LTS releases, Landscape 24.04 LTS also manages Ubuntu Core, Canonical’s snap based, immutable and strictly-confined operating system. A strictly confined Landscape Client snap package provides snap package management, remote script execution, monitoring and inventory capabilities to Ubuntu, for anyone interested in consuming the latest Landscape Client as a snap package.

Snap management capabilities also exist in the Landscape Client Debian package, available in the Main repository for Ubuntu 24.04 LTS, and in ppa:landscape/self-hosted-24.04 for previous versions of Ubuntu.

Distribution of updated snap revisions is controlled through the Snap Store, which organisations can self-host as a snap store proxy, or as a brand store if there is a need to distribute proprietary non-public snaps within the organisation. Snap management in Landscape 24.04 LTS can add, remove, update, and pause updates from Snap Store, snap store proxy, and brand stores.

Landscape has historically provided fine grained management of Debian packages installed through the apt package manager. With Landscape 24.04 LTS, similar management capabilities arrive for snap packages, with consideration for revisions and channels, which are specific to the snap ecosystem. By default, snap packages self-update through transactional over-the-air updates, and have the ability to rollback automatically if the upgrade fails. Organisations and individuals interested in uniformity across machines can pin revisions of a snap to machines, and ensure consistency between machines that must be uniformly configured.

Next steps

• Read the Landscape datasheet
• Install Landscape 24.04 LTS on Ubuntu Server, using Ubuntu 20.04 LTS or later
• Learn to enrol Ubuntu 24.04 LTS instances with Landscape, using Pro Client

About Canonical

Canonical, the publisher of Ubuntu, provides open source security, support and services. Our portfolio covers critical systems, from the smallest devices to the largest clouds, from the kernel to containers, from databases to AI. With customers that include top tech brands, emerging startups, governments and home users, Canonical delivers trusted open source for everyone.

Learn more at canonical.com.

Discover how IBM Cloud’s bare metal servers offer highly confined and high-performing single-tenant cloud isolation through the use of Ubuntu Core and Snaps, supported by the AMD Pensando Elba DPU (Data Processing Unit). This setup enables the creation of secure and efficient environments for each tenant. Its design ensures the total separation of their servers from the cloud underlay. The architecture delivers consistent performance and enables non intrusive control from the cloud provider. Learn how this innovative solution can benefit your business and enhance your cloud infrastructure.

Introduction

Public cloud bare-metal servers offer dedicated physical resources, but can present isolation and performance challenges. Isolation requirements involve maintaining full control of compute capabilities by the tenant, while preserving the backend management of its infrastructure by the cloud provider and preventing unauthorised access. Performance requirements entail providing consistent performance even under heavy workloads. Cloud providers face challenges in ensuring physical and logical isolation, resource allocation, monitoring, management, scalability, and security. To address these complex requirements, providers must invest in advanced technologies and implement best practices for resource allocation, monitoring, and management. They also need to regularly review and update infrastructure to meet tenant needs.

In the following discussion, we will explore how IBM Cloud is addressing these challenges by harnessing the distinctive capabilities of Ubuntu Core and Snaps deployed on the AMD Pensando Elba infrastructure accelerators.

IBM Cloud Bare Metal Servers for VPC

IBM has always been dedicated to keeping clients essential data secure through a strong focus on resilience, performance, and compliance. IBM Cloud executes that focus within highly regulated industries such as finance and insurance organisations. Given IBM Cloud’s long-standing commitment to data security, it is unsurprising and essential that Bare Metal Servers for VPC (VPC BM) implements the most rigorous security guarantees to meet customers expectations.

Bare metal servers, which are physical servers dedicated to a single tenant, offer benefits such as high performance and customizability, but managing them in a multi-tenant environment can be complex. A key requirement is ensuring isolation between the tenant and the cloud backend, both to maintain security and to prevent performance issues caused by noisy neighbours.

VPC BM allows customers to select a preset server profile that best matches their workloads to help accelerate the deployment of compute resources. Customers can achieve maximum performance without oversubscription deployed in 10 minutes 

VPC BM  is powered with the latest technology. They are built for cloud-enterprise applications, including VMware and SAP, and can also support HPC and IOT workloads. They come with enhanced high-performance networking at 100 Gbps as well as advanced security features. 

A network orchestration layer handles the networking for all bare metal servers that are within an IBM Cloud VPC across regions and zones. This allows for management and creation of multiple, virtual private clouds in multi zone regions and also improves security, reduces latency, and increases high availability.

“I selected IBM Cloud VPC because of 5 points that I thought and was proven correct based on my experience using the service. First is security. Secondly is agility. The third is isolation. Fourth is the high performance. Fifth, and last, is the scalability.”

Ivo Draginov CEO BatchService

AMD Pensando DSC2-200 “Elba”

In use with some of the largest cloud providers and Hyperscalers on the planet, the AMD
Pensando DSC2-200 has proven itself as the platform of choice for cloud providers seeking to
optimise performance, increase scale and introduce new infrastructure services at the speed of
software. The DSC2-200 is full-height, half-length PCIe card powered by AMD Pensando 2nd
generation DPU “Elba”. The DSC2-200 is the ideal platform for cloud providers to implement
multi-tenant SDN, stateful security, storage, encryption and telemetry at line rate. The platform’s
scale architecture allows cloud provider to offer multiple services on the same DPU card.

Developers can create customised data plane services that target 400G throughput,
microsecond-level latencies, and scale to tens of millions of flows. The heart of the AMD
Pensando platform is a fully programmable P4 data processing unit (DPU). High-level
programming languages (P4, C) enable rapid development and deployment of new features and
services.

The innovative design of AMD Pensando DPU provides secure air-gap between tenant’s
compute instances and cloud infrastructure as well as secure isolation between tenants. This
separation enables cloud operators to manage their infrastructure functions efficiently and
independently of their tenant’s workloads while freeing up the valuable compute resources from
the infrastructure tasks and fully dedicating them to revenue generating business applications.
The exceptional throughput and performance of the Elba DSC2-200, along with its strong
alignment with IBM’s security expectations, made it a top choice for inclusion in IBM Cloud’s
bare metal servers for VPC. This combination of features enables IBM Cloud to provide highly
secure and powerful environments for its customers.

Achieving IBM Cloud’s target outcomes with Ubuntu Core and Snaps

The first goal was to implement a secure and reliable operating system that IBM Cloud development teams could use to launch their management interface and functionality on the AMD Pensando DPU cards. Initially IBM Cloud selected Ubuntu Server as the operating system. They were familiar with it and could easily develop on top of it using the familiar Linux toolset and API.

To develop software running on the AMD Pensando DPU cards, the development kit provides a complete container-based development environment. It allows for the development of data plane, management plane, and control plane functions. To perform correctly, these containers must be allowed direct communication with the card hardware components with fine-grained isolation. Using traditional container runtimes such as Docker and Kubernetes alone cannot meet the unique requirements of this solution. Fortunately, Snap packages provide this access through secure and controlled interfaces to the operating system.

Using Snap packages, IBM Cloud developers were able to implement all the functionalities they needed in record time. This positive experience made them turn their attention to Ubuntu Core, the version of Ubuntu specifically designed for embedded systems such as AMD Pensando DPU cards. It is entirely made up of Snap packages, creating a confined, immutable and transaction-based system. Communication among containers and between containers and the operating system is locked down under full control. In addition, Ubuntu Core provides full disk encryption and secure boot, achieving additional mandatory security compliance objectives.

IBM Cloud successfully converted their bespoke AMD Pensando system image from Ubuntu Server to Ubuntu Core and, after positive results in the pre-production tests, proceeded to deploy it in production to support Bare Metal Servers on VPC.

Conclusion

In summary, Canonical’s Ubuntu Core and IBM Cloud’s components, when packaged as Snaps, provide a unique solution that effectively addresses the challenges faced by the company. This innovative approach has enabled IBM Cloud to enhance its offerings and deliver improved performance, security, and tenant isolation. The development of the solution completed in under a year and has been successfully operating in production since then. The implementation has been a resounding success. Ultimately addressing these challenges provided IBM Cloud with several advantages, including differentiation, cost savings, and improved efficiency.

The collaboration between IBM Cloud, Canonical, and AMD Pensando remains ongoing, with plans to expand the use of Ubuntu Core and Snaps to support other non-bare metal offerings, including Virtual Server for VPC. A key medium-term goal is to achieve FedRAMP compliance, which involves upgrading to Ubuntu Core 22 and ensuring FIPS compliance at the kernel and filesystem levels. This ongoing partnership and development aim to enhance the security, performance, and functionality of IBM Cloud’s solutions.

London, 20 March 2024. Canonical has announced that Ubuntu Core, its operating system optimised for the Internet of Things (IoT) and edge, has received Microsoft Azure IoT Edge Tier 1 supported platform status from Microsoft.  This collaboration brings computation, storage, and artificial intelligence (AI) capabilities in the cloud closer to the edge of the network. 

The power of the cloud on the edge

Azure IoT Edge enables businesses to remotely and securely deploy and manage cloud-native workloads directly on their IoT devices, at scale, and with robust observability.

With the ability to deploy and manage containerised applications on devices, teams can process data, run machine learning models, perform analytics, and carry out other tasks right at the edge of the network. This approach helps reduce latency, conserve bandwidth, and it provides more immediate insights from data near to where it is generated. It is especially useful in scenarios where real-time decision-making is crucial, where network connectivity might be unreliable, or where data privacy and security concerns demand local data processing.

The security of Ubuntu Core

Ubuntu Core is an operating system designed specifically for the IoT and embedded devices. Its range of features make it ideal for secure, reliable, and scalable deployments. Built on the power of Snaps, Ubuntu Core provides a minimal core with support for multiple architectures and types of devices. Security is baked-in with secure boot and full disk encryption, and over-the-air (OTA) transactional updates to ensure that devices are always up to date. Coupled with Canonical’s Long Term Support, which offers up to 10 years of maintenance and security updates, Ubuntu Core provides long-term peace of mind for IoT implementations.

With the introduction of the Azure IoT Edge Snaps suite, the process of deploying edge workloads to the extensive array of devices and architectures supported by Ubuntu Core has become a streamlined, seamless, experience. Combined with the ability to remotely manage and configure both the processing and system components of fleets of devices directly from Azure, teams benefit from robust security and optimised performance. 

“With Microsoft committing their support for Ubuntu Core with the release of the Microsoft Azure IoT Edge Snaps we see another example of the industry’s enthusiasm to adopt the operating system to fulfil all of their IoT needs. We look forward to growing this relationship further with Microsoft in the future”.  – Michael Croft-White, Engineering Director.

“In collaboration with Canonical, we are making it simpler to reliably connect devices to Microsoft Azure IoT services. Snap support in Azure IoT Edge helps ensure consistent performance, enhanced security, and efficient updates across Linux distributions that support Snaps.” 

Kam VedBrat, GM, Azure IoT

Further reading

More information on Ubuntu Core can be found at ubuntu.com/core. Our “Intro to Ubuntu Core 22” webinar is a comprehensive resource for everything you need to know about Ubuntu Core. 

If you are not already familiar with Microsoft’s Azure IoT Edge, more information can be found here. 

Are you interested in running Ubuntu Core with Azure IoT on your devices and are working on a commercial project?

About Canonical 

Canonical, the publisher of Ubuntu, provides open-source security, support and services. Our portfolio covers critical systems, from the smallest devices to the largest clouds, from the kernel to containers, from databases to AI. With customers that include top tech brands, emerging startups, governments and home users, Canonical delivers trusted open source for everyone.

Canonical recently released the Landscape Client snap which, along with the new snap management features in the Landscape web portal, allows for device management of Ubuntu Core devices. In this blog we will look at how this can be deployed at scale by building a custom Ubuntu Core image that includes the Landscape Client snap and how to configure the image to automatically enrol the device after its first boot.

This blog follows the tutorial Build your own Ubuntu Core image, which shows how to create a custom image for a Raspberry Pi. 

Defining your Image

The Model Assertion

As we are following the tutorial we will have already set up our Ubuntu One account and now we are ready to create our model assertion. This is the recipe that describes all the components that comprise our image and will therefore need the Landscape Client to be added into the mix.

We will base this example on a Raspberry Pi running Ubuntu Core 22, and so we will start with the reference model file we can download with:

wget -O my-model.json https://raw.githubusercontent.com/snapcore/models/master/ubuntu-core-22-pi-arm64.json

Now we need to edit the model file, again following the tutorial we set our authority-id and brand-id to our developer id. 

{
    "type": "model",
    "series": "16",
    "model": "ubuntu-core-22-pi-arm64",
    "architecture": "arm64",
    "authority-id": "<your id>",
    "brand-id": "<your id>",
    "timestamp": "2022-04-04T10:40:41+00:00",
    "base": "core22",
    "grade": "signed",
    "snaps": [
        {
            "name": "pi",
            "type": "gadget",
            "default-channel": "22/stable",
            "id": "YbGa9O3dAXl88YLI6Y1bGG74pwBxZyKg"
        },
        {
            "name": "pi-kernel",
            "type": "kernel",
            "default-channel": "22/stable",
            "id": "jeIuP6tfFrvAdic8DMWqHmoaoukAPNbJ"
        },
        {
            "name": "core22",
            "type": "base",
            "default-channel": "latest/stable",
            "id": "amcUKQILKXHHTlmSa7NMdnXSx02dNeeT"
        },
        {
            "name": "snapd",
            "type": "snapd",
            "default-channel": "latest/stable",
            "id": "PMrrV4ml8uWuEUDBT8dSGnKUYbevVhc4"
        }
    ]
}

Adding the Landscape Client

Having gotten our base image definition we want to add the Landscape Client by adding this stanza to the snaps list. As the Landscape Client is currently in beta and doesn’t have a stable release yet, we will specify that with the default-channel parameter. The id parameter is unique to each snap with the value shown below belonging to the client. If you need to find the id of any other snap, you can use the snap info <snap-name> command in your terminal and look for the snap-id.

        {
      "name": "landscape-client",
      "type": "app",
      "default-channel": "latest/beta",
      "id": "ffnH0sJpX3NFAclH777M8BdXIWpo93af"
        }

Default Configuration and the Gadget Snap

Now we have our model assertion, we could sign this and build an image and we would have the Landscape Client. However, it would only have a default configuration that wouldn’t do much, leaving us having to manually configure the client. This works perfectly well, but what if we don’t want to have to access each device and do this? Can we pre-configure the client when we build our image? Also, can we make the client automatically enrol without any external intervention? 

Of course, the answer to these questions is yes. Yes, we can. We just need to create our own gadget snap.

The gadget snap is a special type of snap that contains device specific support code and data. You can read more about them here in the snapcraft documentation.

This example is based on the official Ubuntu Core 22 gadget snap for the Pi. Fork this repository to your local environment and we can configure it for our needs.

Essentially, all we need to do is append the following configuration at the bottom of the gadget.yaml file that defines the gadget snap:

defaults:
  # landscape client
  ffnH0sJpX3NFAclH777M8BdXIWpo93af:
    landscape-url: <landscape-url>
    account-name: <account-name>
    registration-key: "<registration-key>"
    auto-register:
      enabled: true
      computer-title-pattern: test-${model:7}-${serial:0:8}
      wait-for-serial-as: true

Don’t forget to replace the placeholder values like <landscape-url> with the relevant config values.

Automatic Registration

The first part of the configuration defines the details of the Landscape server instance we’ll be using and will be the same for all devices that run this image. After this we want to configure the automatic registration component so that the device will register itself with the server shortly after being started up for the first time. 

We have three parameters in this example. The first one enables the auto-registration on first boot. The second one, computer-title-pattern, allows us to define the computer title for this specific device.

The pattern uses the bash shell parameter expansion format to manipulate the available parameters. In this example the computer title will be set to the string “test-” followed by the device model starting from the 8th character (see our model assertion) and then the first 8 characters of the device serial number taken from its serial assertion. 

For example, in this case it would something like: test-core-22-pi-arm64-f6ec1539

The fields available are listed below. The final parameter though, wait-for-serial-as, tells the auto registration function to wait until the device has been able to obtain its serial assertion from a serial vault before trying to create the title and perform the registration. This is necessary as a completely fresh device will not initially have a serial assertion. 

Parameter	Description
serial	Serial from device’s serial assertion
model	model id from device’s serial assertion
brand	brand-id from device’s serial assertion
hostname	device’s network hostname
ip	device’s IP address of primary NIC
mac	device’s MAC address of primary NIC
prodiden	Product identifier
serialno	Serial Number
datetime	date/time of auto-enrolment

Build the Gadget and Updating our Model Assertion

Now we have our configuration for Landscape all set up, we just need to build the gadget snap. This simply requires the following command to be run in the base folder of your local gadget snap repository:

$ snapcraft

After some whirring, you will have your snap and this is the one we want to include in our model assertion.

With our current model assertion, when we build our image, we will go off to the Snap Store and download the listed snaps and include them in the image, including the reference gadget snap. Now we have our own gadget snap, we want to use this one instead.

If you have your own brand store, you can publish your custom gadget snap there. Then change the name and id of the gadget snap in your model assertion and all will be well. If you do not have your own brand store, the process is a little more manual. It is not permitted to upload custom gadget snaps to the global snap store so we will have to use our local .snap file.

The first step is to set the grade of the snap to “dangerous”. This is because your custom gadget snap will not have been signed by the global snap store or a brand store and its provenance can not be verified except by yourself. 

  "grade": "dangerous",
    "snaps": [
        {
            "name": "pi_22-2_arm64",
            "type": "gadget",
        },

Next, remove the snap-id and default-channel values as these are related to downloading from a store. Finally, update the name to that of your snap filename.

Signing the Model Assertion

If you don’t have a signing key yet, run the following command to create one:

$ snapcraft create-key <key-name>

Next, we’ll sign the model assertion by running:

$ snap sign -k <key-name> model.json > landscape.model

Finally, we’ll build the custom Ubuntu Core image from the signed model using the ubuntu-image tool. If you do not have this already it can be installed using the snap install ubuntu-image command.

Ubuntu-image will take our signed model assertion, download all the required snaps and compile them all together into an image file. As we want to use a local snap, we will have to tell it where to find that snap file so we will need the –snap flag. In this case let’s assume the snap file is in the same directory as our signed model assertion.

ubuntu-image snap --snap pi_22-2_arm64.snap landscape.model

This will produce the image pi.img which is ready to be written to an sd card and inserted into our Raspberry Pi.

There are various tools for writing this image to an sd card, the quickest is probably to use the startup image creator that is included with most Ubuntu variants and can be found in your app drawer (if not, it is available from the snap store). Select your img file and your target sd card and click “Make Startup Disk”. 

Booting up your device

Take your freshly written SD card with the image and put it into your Raspberry Pi. Turn the device on and after a short delay your device should appear fully registered with your Landscape Server. 

Conclusion

By following this process we can quickly and easily create an Ubuntu Core device that only needs a power cable and a network cable plugged into it for it to automatically get itself into a state where it can be remotely managed and maintained. This functionality is essential if attempting to deploy a large fleet or installing devices in inaccessible areas. 

Learn more

For more information on the power and capabilities of Ubuntu Core check out: Ubuntu Core.

For more information on the features and functionality of Landscape check out: Landscape | Ubuntu.

Are you interested in running Ubuntu Core with Landscape management on your devices and are working on a commercial project? Get in touch with our team today.

Further reading

Ubuntu Core as an immutable Linux Desktop base

Managing software in complex network environments: the Snap Store Proxy

Manage FIPS-enabled Linux machines at scale with Landscape 23.03

Landscape has been a member of the Canonical product list for almost as long as Canonical has existed. Landscape allows administrators to manage their desktop and server instances from a single centralised portal. With the latest release of Landscape Server (23.10), we’ve introduced the ability to manage snap packages from Landscape – and with a beta release of the Landscape Client snap package now available from our Snap Store, you can also add Ubuntu Core-based devices to your Landscape estate.

Landscape provides remote fleet management services across your entire Ubuntu estate. It allows you to manage software versions and configurations, control security patching, monitor your devices performance and compliance, access management and auditing.  

This blog will help you get started using Landscape to manage Ubuntu for IoT devices. We will show you how to install the Landscape Client snap on an Ubuntu Core device, how to configure it and then see the device in your Landscape web portal. Further blogs in this series will address Landscape’s snap management features, larger scale deployments and how to include the snap with your base Ubuntu Core device image.

Why manage your IoT devices with Landscape?

Before we explore configuring your device for management with Landscape, we should address the question of why you should manage your IoT device with Landscape. What benefits do you get and how will it make your life easier?

With a lot of IoT Devices being physically inaccessible, remote device management allows you to interact with your device from anywhere in the world. You can monitor its health, check it is running the latest versions of snaps, reconfigure its settings or just give it a good old reboot – all without leaving your desk. In addition, by grouping multiple devices together, you can perform these operations on numerous devices simultaneously, saving you both time and effort.

Requirements

To follow along with this blog, you will need a suitable account on a Landscape server instance. In order to manage the installed snaps on the device, you will need a self-hosted Landscape server running either the beta or 23.10 version. The functionality to manage snaps will be added to our Landscape SaaS versions shortly although you can still already register and monitor these devices.

Install the Landscape Client snap

First, your need to connect to your Ubuntu Core device using SSH and your Ubuntu One account credentials. You will be required to generate an SSH key pair and upload the public SSH key to your account.  During the configuration of Core, you were asked to provide your SSO login credentials to download this public key to your device and allow you to connect. For more information, see how to connect to Ubuntu Core with SSH.

Once you’ve connected to the device, we can install the Landscape Client snap from the snap store. As the snap is currently in beta, we will need to specify that we want the beta channel. 

> snap install landscape-client –channel=beta

The installation of the snap will also connect all the necessary interfaces for the client to the device, granting it permission to manage your configuration and installed snaps. 

Configure the client

Once you’ve installed the client, we need to configure it to talk to your Landscape Server instance. For this exercise, we will use the Landscape Configuration Wizard. As we will see at the end of this section, you can specify all the necessary settings directly from the command line, but by walking through the wizard, we can see the process more clearly.

Before we start this process, we need to ensure we have some information available. 

Computer Title

This is the name that will appear in Landscape when you have completed enrollment. It does not need to be unique but it should help you identify your device when working in the Landscape web portal.

Account Name

As the Landscape server is multi-tenanted, you will need the account to which you would like to enrol your device. For self-hosted Landscape accounts, the account name defaults to “standalone”. 

Landscape Domain 

The Fully Qualified Domain Name (FQDN) of your Landscape Server. This must be accessible from your device. 

Registration Key

The registration key configured for your Landscape account. This is optional but without it you will need to manually confirm all new device additions to your account. If you specify a registration key, you have the option to automatically accept the device provided the keys match. For more information on registration keys and enabling auto-registration, see how to auto-register new computers.

HTTP/HTTPS Proxy URL

These are only required if your network needs a proxy to connect to the Landscape server. 

Once this information is collated, run the configuration wizard using the following command:

> sudo landscape-client.config –computer-title “<computer title>” –account-name <account name>

This command will launch the configuration wizard as shown below with the user input between these two symbols <>.

Manage this machine with Landscape (https://ubuntu.com/landscape):

Will you be using your own Self-Hosted Landscape installation? [y/N]: y

Provide the fully qualified domain name of your Landscape Server e.g. landscape.yourdomain.com

Landscape Domain: <Landscape server FQDN>

A Registration Key prevents unauthorized registration attempts.

Provide the Registration Key found at:

https://<Landscape server FQDN>/account/<Account Name>

(Optional) Registration Key: _  <Registration Key>

If your network requires you to use a proxy, provide the address of

these proxies now.

HTTP proxy URL:  _  <Proxy URL or leave blank>

HTTPS proxy URL:  _  <Proxy URL or leave blank>

A summary of the provided information:

Computer’s Title: <Computer Title>

Account Name: <Account Name>

Landscape FQDN: <Landscape server FQDN>

Registration Key: Hidden

The landscape-config parameters to repeat this registration on another machine are:

sudo landscape-config –account-name snap-management-demo –url https://staging.landscape.canonical.com/message-system –ping-url http://staging.landscape.canonical.com/ping

Request a new registration for this computer now? [y/N]: y

This completes the registration and enrols your device with the Landscape server.

Accept the registration

If you didn’t specify a registration key and enable auto-registration in the previous steps, you’ll need to accept the registration in your Landscape account.

To accept the registration(s), log in to your Landscape account. You should see a notification telling you a computer needs authorising.

Click on this message, check that the device attempting to enrol is your device and then click accept. If this device has previously existed in Landscape (i.e. if you are reinstalling a device) you can select it during this stage of the registration if you want to reuse the instance. 

Your device will then appear in the Computers list and after a few minutes will start populating. 

Manage your device

That’s it – with your device enrolled, you can start managing it from the Landscape Server. Start by trying to install a new snap or fixing its version to prevent update? Maybe setup some graphs to monitor how your devices are performing or perhaps set up an automatic alert to email you if one of your devices stops responding? All from the comfort of your own desktop.

Learn more

For more information on the power and capabilities of Ubuntu Core check out: Ubuntu Core.

For more information on the features and functionality of Landscape check out: Landscape | Ubuntu.

Are you interested in running Ubuntu Core with Landscape management on your devices and are working on a commercial project? Get in touch with our team today.

Further reading

Ubuntu Core as an immutable Linux Desktop base

Managing software in complex network environments: the Snap Store Proxy

Manage FIPS-enabled Linux machines at scale with Landscape 23.03