惯性聚合 高效追踪和阅读你感兴趣的博客、新闻、科技资讯
阅读原文 在惯性聚合中打开

推荐订阅源

GbyAI
GbyAI
爱范儿
爱范儿
奇客Solidot–传递最新科技情报
奇客Solidot–传递最新科技情报
月光博客
月光博客
腾讯CDC
Last Week in AI
Last Week in AI
OSCHINA 社区最新新闻
OSCHINA 社区最新新闻
博客园_首页
量子位
博客园 - 聂微东
Jina AI
Jina AI
小众软件
小众软件
The Cloudflare Blog
有赞技术团队
有赞技术团队
V
V2EX
博客园 - 司徒正美
Apple Machine Learning Research
Apple Machine Learning Research
freeCodeCamp Programming Tutorials: Python, JavaScript, Git & More
大猫的无限游戏
大猫的无限游戏
博客园 - 三生石上(FineUI控件)
WordPress大学
WordPress大学
阮一峰的网络日志
阮一峰的网络日志
B
Blog
MongoDB | Blog
MongoDB | Blog
L
LangChain Blog
宝玉的分享
宝玉的分享
C
Check Point Blog
H
Hackread – Cybersecurity News, Data Breaches, AI and More
IT之家
IT之家
N
Netflix TechBlog - Medium
I
InfoQ
J
Java Code Geeks
S
SegmentFault 最新的问题
V
Visual Studio Blog
Microsoft Security Blog
Microsoft Security Blog
博客园 - 叶小钗
D
DataBreaches.Net
让小产品的独立变现更简单 - ezindie.com
让小产品的独立变现更简单 - ezindie.com
B
Blog RSS Feed
S
Schneier on Security
Webroot Blog
Webroot Blog
P
Proofpoint News Feed
cs.CL updates on arXiv.org
cs.CL updates on arXiv.org
T
Threatpost
Project Zero
Project Zero
Scott Helme
Scott Helme
C
CERT Recently Published Vulnerability Notes
P
Privacy International News Feed
T
The Exploit Database - CXSecurity.com
D
Darknet – Hacking Tools, Hacker News & Cyber Security

Blog

Tracing a memory leak bug in PID 1 and contributing an upstream fix: a Linux support story | Canonical MAAS installation: bare metal provisioning is easier than ever | Canonical Januscape vulnerability CVE-2026-53359 mitigations available | Canonical Managing Ubuntu on bare metal at scale | Canonical Ubuntu Server: a platform made for enterprise scale | Canonical Building an open source chain of trust: new research uncovers key blockers and ways forward | Canonical Beyond safety and security: Why automotive open source demands dependability  | Canonical DirtyClone Linux kernel local privilege escalation vulnerability fixes available | Canonical pedit COW kernel local privilege escalation vulnerability mitigations | Canonical Canonical becomes Gold Sponsor of Trifecta Tech Foundation | Canonical Challenges designers face in open source (and how to fix them) | Canonical Hunting a 16-year-old SQLite bug with TLA+: is dqlite affected? | Canonical Anbox Cloud on C4A metal: Android, at scale, without friction | Canonical Canonical announces live kernel patching for Arm64 | Canonical How to use RISC-V custom instructions with Ubuntu | Canonical Ubuntu Summit 26.04: connected by open source | Canonical So you need to add microcontrollers to your fleet: now what? | Canonical Validating real-world skills through Canonical Academy | Canonical Virtualized Android comes to Anbox Cloud | Canonical Template: Streamlining open source design contributions | Canonical Beyond Mythos: responding to a new threat landscape | Canonical This year we celebrate a decade of Ubuntu Server support on the s390x architecture: marking a long-standing collaboration between Canonical and IBM that began at LinuxCon 2015. The first release happened on April 21, 2016, bringing Ubuntu 16.04 LTS (Xenial Xerus) to IBM Z and IBM LinuxONE platforms.  A first for Ubuntu on IBM That […] AI at the edge: simplifying infrastructure with Cisco and Canonical | Canonical The next era of telco clouds: get open infrastructure choice with Sylva and Canonical Kubernetes | Canonical What is RDMA over Converged Ethernet (RoCE)? | Canonical Beyond tokens per watt – using Ubuntu 26.04 LTS for AI Beyond tokens per watt – using Ubuntu 26.04 LTS for AI | Canonical A look into Ubuntu Core 26: Deploying AI models on Renesas RZ/V series for production | Canonical RISC-V profiles – why is RVA23 significant? | Canonical AI with AMD ROCm on Ubuntu: your questions answered | Canonical When distributed workloads stall because nodes cannot exchange small messages quickly and consistently, the network is the limiting factor. How do you solve that problem? InfiniBand offers one solution. InfiniBand is an interconnect, meaning the end-to-end communication system that links compute, storage, and accelerator nodes. It is impl […] Microsoft has announced the preview of Azure Cobalt 200, its second-generation custom Arm silicon. Learn how Ubuntu and Ubuntu Pro support these new VMs from day one, offering seamless deployment, long-term security maintenance, and Kernel Livepatch without requiring engineering or platform changes […] How Canonical Support solves hard Linux performance bugs  – even in 12-year old code | Canonical Securing AI agent workflows on Ubuntu with the new NVIDIA OpenShell snap | Canonical Canonical announces optimized Ubuntu images for TPU virtual machines by Google Cloud | Canonical VMware hypervisor deployment using MAAS | Canonical Migrating from Apache Spark 3 to Spark 4 | Canonical Introducing Workshop: launch sandboxed development environments on Ubuntu with a single command | Canonical Run agentic workloads on Arm and Ubuntu | Canonical Decoding design: How design and engineering thrive together in open source | Canonical Developing web apps with local LLM inference | Canonical A local privilege escalation (LPE) security vulnerability in the Linux kernel, codename “PinTheft,” was publicly disclosed on May 19, 2026. The vulnerability was fixed in the mainline Linux kernel tree. A proof-of-concept exploit was published along with public disclosure. This has been assigned the CVE ID CVE-2026-43494; other discoverin […] Canonical has announced the general availability of Managed Kubeflow on the Microsoft Azure Marketplace. This fully managed MLOps platform allows enterprise AI teams to deploy a production-ready environment in under an hour, eliminating infrastructure maintenance. […] A look into Ubuntu Core 26: Cloud-powered edge computing with AWS IoT Greengrass and Azure IoT Edge | Canonical CVE-2026-46333 (ssh-keysign-pwn) Linux kernel vulnerability mitigations | Canonical Finding the blind spot: How Canonical hunts logic flaws with AI | Canonical A local privilege escalation (LPE) vulnerability affecting the Linux kernel has been publicly disclosed on May 13, 2026. The vulnerability does not have a CVE ID published, but is referred to as “Fragnesia.” The vulnerability affects multiple Linux distributions, including all Ubuntu releases. The affected components are the Linux kernel […] Rethinking BYOD security: protecting data without trusting devices | Canonical Two local privilege escalation (LPE) vulnerabilities affecting the Linux kernel have been publicly disclosed on May 7, 2026. The vulnerabilities have been assigned the IDs CVE-2026-43284 and CVE-2026-43500 and are referred to as “Dirty Frag.” The affected components are Linux kernel modules. The first vulnerability impacts the modules tha […] Three weeks to go: A sneak peek of the Ubuntu Summit 26.04 experience | Canonical How to use Ubuntu on Windows | Canonical A local privilege escalation (LPE) vulnerability affecting the Linux kernel has been publicly disclosed on April 29, 2026. The vulnerability has been assigned CVE ID CVE-2026-31431 and is referred to as Copy Fail. The affected component is a kernel module that provides hardware-accelerated cryptographic functions: algif_aead. The vulnerab […] Run NVIDIA Nemotron 3 Nano Omni locally in a single command | Canonical Why Web Engineering is great | Canonical Ubuntu 16.04 LTS (Xenial Xerus) reached the end of its five-year Expanded Security Maintenance (ESM) window in April 2026. If you are still running 16.04, it is critical to address your support status to ensure continued security and compliance. Your support options Now that 16.04 is in its Legacy phase, you have two primary paths: […] Understanding disaggregated GenAI model serving with llm-d | Canonical From Jammy to Resolute: how Ubuntu’s toolchains have evolved | Canonical Hybrid search and reranking: a deeper look at RAG | Canonical Canonical expands Ubuntu support to next-generation MediaTek Genio 520 and 720 platforms | Canonical In this article, Keirthana TS, a Senior Technical Author at Canonical, breaks down what leadership means to her and how she understood the power of intentional leadership through her journey at Canonical. […] Ubuntu Pro comes to Nutanix bare-metal Kubernetes | Canonical RISC-V 101 – what is it and what does it mean for Canonical? | Canonical Ubuntu Summit 26.04 is coming: Save the date and share your story! | Canonical How to manage Ubuntu fleets using on-premises Active Directory and ADSys | Canonical Simplify bare metal operations for sovereign clouds | Canonical How to Harden Ubuntu SSH: From static keys to cloud identity | Canonical The “scanner report has to be green” trap | Canonical Modern Linux identity management: from local auth to the cloud with Ubuntu | Canonical Canonical welcomes NVIDIA’s donation of the GPU DRA driver to CNCF | Canonical Hot code burns: the supply chain case for letting your containers cool before you ship | Canonical
A look into Ubuntu Core 26: Building a local AI inference appliance in a virtual machine | Canonical
Gabriel Aguiar Noury · 2026-06-16 · via Blog

Welcome to this blog series which explores innovative uses of Ubuntu Core. Throughout this series, Canonical’s Engineers will show what you can build with this Core 26 release, highlighting the features and tools available to you. 

In this first blog, Farshid Tavakolizadeh, Engineer Manager for Canonical’s Industrial team, will show you how to try Ubuntu Core 26 inside a virtual machine and turn it into a local AI inference appliance using Multipass and the gemma4 snap. Running Ubuntu Core in a VM is a useful starting point for developers who want to experiment before moving to dedicated hardware. You can explore the Ubuntu Core environment, install snaps, expose services to your host machine, and test how an appliance-style experience could work in production.

By the end of this blog, you’ll know how to launch Ubuntu Core 26 with Multipass, install a local AI inference snap, access its WebUI from your host machine, and understand how this workflow maps to a production Ubuntu Core image.

Why start with Ubuntu Core in a VM?

Ubuntu Core is designed for production devices: appliances, gateways, robots, kiosks, industrial systems, and edge AI products. In the field, you would normally build a custom Ubuntu Core image that includes the snaps, configuration, permissions, and update policy your product needs.

A virtual machine gives you a fast way to explore the system. You can launch Ubuntu Core from your laptop, install application snaps, test services, and understand how the pieces fit together before committing to a board or production image.

For this, Multipass provides a simple path. It has integrated support for Ubuntu Core images and can launch an Ubuntu Core VM with a single command. That makes it ideal for experimentation, demos, and local development workflows.

Turning the VM into a local AI appliance

We will use Ubuntu Core to create a local AI inference appliance. The idea is simple: Ubuntu Core provides the secure, minimal, appliance-like operating system, while the AI workload is delivered as a snap.

For this example, we’ll use the gemma4 inference snap.

Because AI inference needs more resources than a minimal shell test, launch a VM with additional CPU, memory, and disk:

multipass launch core26 -n aibox --cpus 4 --memory 10GB --disk 16GB

Then enter the instance:

multipass shell aibox

The Ubuntu Core instance may update itself after first boot, and it may restart automatically. This is part of the experience you should expect from Ubuntu Core: the base system and snapd are managed, updated, and kept reliable.

Now install the AI inference snap:

sudo snap install gemma4

This installs the most suitable runtime and model for the machine.

Checking the inference endpoint

Once installed, gemma4 runs as a managed snap service. You can check its status with:

gemma4 status

The output includes the active engine, services, and endpoints:

engine: cpu
services:
   server: active
   server-webui: active
endpoints:
   openai: http://localhost:8336/v1
   webui: http://localhost:8337/

At this point, the inference server and WebUI are running inside the Ubuntu Core instance.

There is one important detail: localhost here refers to the Ubuntu Core VM, not your host machine. So while the service is active, your browser on your laptop cannot necessarily access it yet.

To make the inference server and WebUI available from the host, configure the service to listen on the VM’s network interface:

sudo gemma4 set http.host=0.0.0.0 webui.http.host=0.0.0.0 --assume-yes

Then, from your host machine, find the VM’s IP address:

multipass info aibox

The output includes an IPv4 address:

Name:           aibox
State:          Running
Snapshots:      0
IPv4:           10.100.120.150
Release:        Ubuntu Core 26

Use the IPv4 address to access the inference server and WebUI, in this case: 10.100.120.150.

The inference server’s API is accessible at http://<VM’s IPv4>:8336/v1. This is an OpenAI compliant API that can be used with a wide range of clients. You can use an HTTP client like cURL to make a prompt:

curl http://10.100.120.150:8336/chat/completions -H "Content-Type: application/json" -d '{
"messages": [{"role": "user", "content": "What is the meaning of ubuntu?"}],
"max_completion_tokens": 100
}'

Of course, experimenting with an OpenAI API over the terminal is no fun. The WebUI that is provided by the gemma4 snap is a better entry point to try. Open in your browser: http://10.100.120.150:8337

You can also integrate the API with a tool such as Open WebUI or OpenCode to do more.

You now have an AI inference interface running inside Ubuntu Core.

What this demonstrates

This example may be running in a VM, but the architecture is the same pattern used for real devices.

The Ubuntu Core base system remains separate from the application workload. The AI server is delivered as a snap. The WebUI is delivered as a managed service. The inference endpoint runs inside the Ubuntu Core environment. Configuration is applied through snap options rather than by manually editing system files.

In other words, you are not just installing a package. You are assembling the foundations of an appliance.

This matters because production devices are rarely managed one command at a time. A finished product needs a predictable boot experience, controlled services, reliable updates, and a clear boundary between the operating system and the application layer.

Ubuntu Core provides that boundary.

From local experiment to production image

Installing gemma4 manually is useful for development, but it is not how you would normally ship a product.

In a production deployment, the AI snap and its configuration would typically be included in a custom Ubuntu Core image. That image would be described by a model assertion, which defines the snaps that make up the device image, including required or optional application snaps.

With that approach, the device starts directly into the experience you designed.

Your users do not need to install the snap manually. They do not need to log into the Core instance. They do not need to understand how the inference endpoint is configured. The product boots with the right snaps, services, permissions, and defaults already in place.

This is where Ubuntu Core becomes especially powerful. The same workflow you tested in a VM can evolve into a repeatable product image for hardware, production lines, demos, customer pilots, or fleet deployments.

Managing appliances over time

Once a device is deployed, the work is not finished.

You may want to update the AI model, fix a CVE in the inference server, adjust configuration, or deploy the same image to different customers with different workloads.

Ubuntu Core is designed for this lifecycle. Application snaps can be updated independently from the base system. Updates are transactional. If something goes wrong, the system can roll back to a known good state.

For larger deployments, snaps can also be installed, configured, and managed through fleet management. Landscape provides centralized administration for Ubuntu deployments, including IoT devices.

This gives developers a flexible path: build the experience into the image from day one, or manage and evolve application snaps later across a fleet.

What’s next?

With Multipass, you can launch a Core VM in minutes. With snaps, you can install and manage real workloads. With gemma4, you can turn that VM into a local AI inference appliance that exposes both an API endpoint and a web server.

This is a small example, but it shows the larger pattern.

You can separate your application from the base system. You can run services in a managed way. You can configure the product experience. And when you are ready, you can move from a pre-built VM image to a custom Ubuntu Core image defined by your own model assertion.

Below are some useful links for further reading:

Related posts


A look into Ubuntu Core 26: Deploying AI models on Renesas RZ/V series for production

Internet of Things Article

Welcome to this blog series which explores innovative uses of Ubuntu Core. Throughout this series, Canonical’s Engineers will show what you can build with our releases, highlighting the features and tools available to you. In this blog, Asa Mirzaieva, engineer from the Silicon Alliances team, will show you how to deploy optimised AI model ...


Canonical launches Ubuntu Core 26

Canonical announcements Article

Ubuntu Core 26 introduces precise Linux builds, optimized OTA updates, live kernel patching, and enhanced hardware-backed protection for mission-critical deployments. May 19, 2026 Today, Canonical announced the general availability of Ubuntu Core 26, its minimal, immutable operating system with up to 15 years of security maintenance.  Ubu ...