Ubuntu Cloud Images

Ubuntu Cloud Images are the official Ubuntu images customized by Canonical to run on public clouds, Openstack, LXD and more.

Published on updated on

Ubuntu Cloud Images are the official Ubuntu images that have been customised by Canonical to run on public clouds that provide Ubuntu Certified Images, Openstack, LXD and more.

Select image

The Ubuntu Cloud Images site contains many images and the Image locator should be helpful … and probably is but I prefer to select the minimal or standard server releases:

and while I am there, I download the file with the hashes and its signature. Example:

Note: the same file may have multiple names, depending on the link where it is accessed. Example: noble-server-cloudimg-amd64.img have the same content as ubuntu-24.04-server-cloudimg-amd64.img .Check the hashes if you want.

Download image

wget https://cloud-images.ubuntu.com/noble/current/noble-server-cloudimg-amd64.img
wget https://cloud-images.ubuntu.com/noble/current/SHA256SUMS
wget https://cloud-images.ubuntu.com/noble/current/SHA256SUMS.gpg

Make the downloaded image read-only because if you test it with QEMU or another tool it may be modified.

chmod 400 noble-server-cloudimg-amd64.img

Verify image

First check the integrity of SHA256SUMS:

gpg --keyid-format long --verify SHA256SUMS.gpg SHA256SUMS

If you get a message like:

gpg: Signature made Mi 09 oct 2024 03:23:30 +0300 EEST
gpg:                using RSA key D2EB44626FDDC30B513D5BB71A5D6C4C7DB87C81
gpg: Can't check signature: No public key

then you have to install the missing key:

gpg --keyid-format long \
    --keyserver hkp://keyserver.ubuntu.com \
    --recv-keys 0xD2EB44626FDDC30B513D5BB71A5D6C4C7DB87C81

gpg: key 1A5D6C4C7DB87C81: public key "UEC Image Automatic Signing Key <cdimage@ubuntu.com>" imported
gpg: Total number processed: 1
gpg:               imported: 1

and check again:

gpg --keyid-format long --verify SHA256SUMS.gpg SHA256SUMS

For a correct file the result should look like:

gpg: Signature made Mi 09 oct 2024 03:23:30 +0300 EEST
gpg:                using RSA key D2EB44626FDDC30B513D5BB71A5D6C4C7DB87C81
gpg: Good signature from "UEC Image Automatic Signing Key <cdimage@ubuntu.com>" [unknown]
gpg: WARNING: This key is not certified with a trusted signature!
gpg:          There is no indication that the signature belongs to the owner.
Primary key fingerprint: D2EB 4462 6FDD C30B 513D  5BB7 1A5D 6C4C 7DB8 7C81

The Good signature message means that the integrity of SHA256SUMS’s is verified with success but BAD signature means that SHA256SUMS or SHA256SUMS.gpg is incorrect.

Check the hash of the image:

sha256sum --ignore-missing -c SHA256SUMS

noble-server-cloudimg-amd64.img: OK

Next step

See the Debian, Ubuntu and cloud-init article.