Taking a Stand Against Unofficial Ubuntu Images

Canonical isn't pleased with cloud providers who are publishing broken, insecure images of Ubuntu despite being notified several times. In a blogpost, Mark Shuttleworth, the founder of Ubuntu, and the Executive Chairman and VP, Product Strategy at Canonical, made the situation public for all to see. An excerpt from the blog post: We are currently in dispute with a European cloud provider which has breached its contract and is publishing insecure, broken images of Ubuntu despite many months of coaxing to do it properly. The home-grown images on the cloud, VPS and bare metal services of this provider disable fundamental security mechanisms and modify the system in ways that are unsupportable. They are likely to behave unpredictably on update in weirdly creative and mysterious ways (the internet is full of fun examples). We hear about these issues all the time, because users assume there is a problem with Ubuntu on that cloud; users expect that 'all things that claim to be Ubuntu are genuine', and they have a right to expect that. We have spent many months of back and forth in which we unsuccessfully tried to establish the same operational framework on this cloud that already exists on tens of clouds around the world. We have on multiple occasions been promised it will be rectified to no avail. We are now ready to take legal steps to remove these images. We will seek to avoid affecting existing running users, but we must act to prevent future users from being misled. We do not make this move lightly, but have come to the view that the value of Ubuntu to its users rests on these commitments to security, quality and updates.

The relevant portion

The article is a bit vague. I believe the relevant snippet comes from this part:

To count some of the ways we have seen home-grown images create operational and security nightmares for users: clouds have baked private keys into their public images, so that any user could SSH into any machine; clouds have made changes that then blocked security updates for over a week; clouds have confused users with image- or kernel-soup, and users have been pushed into building their own images; VMs have had changes that resulted in very slow boot or poor performance; unstable kernels that disable features Ubuntu packages expect to be there; and many more. When things like this happen, users are left feeling let down. As the company behind Ubuntu, it falls to Canonical to take action.

This better explains WHAT is happening as the original article seems to leave the reader guess WHO, which isn't the point to begin with.

Re:It's OVH

[guruevi]

How many other people are on those servers. I've tried plenty of instances but once you start using your actually assigned quota's (1 CPU and 512MB RAM) you will notice an intense slowdown. Or you're sitting on a server with some other people that are heavy users, same problem.

I've tried a bunch of them, for home/dev use, perhaps, but for real work, not suitable. And whenever you ask how many other customers they have, they either don't tell or it's astronomically high.

DigitalOcean: doesn't tell anything about their infrastructure and if you use too much resources they cut you off with a "TOS violation". From what I can measure, I estimate 50-100 hosts per 'real' server but don't use more than 20% of your CPU for a period of time because you'll be out.
DreamHost: the oversell must be close to 200 hosts per server. Continuously 100-200ms ping rates, their 'shared MySQL' would take 500ms to even complete a simple query. The host got cut off several times per month for various technical reasons.
1and1: Another over-seller, absolutely awful support, after a while they just tried to up-sell me packages that would have no impact on the performance - I'm not running out of storage dimwits.