linux-update-cds¶
Pulp-based Linux package mirror accelerator for Azure Commercial and Azure Government — for regulated, air-gapped, and disconnected fleets.
What this is¶
A solution accelerator that stands up a governed, auditable Ubuntu apt mirror on Azure — built on Pulp 3 and deployable to both Azure Commercial and Azure Government with a single parameter flip. You run it when you need your isolated, regulated, or partially-connected Linux fleet to install packages from a snapshot you control instead of from archive.ubuntu.com. The repo ships infrastructure-as-code (Bicep), a derived runtime image, an end-to-end bootstrap script, and operational runbooks. The result is an immutable, snapshot-pinned package distribution path your operators, auditors, and downstream nodes can all trust.
Who this is for¶
- Federal and DoD teams running fleets in Azure Government (IL4–IL6).
- Regulated industries (CJIS, FedRAMP High, ITAR) needing auditable apt mirrors with reproducible snapshots.
- Operators of disconnected or partially-connected Linux fleets who need a low-side ingest plane separate from their high-side enclave.
- Anyone who wants immutable, snapshot-pinned package distribution instead of pointing nodes directly at
archive.ubuntu.com.
Where to next¶
| Page | What you'll find |
|---|---|
| Quickstart — Azure | Deploy in ~20 minutes on Azure Commercial or Government |
| Quickstart — local | Stand up the full stack on your workstation in ~5 minutes |
| Architecture | Components, identity model, network topology, data flow |
| Compliance | FedRAMP / IL4-IL6 posture mapping |
| Costs | Monthly run-rate for dev/prod and Azure Government uplift |
| Comparison | How this compares to apt-mirror, aptly, Artifactory |