Ubuntu Server Guide: Deployment, Configuration, and Management

Introduction

Ubuntu Server has established itself as one of the most popular Linux distributions for server workloads. Backed by Canonical and supported by a vast community, Ubuntu Server powers everything from small business infrastructure to massive cloud deployments at companies like Google, Amazon, and Netflix. In 2026, Ubuntu Server continues to evolve, offering improved performance, enhanced security, and new tools for managing containerized and cloud-native workloads.

This comprehensive guide covers everything you need to know about deploying and managing Ubuntu Server, from initial installation through day-to-day operations. We’ll explore APT package management, cloud-init for automated provisioning, snap packages, service configuration, networking, and security hardening. Whether you’re new to Ubuntu Server or looking to deepen your existing knowledge, this article provides practical guidance for running Ubuntu effectively in production environments.

Installation

Ubuntu Server installation has evolved to support various deployment scenarios, from traditional media to cloud-init automated provisioning.

Traditional Installation

# Download Ubuntu Server ISO
# https://ubuntu.com/download/server

# Boot from ISO and follow the installer
# Key steps:
# 1. Select language
# 2. Choose keyboard layout
# 3. Configure network (or use DHCP)
# 4. Configure storage
# 5. Create user account
# 6. Install OpenSSH server
# 7. Complete installation

Automated Installation (Autoinstall)

Ubuntu Server supports automated installation via autoinstall:

# user-data file for autoinstall
autoinstall:
  version: 1
  locale: en_US.UTF-8
  keyboard:
    layout: us
  identity:
    hostname: ubuntu-server
    password: "$6$rounds=4096$xyz..."  # hashed password
    username: admin
  ssh:
    install-server: true
    allow-pw: true
  storage:
    layout:
      name: lvm
  packages:
    - vim
    - curl
    - git
    - ansible

# Provide user-data via cloud-init
# 1. Create USB with Ubuntu Server ISO
# 2. Mount ISO
# 3. Copy user-data to <mount>/user-data
# 4. Add boot parameter: autoinstall ds=nocloud-net;s=/cdrom/

Cloud Deployment

Deploy Ubuntu Server on cloud platforms:

# AWS
aws ec2 run-instances \
  --image-id ami-0c55b159cbfafe1f0 \
  --instance-type t3.micro \
  --key-name my-key \
  --security-group-ids sg-123456

# GCP
gcloud compute instances create ubuntu-server \
  --image-family=ubuntu-2404-lts \
  --image-project=ubuntu-os-cloud \
  --machine-type=e2-micro

# Azure
az vm create \
  --resource-group myResourceGroup \
  --name ubuntu-server \
  --image Ubuntu2404LTS \
  --size Standard_B1s \
  --admin-username azureuser

Package Management with APT

APT (Advanced Package Tool) is Ubuntu’s primary package management system.

Basic APT Operations

# Update package lists
sudo apt update

# Upgrade installed packages
sudo apt upgrade
sudo apt full-upgrade  # Also handles dependency changes

# Install packages
sudo apt install nginx postgresql

# Remove packages
sudo apt remove nginx        # Remove but keep config
sudo apt purge nginx        # Remove completely

# Search for packages
apt search nginx

# Show package information
apt show nginx

# List installed packages
apt list --installed

# Fix broken dependencies
sudo apt --fix-broken install

Repositories

# View configured repositories
cat /etc/apt/sources.list
ls /etc/apt/sources.list.d/

# Add PPA (Personal Package Archive)
sudo add-apt-repository ppa:nginx/stable
sudo apt update

# Add repository manually
sudo add-apt-repository "deb http://archive.ubuntu.com/ubuntu/ focal main restricted"

# Disable repository
sudo add-apt-repository --remove ppa:nginx/stable
# Or comment out in sources.list

Package Holding

# Hold package at current version
sudo apt-mark hold nginx

# Unhold package
sudo apt-mark unhold nginx

# View held packages
apt-mark showhold

Managing Services with systemd

Ubuntu Server uses systemd as the init system for service management.

Service Management

# Start/Stop/Restart service
sudo systemctl start nginx
sudo systemctl stop nginx
sudo systemctl restart nginx

# Enable service at boot
sudo systemctl enable nginx
sudo systemctl disable nginx

# Check service status
systemctl status nginx

# View service logs
journalctl -u nginx
journalctl -u nginx -f  # Follow

# Service dependency
systemctl list-dependencies nginx

Creating Systemd Services

# /etc/systemd/system/myapp.service
[Unit]
Description=My Application
After=network.target

[Service]
Type=simple
User=www-data
WorkingDirectory=/opt/myapp
ExecStart=/opt/myapp/start.sh
Restart=always
RestartSec=10

[Install]
WantedBy=multi-user.target

# Reload and enable
sudo systemctl daemon-reload
sudo systemctl enable --now myapp

Cloud-Init

cloud-init handles early initialization of cloud instances, enabling automated configuration at first boot.

cloud-init Configuration

# cloud-config (user-data)
#cloud-config

# Update packages and reboot
package_update: true
package_upgrade: true

# Install packages
packages:
  - nginx
  - curl
  - vim

# Create users
users:
  - name: admin
    primary_group: admin
    sudo: ALL=(ALL) NOPASSWD:ALL
    ssh_authorized_keys:
      - ssh-rsa AAAA...

# Write files
write_files:
  - path: /etc/nginx/nginx.conf
    content: |
      worker_processes auto;
      ...

# Run commands
runcmd:
  - systemctl enable nginx
  - systemctl start nginx

cloud-init Modules

# Various cloud-init modules
#cloud-config

# Set hostname
hostname: server1
manage_etc_hosts: true

# Configure SSH
ssh_genrkeys: true
ssh_authorized_keys:
  - ssh-rsa ...

# Configure network
write_files:
  - path: /etc/netplan/01-netcfg.yaml
    content: |
      network:
        version: 2
        ethernets:
          eth0:
            dhcp4: true

# Set timezone
timezone: UTC

# Configure NTP
ntp:
  enabled: true
  servers:
    - ntp.ubuntu.com

Troubleshooting cloud-init

# Check cloud-init status
cloud-init status

# View all cloud-init logs
journalctl -u cloud-init

# Check specific stage
ls /var/lib/cloud/
ls /var/log/cloud-init.log

# Disable cloud-init for local use
sudo touch /etc/cloud/cloud-init.disabled
sudo reboot

Snap Packages

Snaps provide a universal packaging format with automatic updates and sandboxing.

Using Snaps

# Find snaps
snap find nginx

# Install snap
sudo snap install nginx

# List installed snaps
snap list

# Remove snap
sudo snap remove nginx

# Update snaps
sudo snap refresh
sudo snap refresh nginx

# View snap services
snap services

# Disable snap updates
sudo snap disable nginx
sudo snap enable nginx

Classic Confinement

Some snaps require classic confinement for full system access:

# Install with classic confinement
sudo snap install --classic docker

# View confinement
snap info docker

Networking

Ubuntu Server uses Netplan for network configuration.

Netplan Configuration

# /etc/netplan/00-installer-config.yaml
network:
  version: 2
  renderer: networkd
  ethernets:
    eth0:
      dhcp4: true
      dhcp6: true

# Static IP configuration
    eth1:
      addresses:
        - 192.168.1.100/24
      gateway4: 192.168.1.1
      nameservers:
        addresses:
          - 8.8.8.8
          - 8.8.4.4

# Apply configuration
sudo netplan apply

# Debug configuration
sudo netplan try  # Apply with timeout rollback

# View current state
ip addr
ip route

Network Troubleshooting

# Check network status
networkctl
networkctl status

# DNS resolution
resolvectl status
systemd-resolve --status

# Test connectivity
ping -c 4 8.8.8.8
curl -I https://ubuntu.com

Security Hardening

Securing Ubuntu Server requires attention to multiple layers.

Basic Hardening

# Update regularly
sudo apt update && sudo apt upgrade -y

# Configure firewall
sudo ufw enable
sudo ufw allow ssh
sudo ufw allow 80/tcp
sudo ufw allow 443/tcp
sudo ufw status

# Fail2ban (install from universe)
sudo apt install fail2ban
sudo systemctl enable fail2ban

SSH Security

# /etc/ssh/sshd_config

# Disable root login
PermitRootLogin no

# Disable password authentication
PasswordAuthentication no

# Use key-based authentication only
PubkeyAuthentication yes

# Change default port
Port 2222

# Limit users
AllowUsers admin deploy

# Restart SSH
sudo systemctl restart sshd

Automatic Security Updates

# Install unattended-upgrades
sudo apt install unattended-upgrades

# Configure
sudo dpkg-reconfigure -plow unattended-upgrades

# Edit configuration
# /etc/apt/apt.conf.d/50unattended-upgrades
Unattended-Upgrade::Mail "[email protected]";
Unattended-Upgrade::Automatic-Reboot "true";
Unattended-Upgrade::Automatic-RebootTime "02:00";

Performance Optimization

Kernel Parameters

# /etc/sysctl.conf

# Network performance
net.core.somaxconn = 1024
net.ipv4.tcp_max_syn_backlog = 2048

# File descriptors
fs.file-max = 65536

# Memory
vm.swappiness = 10

# Apply changes
sudo sysctl -p

Resource Limits

# /etc/security/limits.conf

# Increase nofile limit
* soft nofile 65536
* hard nofile 65536
root soft nofile 65536
root hard nofile 65536

# Apply (for services)
# Edit /etc/systemd/system/<service>.service
[Service]
LimitNOFILE=65536

Container Support

Ubuntu Server provides excellent support for container workloads.

Docker Installation

# Install Docker
sudo apt update
sudo apt install docker.io

# Start and enable
sudo systemctl enable --now docker

# Add user to docker group
sudo usermod -aG docker $USER

# Verify
docker --version
docker ps

Kubernetes on Ubuntu

# Install kubeadm
sudo apt-get update
sudo apt-get install -y apt-transport-https ca-certificates curl
curl -fsSL https://pkgs.k8s.io/core:/stable:/v1.29/deb/Release.key | sudo gpg --dearmor -o /etc/apt/keyrings/kubernetes-archive-keyring.gpg
echo "deb [signed-by=/etc/apt/keyrings/kubernetes-archive-keyring.gpg] https://pkgs.k8s.io/core:/stable:/v1.29/deb/ /" | sudo tee /etc/apt/sources.list.d/kubernetes.list
sudo apt-get update
sudo apt-get install -y kubelet kubeadm kubectl
sudo apt-mark hold kubelet kubeadm kubectl

# Initialize cluster
sudo kubeadm init

# Install CNI (e.g., Calico)
kubectl apply -f https://docs.projectcalico.org/manifests/calico.yaml

Monitoring and Maintenance

System Monitoring

# Resource usage
top
htop
iotop

# Disk usage
df -h
du -sh /*

# Process monitoring
ps aux | head -20
pstree

# Memory
free -h

Log Management

# System logs
journalctl -xe
journalctl -b -u nginx

# Application logs
tail -f /var/log/nginx/access.log

# Log rotation
# Check /etc/logrotate.conf
# Custom configs in /etc/logrotate.d/

Backup

# Simple backup with tar
sudo tar -czf backup-$(date +%Y%m%d).tar.gz /home /etc

# Use rsync for incremental
rsync -avz --delete /source/ /backup/

# Consider restic, Borg, or Rclone for encrypted backups

Ubuntu Pro

Ubuntu Pro provides additional security coverage and compliance tools.

# Attach Ubuntu Pro
sudo pro attach <token>

# View attached services
sudo pro status

# Enable ESM (Extended Security Maintenance)
sudo pro enable esm

# Enable livepatch
sudo pro enable livepatch

Conclusion

Ubuntu Server offers a robust, well-supported platform for modern server workloads. Its combination of regular release cycles, extensive package repositories, strong community support, and enterprise backing makes it an excellent choice for organizations of all sizes. The tools and concepts covered—APT package management, systemd services, cloud-init automation, snap packages, and security hardening—provide the foundation for effective Ubuntu Server administration.

As containerization and cloud-native technologies continue to dominate, Ubuntu’s focus on Kubernetes integration, lightweight images, and automated provisioning ensures it remains relevant for modern infrastructure. Whether running a single server or orchestrating a large cluster, Ubuntu Server provides the flexibility, reliability, and support needed for production workloads in 2026 and beyond.