At NVIDIA GTC Washington D.C., Canonical is pleased to support the arrival of the NVIDIA BlueField-4 – the newest generation of the data processing unit (DPU) family. NVIDIA BlueField-4 is an accelerated infrastructure platform for gigascale AI factories. By combining NVIDIA Grace CPU and NVIDIA ConnectX-9 networking, it delivers 6x the compute power of BlueField-3 and 800 Gb/s throughput to accelerate these systems. BlueField-4features multi-tenant networking, rapid data access, AI runtime security, and enables  high-performance inference processing. Running natively on BlueField-4, NVIDIA DOCA microservices deliver containerized services to simplify and scale AI infrastructure.

As with previous generations, BlueField-4 supports the Ubuntu  OS, which comes with Canonical’s security maintenance and support. This development is the latest from Canonical’s longstanding collaboration with NVIDIA to advance the state of DPU-driven infrastructure. 

A securely-designed foundation 

Zero-trust architecture places emphasis on the integrity of infrastructure, which is isolated from untrusted workloads. No component, workload, or user is implicitly trusted, and every interaction within the system is continuously verified and enforced by NVIDIA BlueField at the infrastructure level. In this model, the DPU acts as a hardware-based control and enforcement plane, isolating workloads, validating software integrity, and handling encryption and network policy enforcement independently from the host CPU.

NVIDIA BlueField-4 supports multi-service architectures with native service function chaining, zero-trust tenant isolation, and software defined infrastructure control. Running natively on BlueField-4, NVIDIA DOCA microservices deliver prebuilt, containerized services for AI networking, orchestration, real-time threat detection, and data acceleration–simplifying operations and enabling enterprises and service providers to scale AI securely and efficiently. Enterprises can also deploy validated, BlueField-accelerated applications from leading software providers, enabling advanced infrastructure acceleration and cybersecurity capabilities that enhance the platform’s value.

Ubuntu 24.04 LTS on BlueField-4

Ubuntu plays a key role in supporting the overall security posture of zero-trust BlueField-4 infrastructure. BlueField-4 effectively introduces a dedicated control and enforcement domain alongside the host system, meaning it meets the same security and compliance expectations as any other infrastructure component in the data center. In highly regulated environments, where every element is expected to be hardened and certifiable, the software foundation of BlueField becomes just as important, if not more, as that of the host.

Because the BlueField software stack is based on Ubuntu 24.04 LTS, it benefits from Canonical’s signed packages and reproducible build processes. Expanded Security Maintenance (ESM) provides long-term maintenance guarantees. Ubuntu Pro extends this foundation with continuous CVE monitoring, patch delivery, and compliance tooling, giving operators a clear view of security status and patch levels. When DPUs are deployed in environments that require FIPS, DISA-STIG, or similar compliance frameworks, this is essential. These features, supported in the NVIDIA AI Factory for Government reference design, ensure organizations can integrate BlueField-4 into sensitive infrastructure with confidence, knowing that the underlying operating system aligns with their existing security and compliance processes.

In terms of performance, Canonical publishes optimized Ubuntu images, designed to get the most out of BlueField-4, which combines NVIDIA Grace CPU and NVIDIA ConnectX-9 networking. With NVIDIA Grace, a CPU already certified on Ubuntu 24.04 LTS, operators can deploy with confidence, knowing their platforms have undergone comprehensive validation across performance, reliability, and interoperability. In practical terms, this includes an optimized Ubuntu kernel which combines with NVIDIA drivers on Grace CPU architecture to provide efficient scheduling and accelerated I/O performance on its Arm-based cores. 

Advanced networking with Ubuntu 24.04 LTS

Ubuntu 24.04 LTS provides a robust foundation for service function chaining and software-defined networking (SDN) in BlueField-4 deployments. Ubuntu’s networking stack is optimized for deterministic performance, low latency, and full hardware acceleration.

In environments where complex network services, such as firewalls, load balancers, and intrusion detection, must operate in sequence at line rate, Ubuntu’s Linux kernel is optimized for BlueField and enables high performance service function chaining. Developers can opt to use Canonical’s open virtual network (OVN), which integrates tightly with NVIDIA OVS-DOCA (Open vSwitch) to offload data plane operations directly onto the BlueField-4 programmable platform. This allows for traffic steering, encapsulation, and flow processing to occur entirely within the DPU, freeing host resources and ensuring wirespeed throughput even in multi-tenant or multi-domain deployments.

Use cases for telco and public sector

5G Core and edge networking

Service providers can offload user plane function (UPF) and service chaining to BlueField-4, accelerating 5G core workloads running on Ubuntu OpenStack and Kubernetes. With secure tenant isolation via BlueField Advanced Secure Trusted Resource Architecture, operators can enforce zero-trust policies across multi-tenant, high-throughput environments.

Cybersecurity and mission-critical systems

In mission-critical settings, BlueField-4 with Ubuntu enables line-rate intrusion detection, data encryption, and air-gapped control planes, executing directly in the DPU for minimal latency and maximum assurance. With Ubuntu’s FIPS validation and DISA-STIG compliance, organizations can deploy infrastructure that meets stringent operational and regulatory standards.

A shared vision for the future

Canonical and NVIDIA have already demonstrated the power of combining Ubuntu, Kubernetes, and DOCA for networking acceleration, as described in our earlier post: Canonical Kubernetes Meets NVIDIA DOCA Platform Framework (DPF).

Canonical and NVIDIA share a commitment to advancing open, programmable, and securely-designed infrastructure. With BlueField-4 on Ubuntu 24.04 LTS, organizations gain a validated, compliant, and high-performance platform to power the next era of AI, telco, and government infrastructure.

Together, we’re enabling governments, operators, and enterprises to deploy scalable, securely maintained, and future-proof infrastructure at gigascale.