Snappy Ubuntu, A New Cloud OS with Support for Docker in a Post Shellshock Era
The new distributed and microservices application production environment is creating new needs for development architectures. This is especially true with the operating system, both on a developer’s laptop as they create code, and the operating system that is deployed on countless machines and servers around the world, each running a microservice that connects to become the distributed application the end user experiences.
Red Hat has released Project Atomic, while CoreOS continues to create new features and services to appeal to the new application environment, particularly supporting developers who need containerization services.
The snappy system keeps each part of Ubuntu in a separate, read-only file, and does the same for each application, Shuttleworth writes in his post about the new flavor of the Ubuntu core.
That way, developers can deliver everything they need to be confident their app will work exactly as they intend, and we can take steps to keep the various apps isolated from one another, and ensure that updates are always perfect. Of course, that means that apt-get won’t work, but that’s OK since developers can reuse debs to make their snappy apps, and the core system is exactly the same as any other Ubuntu system – server or desktop.
“Snappy Ubuntu will be attractive to the new discipline of building massive, new systems,” says Dustin Kirkland, Ubuntu Cloud Solutions product manager and strategist. Kirkland points to Netflix as the prime example of this new microservices architecture.
Netflix take a very different approach to creating its services, Kirkland said. Instead of two monolithic servers, developers like those at Netflix use hundreds of servers that are each running a little bit of the service. Snappy Ubuntu supports this environment. It is very small, very efficient, only the bare minimum is running and it is able to be updated at large scale with minimal services interruption.
Canonical — the company behind Ubuntu — point to two key features that comes with Snappy Ubuntu: transactional updates and support for Docker containers.
Snappy takes learnings from Ubuntu’s two years of hosting an operating system ‘flavor’ for mobiles, in which updates need to be pushed to a handset’s firmware without disrupting the end user experience or requiring them to manually update to new releases.
Transactional updates are expected to become more accepted by the application development industry in the post-Shellshock era. Shellshock revealed the exposure of many Linux and Mac architecture-based systems. Users came to fear that manual updates would mean that systems would remain compromised for some time as architects and others responsible for server maintenance failed to check security risks and update available patches.
Snappy aims to avoid this manual burden by enabling updates to be automated and updated across a whole network.
“Shellshock is an example of a critical security vulnerability that affected Linux and Mac machines,” says Kirkland. “The way Snappy handles updates is a lot more efficient at rolling out those kind of fixes at scale. When we were developing at Ubuntu Mobile, we were seeing the problem telcos face in ensuring that updates are rolled out at scale efficiently.
“Snappy Ubuntu is a more efficient mechanism for updating at scale and doing it in a transactional manner. It goes through its testing, and then Snappy Ubuntu is able to notice when a new image is available. When the consumer chooses to do that update, that update is done instantly and in bulk rather than individual updates of packages along the way.”
Kirkland is clear that Snappy is an ideal operating system for managing Dockerized applications, with other container services to be added later:
“Docker is a fantastic vector into Ubuntu Snappy, and has a very rich library of images. Anything that can run in Docker can run in a Snappy Ubuntu environment and we have built that into it from day one.”
Kirkland points out that the Snappy Ubuntu operating system bridges the ecosystem of Docker services. “Applications run in containers. Anything you run inside Docker can run in Snappy.”
Having Snappy Ubuntu able to be used with Docker is an essential component in how Canonical is hoping Snappy will meet the needs of developers, the primary audience for this product. Snappy also uses Docker-esque type principles to speed up Snappy’s new approach to packaging software without creating too much confusion for developers, even though the software packaging system is a new approach:
“Snap packages are a start-from-scratch packaging system that is built on the latest and greatest processes where the modern developer provides their applications to consumers. It enables developers to rapidly deliver their software as a package. As opposed to learning the ins and outs of debian packaging, we have built this on the same principles as a Docker container or a java jar file. It is a zip file: it is as simple as it gets. We have a series of packaging tools that start with the source code in GitHub to compiling an application that can run anywhere that Snappy is running.”
Snappy Ubuntu images can also run inside virtual machines, and in private cloud environments. “We will have devs running Snappy at 100 megabytes on a VirtualBox with Vagrant. It will also be available in Microsoft Azure, and then it will become available in Google Compute Engine and Amazon Web Services. It can also run on OpenStack in private cloud environments,” Kirkland confirmed.
While in beta release, Kirkland is confident that this is just the start of the Snappy story: “This is the beginning not the end. It will demonstrate how much effort we put into building this fantastic system, applied to cloud and server instances,” said Kirkland.