In December 2014, Canonical announced Snappy Ubuntu Core (Snappy), a stripped-down version of an Ubuntu server with container support and transactional updates. Snappy evolved from the Ubuntu 8.10 server Just Enough Operating System (JeOS) — pronounced “juice” — which was designed to run in virtualized environments. With less than a 380 MB footprint, a specialized server kernel and no GUI, JeOS was perfect for running Linux VMs on vSphere, KVM and other hypervisors. The shift towards containers and the changing market dynamics of the Linux server segment motivated Canonical to announce Snappy as the new minimal Linux OS based on Ubuntu.
Open Source OS, Clear Leader for Cloud
Linux has seen tremendous growth in the last two decades. Thanks to efforts by vendors like Red Hat, Canonical, Micro Focus (SUSE) and Oracle, it is becoming a viable OS to run enterprise workloads. Linux is driving the cloud momentum as the preferred OS for public cloud and private cloud infrastructures. The Cloud Market, an independent entity that tracks OS deployments on Amazon EC2, reports that between January 2014 and February 2015, customers launched over 167,000 Linux VMs as opposed to only 14,000 Microsoft Windows VMs. These VMs run on a variety of Linux distributions including Ubuntu, Amazon Linux, CentOS, Debian, Red Hat Enterprise Linux, Fedora and SUSE.
Linux and Ubuntu also lead public and private cloud infrastructure deployments for OpenStack, as revealed in the OpenStack 2014 User Survey.
Containers Abandon the Bloated OS
Containerized applications encapsulate the runtime, frameworks, third party libraries and code, eliminating the dependency on the underlying operating system. A host running containers requires a minimal operating system and container runtime. Containerized applications never interact with any of the tools exposed by the host operating system, as they require only the runtime environment. This distilled OS approach contrasts with the current Linux distribution model, where the OS comes packaged with many tools that containerized applications may never use. Traditional Linux distribution vendors are now optimizing for containers. CoreOS, one of the first minimalistic Linux distributions, forced incumbent Linux OS vendors to revisit their strategy. Red Hat started an initiative called Project Atomic Hosts that optimizes Fedora and CentOS for containers.
The Internet of Things (IoT) architecture also requires a minimal OS as resource-constrained devices act as IoT Gateways. Linux distributions that are lean and mean play a critical role in connecting sensors to the cloud. Canonical Snappy is an example of such an OS. It runs on the latest Raspberry Pi 2, a credit card-sized computer powered by an ARM Cortex-A7 CPU.
Canonical finally introduced Ubuntu Touch. BQ Aquaris E4.5, the first phone powered by Ubuntu, went on sale in February 2015. Mark Shuttleworth, Canonical founder, claims that Snappy brings the precision, certainty, and reliability of a mobile OS to a cloud OS. Applications, along with the data that belongs to them, are completely isolated from each other to avoid compatibility issues. The OS can be updated and rolled back with minimal disruption or downtime.
Snappy Unique Architecture
Snappy is different from a traditional package-based Ubuntu server and desktop OS. It isolates each part of Ubuntu in a separate read-only file and does the same for each application. Developers can confidently update their applications without worrying about breaking other applications. Though Ubuntu Core is the base for Snappy, it does not include apt-get, the traditional package manager of Ubuntu. Administrators choose to upgrade the OS every time Ubuntu Core gets updated.
Snappy is designed and optimized to run Docker containers with Docker engine and command line tools pre-bundled. Any containerized application that runs in Docker can be easily ported to Snappy. Snappy is modular and extensible in its design. It is architected to efficiently manage the underlying operating system components and applications. Snappy Ubuntu Core has the following layers:
- Host: This is the physical layer that can be a phone, device, server or a virtual machine.
- Frameworks: Frameworks are third-party services that provide the runtime and dependencies to applications. Developers write their applications targeting one of the frameworks. Docker is the first framework supported by Snappy. Eventually, runtime environments like Java, Python, and .NET may be packaged. Frameworks can be independently upgraded and maintained without impacting the base operating system.
- Applications: Applications running in Snappy are called Snapps. They run within the context of frameworks. For example, containerized applications are Snapps within a Docker framework. Each Snapp is packaged and deployed in an isolated directory on the filesystem.
The modular architecture of core OS services, frameworks and applications makes Snappy an ideal operating system for microservices.
Source: Janakiram MSV
Security Through Program Isolation
Snappy follows the same security framework used in Canonical’s mobile OS. AppArmor kernel security confines applications through its strong isolation mechanism. Unlike traditional security frameworks, AppArmor’s security model binds access control attributes to programs instead of users. Based on Mandatory Access Control (MAC), AppArmor uses a system-controlled policy that restricts access to OS resources such as data files, devices and systems. Administrators define MAC criteria that is strictly enforced by the operating system.
According to Canonical, Snappy is reliable with updates to the operating system and applications. The OS and application files are kept entirely separate, as a set of distinct read-only images. When an administrator upgrades the OS, the changes are applied to a read-only partition. During the next reboot, the read-only partition becomes active. Since the previous state is also preserved, an administrator can easily rollback and reboot to revert to the previous configuration. Similarly, each time an application is updated, the data is backed up, and if the update fails, the application can rollback to its previous state.
Canonical plans to create a marketplace for framework providers and application developers to publish their work. A typical workflow of launching an application on Snappy includes booting a pristine instance of Snappy Ubuntu Core, installing a framework published in the marketplace, and finally deploying Snapps. Eventually, the marketplace can become the universal directory of Snapps targeting mobile, IoT and cloud deployment models.
Snappy Ubuntu Core can be deployed on hypervisors, cloud and devices. As of February 2015, Snappy VM images are available on Amazon EC2, Microsoft Azure and Google Compute Engine. Images for KVM, OVA and Vagrant are available.
IoT and the Future
A traditional Real-Time OS (RTOS) for embedded devices is not ready to handle the IoT revolution. The world of connected devices and continuous services demands a powerful, modern operating system. Sensing this opportunity, Canonical made a smart move towards the IoT. Snappy is currently available on a variety of x86 and ARM devices. The IoT section of Canonical’s website boasts support for mainstream IoT platforms such as Raspberry Pi 2, Beaglebone Black, and Odroid-C1.
Supporting a number of platforms and devices, Snappy is the cornerstone of Canonical’s IoT strategy. It delivers server-grade reliability and mobile-like simplicity to the IoT stack. Snappy has the potential to become the IoT Gateway to communicate with the microcontrollers connected to sensors, switches and actuators. From home automation provider Ninja Blocks, to Erle Robotics, a drone manufacturer, Canonical demonstrates Snappy can power the next generation IoT devices. Microsoft has partnered with Canonical to develop APIs based on Snappy Ubuntu Core for connecting industrial IoT devices. Other significant alliances include: Intel IoT Solution and IPSO.
Can Canonical Deliver?
Canonical’s vision to turn Snappy into a ubiquitous platform is compelling. From data center to cloud to mobile to embedded devices, Ubuntu is forging a visionary path. While CoreOS and Red Hat are focused on containerized workloads, Canonical is expanding relevance to a larger audience. Could this wide net constrain the company’s ability to cover the full spectrum of use cases and scenarios for each segment? The requirements to run scalable, containerized clusters on the cloud are entirely different from IoT devices and gateways. Snappy already has incompatibilities in its current form. Docker framework is supported on cloud and hypervisors but not on IoT platforms running on an ARM processor. Canonical should consider evolving “profiles” of Snappy Ubuntu targeted at each platform that it currently supports. But, it may also lead to the fragmentation of the OS, which is typical in open source.
One of the major limitations of Snappy is the lack of service discovery and cluster management tools. Container-optimized OSs like CoreOS and Atomic Hosts come with built-in tools to easily manage distributed workloads. etcd, one of the most popular frameworks used for service discovery in containers, is included in CoreOS. For scheduling and orchestrating containers, Kubernetes and Fleet are the preferred tools. Though developers can integrate these tools, Snappy should come with orchestration and cluster management tools.
Canonical announced an alternative container technology to Docker called LXD (pronounced “lex-dee”). Built on the proven LXC technology, LXD promises to offer a complete VM-like environment combined with the speed of containers. OpenStack Nova APIs are integrated with LXD to bring the unified experience of launching containers. Snappy almost certainly will support LXD as a framework, along with Docker. If Canonical choses to push LXD as the preferred framework by downplaying Docker, Snappy’s adoption among Docker developers will be limited. To be successful, Snappy should support mainstream container technologies including Docker, LXD, and Rocket from CoreOS. If Snappy delivers on its promise of ubiquity, it will become the first OS to support a wide variety of platforms.
The New Stack is a wholly owned subsidiary of Insight Partners, an investor in the following companies mentioned in this article: Docker, Real.