BETA
This is a BETA experience. You may opt-out by clicking here

More From Forbes

Edit Story

Ubuntu Core Changes The Game For Container Operating Systems

This article is more than 9 years old.

This last couple of weeks has seen some tension within the Linux Container world as CoreOS launched its Rocket container and questioned Docker’s longer term motives. Adding fuel to the fire today comes Canonical with its new “snappy” Ubuntu core. The new rendition of of Ubuntu is a minimal server image that shares the same libraries as today’s Ubuntu but via a simpler mechanism. Most importantly, the snappy approach allows Ubuntu to provide stronger security guarantees for applications. Snappy apps and Ubuntu Core itself can be upgraded atomically and rolled back if needed – an approach to systems management that lends itself to container deployments.

As a tiny-footprint operating system, Ubuntu Core lends itself to  ultra-dense computing applications – container farms, Docker deployments or PaaS, which brings it headfirst into battle with RedHat’s Atomic and CoreOS. Canonical is hanging its hat on two key differences that Ubuntu Core has over Atomic and CoreOS: extensibility and security. Mark Shuttleworth, astronaut, intellectual and founder of Ubuntu said the following via email about these two key areas:

First, the system is extensible. With both CoreOS and Atomic you have to buy in to everything that those companies choose - their versions of docker, their versions of management services. In Ubuntu Core we are able to make the core itself much smaller (and hence more secure) and keep all the opinionated pieces at the option of the user. Things like docker and the management system are choices of frameworks or apps that users can install on snappy Ubuntu, not choices we make for them. And this extensibility does not come at the price of the transactional update mechanism, because each of those components are transactionally updated in snappy systems. Snappy gives you update and roll back of both the base, and independent apps, where the others treat everything as an opaque blob.
Second, the system is more secure because we are able to isolate the applications from one another. Each app can only see a small portion of the system and certainly not see data that is specific to other apps. This stems from our requirement to allow folks to install games on the phone which cannot read the addressbook, simplistically speaking. In practice, there are sophisticated kernel security mechanisms we can bring to bear because of the way snappy apps are structured. We lead many of the core kernel containment work precisely because we care about that application isolation, not just on the phone, but equally on the cloud. It's great that snappy lets you install a web app and a database and be confident that a compromise in the web app will not mean the hacker can see the database files.

Interestingly Canonical has been developing Core for quite some time, but in the guise of a mobile application development implementation. Their timing is excellent, just as the world gets excited about transactional system, Canonical gets to introduce a product that solves the inherent problems with existing approaches. The fact that they’ve been developing said product in the open, albeit in another guise, no doubt makes Shuttleworth smile. Anyway, part of the way that Core delivers high-level security needs is by leveraging the approach Ubuntu took with its mobile development offerings - applications are confined by Canonical's AppArmor kernel security system, which delivers MAC-based isolation and human-friendly security profiles. In snappy editions of Ubuntu applications are isolated from one another completely. In practice this removes much of the need for security review of updates so application updates should be able to deploy instantly.

Snappy also promises to make updates smoother. When a snappy application is updated, all data is backed up before the update. The update is then rolled back if the update fails for any reason, so user’s system are never in an incomplete state. Updates are guaranteed to succeed every time, and users can rollback to previous versions just as efficiently.

Ubuntu Core is also extensible to different container services – at launch it can be trialed on Microsoft Azure and KVM images can be downloaded for local Linux desktop development. That’s something of a coup for Microsoft, from being anti-open source in its past, it is now the first public cloud vendor to deliver this new approach to Ubuntu.

Docker itself is wading in on the launch. CEO Ben Golub went on record saying that:

…snappy Ubuntu promises to bring the same [Docker-like] transactional updates to the operating system itself. We're delighted to see the Docker ecosystem expand with this exciting new platform

Canonical is aiming to make it easy for vendors to extend Core with frameworks. Frameworks can be provided by any vendor that extend the base Core system in collaboration with Canonical. Docker is the first framework for Ubuntu Core. In theory, Ubuntu Core could sit nicely alongside Rocket, CoreOS’ new container approach that took a broadside at Docker. On that note, I asked Shuttleworth for his views on Rocket – as a long term player within and observer of the open source world generally, he had this to say about the Rocket launch and CoreOS’ concerns about Docker:

I really don't think there's any need for concern at Docker's stewardship of Docker. However it seems to be human nature that a successful initiative demands a response, and so here we have Rocket. While I think the CoreOS folks mean well, I think they may have underestimated the friction and drag on developers that having to support multiple different systems represents. Does a developer who wants to publish Docker images of his database also have to publish Rocket images? I'm sure there are things that can be improved, but adding up the cost of everybody having to do everything twice makes me wince. Docker does a good enough job of leading Docker that I think Rocket is unwarranted, but if it wasn't Rocket it would be someone else and in the end it's easy for me at least to be confident that Rocket will work just as well on Ubuntu as Docker does, if that's what it takes to satisfy that audience.

So, how does Ubuntu Core work? The genesis of the product was in Ubuntu’s efforts to perfect system and application updates on mobile phones, the company created the snappy technology and application confinement system to ensure a carrier-grade update experience for Ubuntu mobile users and deliver high levels of mobile security. Ubuntu Core brings that technology to the cloud and has the following attributes:

  • The OS and application files are kept completely separate, as a set of distinct read-only images.
  • Transactional, image-based delta updates for the system and applications.
  • These files are read-only, which means they cannot be tampered with and can be updated perfectly and predictably every time.
  • Signatures and fingerprints ensure users are running exactly what was published by the developer.
  • Delta management keeps the size of downloads to the bare minimum.

In terms of architecture, there are three layers that make up a snappy machine: the system layer, provided by Canonical, a layer of frameworks that extend the base system produced by vendors in collaboration with Canonical, and a set of snappy applications, provided directly by vendors. Updating any piece just means using the new version of a read-only image, reverting to a previous version is similarly easy.

Summary

This is interesting from a couple of perspectives. From a commercial viewpoint – this move launches an attach on both Red Hat , with its Project Atomic efforts, and CoreOS with its own stripped down operating system. More importantly however it seems to offer some real solutions to one of the bigger issues that people have had with containers generally and Docker in particular. This could be an answer to those who hold up isolation limitations as a reason for containers not really getting traction. It will be interesting to see how much broad support Ubuntu Core gets, and the reaction from the newly threatened competitors.

Follow me on TwitterCheck out my website