SlideShare a Scribd company logo

Ubuntu Snap 技术介绍

Rex Tsai
Rex Tsai

This document introduces Ubuntu Snap technology. It discusses that Snap is a new software package format that provides transactional updates, self-containment, and application confinement through security mechanisms. Snap packages can contain services, command line tools, or graphical applications and provide writable spaces for data and common areas between versions. The document also overviewed Snapcraft for developing Snaps and Ubuntu Core which uses all Snaps for an minimal and secure IoT focused Ubuntu distribution.

Software
1 of 56
Download to read offline
Ubuntu Snap 技术介绍 Rex Tsai Technical Architect rex.tsai@canoincal.com 29 August 2017
Ubuntu 简介
Canonical We are the company behind Ubuntu
Ubuntu is the #1 Choice for Innovators 3 million + developers
cloud to edge
Ubuntu is powering smart IoT Smart drone controllers Advanced robotics Home gateways Industrial gateways Digital Signage
Source: Eclipse Foundation + StackOverflow survey Mint Fedor a Debi an Oth er Ubunt u Ubuntu is the #1 Choice for Innovators & developers 2% 2% 3% 6% 17%
Ubuntu Snap 软件包 全新的软件包格式
特色软件 https://uappexplorer.com/snaps https://insights.ubuntu.com/tag/snaps
六、七月特色软件
特色软件 - 微信客户端 Electronic WeChat is a unofficial WeChat client. A better WeChat on Linux. Built with Electron. By DawnDIY https://uappexplorer.com/snap/ubuntu/electronic-wechat
特色软件 - 豆瓣FM An unofficial client of Douban FM. You can select the channels you like to play songs and share it to Sina Weibo. By DawnDIY https://uappexplorer.com/snap/ubuntu/douban-fm
Snap 技术架构
snap code & assets (squashfs, RO bind-mounted in /snap/<snap_name>/<version>) $SNAP ServiceService CLI GUI ● A squashFS filesystem containing your app runtime and a snap.yaml file with specific metadata. It has a read-only file-system and, once installed, a writable area ● Self-contained. It bundles most of the libraries and runtimes it needs and can be updated and reverted without affecting the rest of the system ● Confined from the OS and other apps through security mechanisms, but can exchange content and functions with other snaps according to fine-grained policies controlled by the user and the OS defaults What is a Snap?
snap code & assets (squashfs, RO bind-mounted in /snap/<snap_name>/<version>) $SNAP ServiceService CLI GUI ● As squashFS filesystem based architecture, the snap is capable of providing: ■ Transactional updates ■ Integrity of the content ■ Compression (⅓ of unpacked size) ■ Read Only Snap Package Architecture
● A snap package ships: ■ One or more services ■ CLI apps ■ GUI apps ■ They are not limited to one process. snap code & assets (squashfs, RO bind-mounted in /snap/<snap_name>/<version>) $SNAP ServiceService CLI GUI Snap Package Architecture
● It has its own writable space (services and users) & (versioned and unversioned) Versioned root writable area $SNAP_DATA Versioned User writable area $SNAP_USER_DATA Common root writable area $SNAP_COMMON Common User writable area $SNAP_USER_COMMON snap code & assets (squashfs, RO bind-mounted in /snap/<snap_name>/<version>) $SNAP ServiceService CLI GUI Snap Package Architecture
● Process Isolation (/tmp per process and app process) Common root writable area $SNAP_COMMON Common User writable area $SNAP_USER_COMMON snap code & assets (squashfs, RO bind-mounted in /snap/<snap_name>/<version>) $SNAP ServiceService CLI GUI /tmp /tmp Versioned root writable area $SNAP_DATA Versioned User writable area $SNAP_USER_DATA Snap Package Architecture
● MAC to other resources (Paths (/home), Devices /dev, etc) mediated with interfaces Common root writable area $SNAP_COMMON Common User writable area $SNAP_USER_COMMON snap code & assets (squashfs, RO bind-mounted in /snap/<snap_name>/<version>) $SNAP ServiceService CLI GUI /tmp /tmp Versioned root writable area $SNAP_DATA Versioned User writable area $SNAP_USER_DATA Snap Package Architecture
Common root writable area $SNAP_COMMON Common User writable area $SNAP_USER_COMMON Versioned root writable area $SNAP_DATA Versioned User writable area $SNAP_USER_DATA Snap Package Architecture: Snappy FHS ● SNAP​: installation directory (read-only) ● SNAP_DATA​: per-revision application data directory (writable​) ● SNAP_COMMON​: application data directory common to all revisions (writable​) ● SNAP_USER_DATA​: per-revision, per-user application data directory (writable​) ● SNAP_USER_COMMON​: per-user application data directory common to all revisions (writable​) ● SNAP_ARCH​: architecture of the system (eg, amd64, arm64, armhf, i386, etc) ● SNAP_LIBRARY_PATH​: library paths added to LD_LIBRARY_PATH ● SNAP_NAME​: package name ● SNAP_REVISION​: store revision for this snap ● SNAP_VERSION​: package version ● TMPDIR​: temporary directory (writable​) ● XDG_RUNTIME_DIR​: set to /run/user//snap.$SNAP_NAME (writable​) $SNAP
The snapd system ● snapd, a management environment that handles installing and updating snaps using the transactional system, as well as garbage collection of old versions of snaps ● snapd-confine, an execution environment for the applications and services delivered in snap packages ● Interface, snaps interact with each other using interface
跨越操作系统的封装格式 https://snapcraft.io/docs/core/install
动手尝试 https://tutorials.ubuntu.com/tutorial/basic-snap-usage 操作方式
Ubuntu Core
A minimal, secure, transactional Ubuntu designed for IoT
What is Ubuntu Core? A minimal version with the same bits as today’s Ubuntu Ubuntu Core with transactional updates Applications confined by technologies lead by Canonical Safe, reliable, worry free updates with tests and rollback Amazing developer experience with snapcraft Easily extensible Easily create app stores for all your devices
All Snap Architecture In a snappy system, all software beyond the bootloader is distributed as a snap in this same format. ● The OS snap contains the core operating system. ● The kernel snap contains the kernel and hardware-specific drivers. ● The gadget snap is device specific and is used to configure a particular model of device. Ubuntu Core Kernel 4.4 Confined applications packages as a snap with dependencies Minimal OS packaged as snap Clearly defined Kernel and device packaged as snap
OS IMAGE SIZE Ubuntu Core 350 MB 829 MB Ubuntu Server Minimal footprint
Legacy Ubuntu Core Kernel Kernel Confined applications packages as a snap with dependencies Minimal OS packaged as snap Clearly defined Kernel and device packaged as snap OS packageApplication B Shared library Device driverApplicatio n A Legend: Modular and simple architecture
Transactional updates: Apps, OS and kernel Original data Writable area Original snap Upgrade Modified data during upgrade Writable area Updated snap Original data Writable area Original data is kept on device Original snap Original data Writable area Original snap Rollback on failure
Automatically confines applications kernel os appapp writable areawritable area Snaps are confined and isolated app writable area app writable area
Security and apps confinement
Apps confinement: Trust model The trust model of snappy Ubuntu Core is different from traditional Ubuntu Software is either: ● Part of the base system OS ● Pre-installed via OEM/gadget snaps (apps and frameworks installed during provisioning) ● Snaps installed from a store
Apps confinement: Trust model By default the application snaps are untrusted by the OS and: ● cannot access other applications' data ● cannot access non-app-specific user data ● cannot access privileged portions of the OS VSTrusted by the OS Untrusted by the OS
Several technologies are used by snappy Ubuntu Core to: ● Implement the security sandboxing ● Implement the application isolation These technologies are mainly: ● AppArmor: A Mandatory Access Control system to confine programs and processes to a limited set of resources. (Application Isolation) ● Seccomp: A secure computing mode that provides an application sandboxing mechanism (wiki) ● Device cgroups: are a kernel mechanism for grouping, tracking, and limiting the resource usage of tasks Apps confinement: Technologies example https://wiki.ubuntu.com/SecurityTeam/Specifications/SnappyConfinement
Snap locations after installation data from app with root can be written to var/lib/apps/<app-name>/<version>/ However, if an app does not have root privs, the best place for dumping data is
Snapcraft
Developers from multiple Linux distributions and companies collaborate on the “snap” universal Linux package format, enabling a single binary package to work perfectly and securely on any Linux desktop, server, cloud or device. snapcraft.io
Snapcraft lets developers assemble their snap from existing projects, leveraging different technologies. ... Project A (Part A) Project B (Part B) Project C (Part C) snapcraft.io
For developers: ● snap your app once and it will run on any snappy device ● can leverage existing part library ('stand on the shoulder of giants') ● complete control of their entire software stack Snapcraft benefits
Snapcraft 组合机制 Snapcraft lets developers assemble their snap from existing projects.
● A central aspect of a snapcraft recipe is a "part". A part is a piece of software or data that the snap package requires to work or to build other parts. ● Each part is managed by a snapcraft plugin that encapsulates the logic of the underlying technology parts: cam: plugin: go source: git://github.com/mikix/golang-static-http stage-packages: - fswebcam glue: plugin: copy files: webcam-webui: bin/webcam-webui snapcraft.io
Snapcraft plugins $ snapcraft list-plugins ant cmake gradle kbuild maven plainbox-provider qmake autotools copy gulp kernel nil python2 scons catkin go jdk make nodejs python3 tar-content Write your own plugins: - https://developer.ubuntu.com/en/snappy/build-apps/plugins/ Custom plugin examples: - https://github.com/ubuntu/snappy-playpen
Live tour of snapcraft build commands (clean, stage, prime…) Snapcraft upload/update/release commands Snap usage
创建软件包
创见你的第一个 snap... ● 手把手教学 ○ https://tutorials.ubuntu.com/tutorial/create-your-first-snap ○ https://tutorials.ubuntu.com/tutorial/snap-a-python-application ● 动手做一个服务器 ○ https://tutorials.ubuntu.com/tutorial/build-a-nodejs-service ● 看看别人的代码… ○ https://github.com/search?utf8=%E2%9C%93&q=filename %3Asnapcraft.yaml&type=Code
Confidential Canonical™ build.snapcraft.io 持续交付 快速迭代
build.snapcraft.io Create an update Auto build and publish Auto update and rollback
build.snapcraft.io
How to build your app for all architectures? ● Develop your application for one architecture and test it successfully, let’s say amd64 ● Create a project on launchpad and make use of the services there ○ https://kyrofa.com/posts/building-your-snap-on-device-there-s-a-better-way ○ Click on the “Create snap package” button
近期活动
https://www.shenzhenware.com/events/1047030532
http://www.huodongxing.com/event/239810979480
Ubuntu官方微博 Ubuntu官方微信 参加黑客松微信群
其他英文资源 ● Ask a question on Ask Ubuntu ○ If you’re stuck on a problem, someone else has probably encountered it too and they can help you. Take a look at the "ubuntu-core" tag on Ask Ubuntu or ask a question. ● Join our real time chat (#snappy on freenode.net) ○ Share your projects and ask other developers for support. This high-bandwidth IRC channel is a good place when you are looking for a quick answer to a single question. ● For app developers ○ Reach out to other snap developers by using the"snapcraft" tag on Ask Ubuntu, join the snapcraft mailing list and make sure to join the Ubuntu App Developers Google+ community. ● Snapcraft.io forums ○ This is the place where snap users, contributors and developers get together. We are a multi-distribution team of enthusiasts and professionals that want to improve the way software is distributed and used in Linux systems. https://forum.snapcraft.io/
Thank you Rex Tsai http://weibo.com/chihchun/ rex.tsai@canonical.com

Recommended

Airbyte - Seed deck
Airbyte - Seed deckAirbyte - Seed deck
Airbyte - Seed deckAirbyte
 
Airbyte - Series-A deck
Airbyte - Series-A deckAirbyte - Series-A deck
Airbyte - Series-A deckAirbyte
 
Strapi Meetup Presentation
Strapi Meetup PresentationStrapi Meetup Presentation
Strapi Meetup PresentationStrapi
 
Headless Architecture
Headless ArchitectureHeadless Architecture
Headless ArchitectureAmandeep Singh
 
正しいものを正しく作る塾-設計コース
正しいものを正しく作る塾-設計コース正しいものを正しく作る塾-設計コース
正しいものを正しく作る塾-設計コース増田 亨
 
Mastering the VC Game presentation
Mastering the VC Game presentationMastering the VC Game presentation
Mastering the VC Game presentationJeffrey Bussgang
 
Lessons Learned Using arc42 in a Real DevOps Team
Lessons Learned Using arc42 in a Real DevOps TeamLessons Learned Using arc42 in a Real DevOps Team
Lessons Learned Using arc42 in a Real DevOps TeamJohannes Dienst
 
To agility, and beyond...
To agility, and beyond...To agility, and beyond...
To agility, and beyond...KentBeck
 

Recommended

Airbyte - Seed deck
Airbyte - Seed deckAirbyte - Seed deck
Airbyte - Seed deckAirbyte
 
Airbyte - Series-A deck
Airbyte - Series-A deckAirbyte - Series-A deck
Airbyte - Series-A deckAirbyte
 
Strapi Meetup Presentation
Strapi Meetup PresentationStrapi Meetup Presentation
Strapi Meetup PresentationStrapi
 
Headless Architecture
Headless ArchitectureHeadless Architecture
Headless ArchitectureAmandeep Singh
 
正しいものを正しく作る塾-設計コース
正しいものを正しく作る塾-設計コース正しいものを正しく作る塾-設計コース
正しいものを正しく作る塾-設計コース増田 亨
 
Mastering the VC Game presentation
Mastering the VC Game presentationMastering the VC Game presentation
Mastering the VC Game presentationJeffrey Bussgang
 
Lessons Learned Using arc42 in a Real DevOps Team
Lessons Learned Using arc42 in a Real DevOps TeamLessons Learned Using arc42 in a Real DevOps Team
Lessons Learned Using arc42 in a Real DevOps TeamJohannes Dienst
 
To agility, and beyond...
To agility, and beyond...To agility, and beyond...
To agility, and beyond...KentBeck
 
Airbyte - Series-B deck
Airbyte - Series-B deckAirbyte - Series-B deck
Airbyte - Series-B deckAirbyte
 
Final san diego venture group keynote 2016
Final san diego venture group keynote 2016Final san diego venture group keynote 2016
Final san diego venture group keynote 2016Mark Suster
 
Frédérique Game - WordCamp Paris 2023.pdf
Frédérique Game - WordCamp Paris 2023.pdfFrédérique Game - WordCamp Paris 2023.pdf
Frédérique Game - WordCamp Paris 2023.pdfFrédérique Game
 
Cloud adoption fails - 5 ways deployments go wrong and 5 solutions
Cloud adoption fails - 5 ways deployments go wrong and 5 solutionsCloud adoption fails - 5 ways deployments go wrong and 5 solutions
Cloud adoption fails - 5 ways deployments go wrong and 5 solutionsYevgeniy Brikman
 
Monday.com - NOAH19 Tel Aviv
Monday.com - NOAH19 Tel AvivMonday.com - NOAH19 Tel Aviv
Monday.com - NOAH19 Tel AvivNOAH Advisors
 
ドメイン駆動設計 複雑さに立ち向かう
ドメイン駆動設計 複雑さに立ち向かうドメイン駆動設計 複雑さに立ち向かう
ドメイン駆動設計 複雑さに立ち向かう増田 亨
 
A quick introduction to Strapi CMS
A quick introduction to Strapi CMSA quick introduction to Strapi CMS
A quick introduction to Strapi CMSAshokkumar T A
 
Cloudera's Original Pitch Deck from 2008
Cloudera's Original Pitch Deck from 2008Cloudera's Original Pitch Deck from 2008
Cloudera's Original Pitch Deck from 2008Accel
 
Y Combinator Startup Class #19 : How to talk to investors 2/2
Y Combinator Startup Class #19 : How to talk to investors 2/2Y Combinator Startup Class #19 : How to talk to investors 2/2
Y Combinator Startup Class #19 : How to talk to investors 2/2Fabien Grenet
 
Share point開発 勤怠管理
Share point開発 勤怠管理Share point開発 勤怠管理
Share point開発 勤怠管理Akihiro Ehara
 
Get Real-Time Cyber Threat Protection with Risk Management and SIEM
Get Real-Time Cyber Threat Protection with Risk Management and SIEMGet Real-Time Cyber Threat Protection with Risk Management and SIEM
Get Real-Time Cyber Threat Protection with Risk Management and SIEMRapid7
 
如何在 Ubuntu 上更快、更便捷地部署物联网设备
如何在 Ubuntu 上更快、更便捷地部署物联网设备如何在 Ubuntu 上更快、更便捷地部署物联网设备
如何在 Ubuntu 上更快、更便捷地部署物联网设备Rex Tsai
 
Ubuntu phone engineering
Ubuntu phone engineeringUbuntu phone engineering
Ubuntu phone engineeringRex Tsai
 
Webapps development on ubuntu
Webapps development on ubuntuWebapps development on ubuntu
Webapps development on ubuntuXiaoguo Liu
 
Snap - the universal packaging format for linux distros
Snap - the universal packaging format for linux distrosSnap - the universal packaging format for linux distros
Snap - the universal packaging format for linux distrosAnthony Wong
 
开放原码手机操作系统 Ubuntu Phone 架构、移植与刷机
开放原码手机操作系统 Ubuntu Phone 架构、移植与刷机开放原码手机操作系统 Ubuntu Phone 架构、移植与刷机
开放原码手机操作系统 Ubuntu Phone 架构、移植与刷机Rex Tsai
 
BKK16-406 Ubuntu Core - a snappy platform for Embedded, IoT and 96boards!
BKK16-406 Ubuntu Core - a snappy platform for Embedded, IoT and 96boards!BKK16-406 Ubuntu Core - a snappy platform for Embedded, IoT and 96boards!
BKK16-406 Ubuntu Core - a snappy platform for Embedded, IoT and 96boards!Linaro
 
OpenStack Murano introduction
OpenStack Murano introductionOpenStack Murano introduction
OpenStack Murano introductionVictor Zhang
 
What's new in p2 (2009)?
What's new in p2 (2009)?What's new in p2 (2009)?
What's new in p2 (2009)?Pascal Rapicault
 
OpenStack Murano
OpenStack MuranoOpenStack Murano
OpenStack Muranoopenstackstl
 
Backtrack Manual Part4
Backtrack Manual Part4Backtrack Manual Part4
Backtrack Manual Part4Nutan Kumar Panda
 
Extending OpenShift Origin: Build Your Own Cartridge with Bill DeCoste of Red...
Extending OpenShift Origin: Build Your Own Cartridge with Bill DeCoste of Red...Extending OpenShift Origin: Build Your Own Cartridge with Bill DeCoste of Red...
Extending OpenShift Origin: Build Your Own Cartridge with Bill DeCoste of Red...OpenShift Origin
 

More Related Content

What's hot

Airbyte - Series-B deck
Airbyte - Series-B deckAirbyte - Series-B deck
Airbyte - Series-B deckAirbyte
 
Final san diego venture group keynote 2016
Final san diego venture group keynote 2016Final san diego venture group keynote 2016
Final san diego venture group keynote 2016Mark Suster
 
Frédérique Game - WordCamp Paris 2023.pdf
Frédérique Game - WordCamp Paris 2023.pdfFrédérique Game - WordCamp Paris 2023.pdf
Frédérique Game - WordCamp Paris 2023.pdfFrédérique Game
 
Cloud adoption fails - 5 ways deployments go wrong and 5 solutions
Cloud adoption fails - 5 ways deployments go wrong and 5 solutionsCloud adoption fails - 5 ways deployments go wrong and 5 solutions
Cloud adoption fails - 5 ways deployments go wrong and 5 solutionsYevgeniy Brikman
 
Monday.com - NOAH19 Tel Aviv
Monday.com - NOAH19 Tel AvivMonday.com - NOAH19 Tel Aviv
Monday.com - NOAH19 Tel AvivNOAH Advisors
 
ドメイン駆動設計 複雑さに立ち向かう
ドメイン駆動設計 複雑さに立ち向かうドメイン駆動設計 複雑さに立ち向かう
ドメイン駆動設計 複雑さに立ち向かう増田 亨
 
A quick introduction to Strapi CMS
A quick introduction to Strapi CMSA quick introduction to Strapi CMS
A quick introduction to Strapi CMSAshokkumar T A
 
Cloudera's Original Pitch Deck from 2008
Cloudera's Original Pitch Deck from 2008Cloudera's Original Pitch Deck from 2008
Cloudera's Original Pitch Deck from 2008Accel
 
Y Combinator Startup Class #19 : How to talk to investors 2/2
Y Combinator Startup Class #19 : How to talk to investors 2/2Y Combinator Startup Class #19 : How to talk to investors 2/2
Y Combinator Startup Class #19 : How to talk to investors 2/2Fabien Grenet
 
Share point開発 勤怠管理
Share point開発 勤怠管理Share point開発 勤怠管理
Share point開発 勤怠管理Akihiro Ehara
 
Get Real-Time Cyber Threat Protection with Risk Management and SIEM
Get Real-Time Cyber Threat Protection with Risk Management and SIEMGet Real-Time Cyber Threat Protection with Risk Management and SIEM
Get Real-Time Cyber Threat Protection with Risk Management and SIEMRapid7
 

What's hot (11)

Airbyte - Series-B deck
Airbyte - Series-B deckAirbyte - Series-B deck
Airbyte - Series-B deck
 
Final san diego venture group keynote 2016
Final san diego venture group keynote 2016Final san diego venture group keynote 2016
Final san diego venture group keynote 2016
 
Frédérique Game - WordCamp Paris 2023.pdf
Frédérique Game - WordCamp Paris 2023.pdfFrédérique Game - WordCamp Paris 2023.pdf
Frédérique Game - WordCamp Paris 2023.pdf
 
Cloud adoption fails - 5 ways deployments go wrong and 5 solutions
Cloud adoption fails - 5 ways deployments go wrong and 5 solutionsCloud adoption fails - 5 ways deployments go wrong and 5 solutions
Cloud adoption fails - 5 ways deployments go wrong and 5 solutions
 
Monday.com - NOAH19 Tel Aviv
Monday.com - NOAH19 Tel AvivMonday.com - NOAH19 Tel Aviv
Monday.com - NOAH19 Tel Aviv
 
ドメイン駆動設計 複雑さに立ち向かう
ドメイン駆動設計 複雑さに立ち向かうドメイン駆動設計 複雑さに立ち向かう
ドメイン駆動設計 複雑さに立ち向かう
 
A quick introduction to Strapi CMS
A quick introduction to Strapi CMSA quick introduction to Strapi CMS
A quick introduction to Strapi CMS
 
Cloudera's Original Pitch Deck from 2008
Cloudera's Original Pitch Deck from 2008Cloudera's Original Pitch Deck from 2008
Cloudera's Original Pitch Deck from 2008
 
Y Combinator Startup Class #19 : How to talk to investors 2/2
Y Combinator Startup Class #19 : How to talk to investors 2/2Y Combinator Startup Class #19 : How to talk to investors 2/2
Y Combinator Startup Class #19 : How to talk to investors 2/2
 
Share point開発 勤怠管理
Share point開発 勤怠管理Share point開発 勤怠管理
Share point開発 勤怠管理
 
Get Real-Time Cyber Threat Protection with Risk Management and SIEM
Get Real-Time Cyber Threat Protection with Risk Management and SIEMGet Real-Time Cyber Threat Protection with Risk Management and SIEM
Get Real-Time Cyber Threat Protection with Risk Management and SIEM
 

Similar to Ubuntu Snap 技术介绍

如何在 Ubuntu 上更快、更便捷地部署物联网设备
如何在 Ubuntu 上更快、更便捷地部署物联网设备如何在 Ubuntu 上更快、更便捷地部署物联网设备
如何在 Ubuntu 上更快、更便捷地部署物联网设备Rex Tsai
 
Ubuntu phone engineering
Ubuntu phone engineeringUbuntu phone engineering
Ubuntu phone engineeringRex Tsai
 
Webapps development on ubuntu
Webapps development on ubuntuWebapps development on ubuntu
Webapps development on ubuntuXiaoguo Liu
 
Snap - the universal packaging format for linux distros
Snap - the universal packaging format for linux distrosSnap - the universal packaging format for linux distros
Snap - the universal packaging format for linux distrosAnthony Wong
 
开放原码手机操作系统 Ubuntu Phone 架构、移植与刷机
开放原码手机操作系统 Ubuntu Phone 架构、移植与刷机开放原码手机操作系统 Ubuntu Phone 架构、移植与刷机
开放原码手机操作系统 Ubuntu Phone 架构、移植与刷机Rex Tsai
 
BKK16-406 Ubuntu Core - a snappy platform for Embedded, IoT and 96boards!
BKK16-406 Ubuntu Core - a snappy platform for Embedded, IoT and 96boards!BKK16-406 Ubuntu Core - a snappy platform for Embedded, IoT and 96boards!
BKK16-406 Ubuntu Core - a snappy platform for Embedded, IoT and 96boards!Linaro
 
OpenStack Murano introduction
OpenStack Murano introductionOpenStack Murano introduction
OpenStack Murano introductionVictor Zhang
 
Extending OpenShift Origin: Build Your Own Cartridge with Bill DeCoste of Red...
Extending OpenShift Origin: Build Your Own Cartridge with Bill DeCoste of Red...Extending OpenShift Origin: Build Your Own Cartridge with Bill DeCoste of Red...
Extending OpenShift Origin: Build Your Own Cartridge with Bill DeCoste of Red...OpenShift Origin
 
Build and deploy scientific Python Applications
Build and deploy scientific Python Applications Build and deploy scientific Python Applications
Build and deploy scientific Python Applications Ramakrishna Reddy
 
Extending Android's Platform Toolsuite
Extending Android's Platform ToolsuiteExtending Android's Platform Toolsuite
Extending Android's Platform ToolsuiteOpersys inc.
 
Advanced deployment scenarios (netcoreconf)
Advanced deployment scenarios (netcoreconf)Advanced deployment scenarios (netcoreconf)
Advanced deployment scenarios (netcoreconf)Sergio Navarro Pino
 
Practical virtual network functions with Snabb (8th SDN Workshop)
Practical virtual network functions with Snabb (8th SDN Workshop)Practical virtual network functions with Snabb (8th SDN Workshop)
Practical virtual network functions with Snabb (8th SDN Workshop)Igalia
 

Similar to Ubuntu Snap 技术介绍 (20)

如何在 Ubuntu 上更快、更便捷地部署物联网设备
如何在 Ubuntu 上更快、更便捷地部署物联网设备如何在 Ubuntu 上更快、更便捷地部署物联网设备
如何在 Ubuntu 上更快、更便捷地部署物联网设备
 
Ubuntu phone engineering
Ubuntu phone engineeringUbuntu phone engineering
Ubuntu phone engineering
 
Webapps development on ubuntu
Webapps development on ubuntuWebapps development on ubuntu
Webapps development on ubuntu
 
Snap - the universal packaging format for linux distros
Snap - the universal packaging format for linux distrosSnap - the universal packaging format for linux distros
Snap - the universal packaging format for linux distros
 
开放原码手机操作系统 Ubuntu Phone 架构、移植与刷机
开放原码手机操作系统 Ubuntu Phone 架构、移植与刷机开放原码手机操作系统 Ubuntu Phone 架构、移植与刷机
开放原码手机操作系统 Ubuntu Phone 架构、移植与刷机
 
BKK16-406 Ubuntu Core - a snappy platform for Embedded, IoT and 96boards!
BKK16-406 Ubuntu Core - a snappy platform for Embedded, IoT and 96boards!BKK16-406 Ubuntu Core - a snappy platform for Embedded, IoT and 96boards!
BKK16-406 Ubuntu Core - a snappy platform for Embedded, IoT and 96boards!
 
OpenStack Murano introduction
OpenStack Murano introductionOpenStack Murano introduction
OpenStack Murano introduction
 
What's new in p2 (2009)?
What's new in p2 (2009)?What's new in p2 (2009)?
What's new in p2 (2009)?
 
OpenStack Murano
OpenStack MuranoOpenStack Murano
OpenStack Murano
 
Backtrack Manual Part4
Backtrack Manual Part4Backtrack Manual Part4
Backtrack Manual Part4
 
Extending OpenShift Origin: Build Your Own Cartridge with Bill DeCoste of Red...
Extending OpenShift Origin: Build Your Own Cartridge with Bill DeCoste of Red...Extending OpenShift Origin: Build Your Own Cartridge with Bill DeCoste of Red...
Extending OpenShift Origin: Build Your Own Cartridge with Bill DeCoste of Red...
 
Advanced deployment scenarios
Advanced deployment scenariosAdvanced deployment scenarios
Advanced deployment scenarios
 
Build and deploy scientific Python Applications
Build and deploy scientific Python Applications Build and deploy scientific Python Applications
Build and deploy scientific Python Applications
 
SnapDiff
SnapDiffSnapDiff
SnapDiff
 
Flatpak
FlatpakFlatpak
Flatpak
 
Extending Android's Platform Toolsuite
Extending Android's Platform ToolsuiteExtending Android's Platform Toolsuite
Extending Android's Platform Toolsuite
 
Advanced deployment scenarios (netcoreconf)
Advanced deployment scenarios (netcoreconf)Advanced deployment scenarios (netcoreconf)
Advanced deployment scenarios (netcoreconf)
 
All in one
All in oneAll in one
All in one
 
Practical virtual network functions with Snabb (8th SDN Workshop)
Practical virtual network functions with Snabb (8th SDN Workshop)Practical virtual network functions with Snabb (8th SDN Workshop)
Practical virtual network functions with Snabb (8th SDN Workshop)
 
Android
Android Android
Android
 

More from Rex Tsai

登山步道開放資料格式標準化
登山步道開放資料格式標準化登山步道開放資料格式標準化
登山步道開放資料格式標準化Rex Tsai
 
Building a developer community with containers
Building a developer community with containersBuilding a developer community with containers
Building a developer community with containersRex Tsai
 
台灣開源社區淺談 (Open Source and Free Software community in Taiwan)
台灣開源社區淺談 (Open Source and Free Software community in Taiwan)台灣開源社區淺談 (Open Source and Free Software community in Taiwan)
台灣開源社區淺談 (Open Source and Free Software community in Taiwan)Rex Tsai
 
以 Leaflet 濫用^H^H呈現開放街圖資料
以 Leaflet 濫用^H^H呈現開放街圖資料以 Leaflet 濫用^H^H呈現開放街圖資料
以 Leaflet 濫用^H^H呈現開放街圖資料Rex Tsai
 
Everest basecamp & gokyo trekking
Everest basecamp & gokyo trekkingEverest basecamp & gokyo trekking
Everest basecamp & gokyo trekkingRex Tsai
 
Oepn Street Map Batch edting via API
Oepn Street Map Batch edting via APIOepn Street Map Batch edting via API
Oepn Street Map Batch edting via APIRex Tsai
 
Screencasting
ScreencastingScreencasting
ScreencastingRex Tsai
 
以開源軟體與 Open Street Map 規劃登山行程
以開源軟體與 Open Street Map 規劃登山行程 以開源軟體與 Open Street Map 規劃登山行程
以開源軟體與 Open Street Map 規劃登山行程Rex Tsai
 
Modern Linux Desktop Stack
Modern Linux Desktop StackModern Linux Desktop Stack
Modern Linux Desktop StackRex Tsai
 
Get your FLOSS problems solved
Get your FLOSS problems solvedGet your FLOSS problems solved
Get your FLOSS problems solvedRex Tsai
 
遺失的時代精神 - Zeitgeist and GNOME Activity Journal
遺失的時代精神 - Zeitgeist and GNOME Activity Journal遺失的時代精神 - Zeitgeist and GNOME Activity Journal
遺失的時代精神 - Zeitgeist and GNOME Activity JournalRex Tsai
 
Layer 8 - Open source communities and your product
Layer 8 - Open source communities and your productLayer 8 - Open source communities and your product
Layer 8 - Open source communities and your productRex Tsai
 
A Study of SVG-based Application Development @ OSDC 2010
A Study of SVG-based Application Development @ OSDC 2010A Study of SVG-based Application Development @ OSDC 2010
A Study of SVG-based Application Development @ OSDC 2010Rex Tsai
 
OpenWrt Case Study 2008
OpenWrt Case Study 2008OpenWrt Case Study 2008
OpenWrt Case Study 2008Rex Tsai
 
OpenWrt101 2007
OpenWrt101 2007OpenWrt101 2007
OpenWrt101 2007Rex Tsai
 
OpenLab.Taipei #2 PORTA2030 Extra
OpenLab.Taipei #2 PORTA2030 ExtraOpenLab.Taipei #2 PORTA2030 Extra
OpenLab.Taipei #2 PORTA2030 ExtraRex Tsai
 
OpenLab.Taipei #2 PORTA2030
OpenLab.Taipei #2 PORTA2030OpenLab.Taipei #2 PORTA2030
OpenLab.Taipei #2 PORTA2030Rex Tsai
 
OpenWRT, A value-add base solution for your product. (1st part, chihchun)
OpenWRT, A value-add base solution for your product. (1st part, chihchun)OpenWRT, A value-add base solution for your product. (1st part, chihchun)
OpenWRT, A value-add base solution for your product. (1st part, chihchun)Rex Tsai
 

More from Rex Tsai (18)

登山步道開放資料格式標準化
登山步道開放資料格式標準化登山步道開放資料格式標準化
登山步道開放資料格式標準化
 
Building a developer community with containers
Building a developer community with containersBuilding a developer community with containers
Building a developer community with containers
 
台灣開源社區淺談 (Open Source and Free Software community in Taiwan)
台灣開源社區淺談 (Open Source and Free Software community in Taiwan)台灣開源社區淺談 (Open Source and Free Software community in Taiwan)
台灣開源社區淺談 (Open Source and Free Software community in Taiwan)
 
以 Leaflet 濫用^H^H呈現開放街圖資料
以 Leaflet 濫用^H^H呈現開放街圖資料以 Leaflet 濫用^H^H呈現開放街圖資料
以 Leaflet 濫用^H^H呈現開放街圖資料
 
Everest basecamp & gokyo trekking
Everest basecamp & gokyo trekkingEverest basecamp & gokyo trekking
Everest basecamp & gokyo trekking
 
Oepn Street Map Batch edting via API
Oepn Street Map Batch edting via APIOepn Street Map Batch edting via API
Oepn Street Map Batch edting via API
 
Screencasting
ScreencastingScreencasting
Screencasting
 
以開源軟體與 Open Street Map 規劃登山行程
以開源軟體與 Open Street Map 規劃登山行程 以開源軟體與 Open Street Map 規劃登山行程
以開源軟體與 Open Street Map 規劃登山行程
 
Modern Linux Desktop Stack
Modern Linux Desktop StackModern Linux Desktop Stack
Modern Linux Desktop Stack
 
Get your FLOSS problems solved
Get your FLOSS problems solvedGet your FLOSS problems solved
Get your FLOSS problems solved
 
遺失的時代精神 - Zeitgeist and GNOME Activity Journal
遺失的時代精神 - Zeitgeist and GNOME Activity Journal遺失的時代精神 - Zeitgeist and GNOME Activity Journal
遺失的時代精神 - Zeitgeist and GNOME Activity Journal
 
Layer 8 - Open source communities and your product
Layer 8 - Open source communities and your productLayer 8 - Open source communities and your product
Layer 8 - Open source communities and your product
 
A Study of SVG-based Application Development @ OSDC 2010
A Study of SVG-based Application Development @ OSDC 2010A Study of SVG-based Application Development @ OSDC 2010
A Study of SVG-based Application Development @ OSDC 2010
 
OpenWrt Case Study 2008
OpenWrt Case Study 2008OpenWrt Case Study 2008
OpenWrt Case Study 2008
 
OpenWrt101 2007
OpenWrt101 2007OpenWrt101 2007
OpenWrt101 2007
 
OpenLab.Taipei #2 PORTA2030 Extra
OpenLab.Taipei #2 PORTA2030 ExtraOpenLab.Taipei #2 PORTA2030 Extra
OpenLab.Taipei #2 PORTA2030 Extra
 
OpenLab.Taipei #2 PORTA2030
OpenLab.Taipei #2 PORTA2030OpenLab.Taipei #2 PORTA2030
OpenLab.Taipei #2 PORTA2030
 
OpenWRT, A value-add base solution for your product. (1st part, chihchun)
OpenWRT, A value-add base solution for your product. (1st part, chihchun)OpenWRT, A value-add base solution for your product. (1st part, chihchun)
OpenWRT, A value-add base solution for your product. (1st part, chihchun)
 

Recently uploaded

Unveiling the Future: Sylius 2.0 New Features
Unveiling the Future: Sylius 2.0 New FeaturesUnveiling the Future: Sylius 2.0 New Features
Unveiling the Future: Sylius 2.0 New FeaturesŁukasz Chruściel
 
Post Quantum Cryptography – The Impact on Identity
Post Quantum Cryptography – The Impact on IdentityPost Quantum Cryptography – The Impact on Identity
Post Quantum Cryptography – The Impact on Identityteam-WIBU
 
Alfresco TTL#157 - Troubleshooting Made Easy: Deciphering Alfresco mTLS Confi...
Alfresco TTL#157 - Troubleshooting Made Easy: Deciphering Alfresco mTLS Confi...Alfresco TTL#157 - Troubleshooting Made Easy: Deciphering Alfresco mTLS Confi...
Alfresco TTL#157 - Troubleshooting Made Easy: Deciphering Alfresco mTLS Confi...Angel Borroy López
 
VK Business Profile - provides IT solutions and Web Development
VK Business Profile - provides IT solutions and Web DevelopmentVK Business Profile - provides IT solutions and Web Development
VK Business Profile - provides IT solutions and Web Developmentvyaparkranti
 
Simplifying Microservices & Apps - The art of effortless development - Meetup...
Simplifying Microservices & Apps - The art of effortless development - Meetup...Simplifying Microservices & Apps - The art of effortless development - Meetup...
Simplifying Microservices & Apps - The art of effortless development - Meetup...Rob Geurden
 
A healthy diet for your Java application Devoxx France.pdf
A healthy diet for your Java application Devoxx France.pdfA healthy diet for your Java application Devoxx France.pdf
A healthy diet for your Java application Devoxx France.pdfMarharyta Nedzelska
 
Salesforce Implementation Services PPT By ABSYZ
Salesforce Implementation Services PPT By ABSYZSalesforce Implementation Services PPT By ABSYZ
Salesforce Implementation Services PPT By ABSYZABSYZ Inc
 
Introduction Computer Science - Software Design.pdf
Introduction Computer Science - Software Design.pdfIntroduction Computer Science - Software Design.pdf
Introduction Computer Science - Software Design.pdfFerryKemperman
 
Unveiling Design Patterns: A Visual Guide with UML Diagrams
Unveiling Design Patterns: A Visual Guide with UML DiagramsUnveiling Design Patterns: A Visual Guide with UML Diagrams
Unveiling Design Patterns: A Visual Guide with UML DiagramsAhmed Mohamed
 
Ahmed Motair CV April 2024 (Senior SW Developer)
Ahmed Motair CV April 2024 (Senior SW Developer)Ahmed Motair CV April 2024 (Senior SW Developer)
Ahmed Motair CV April 2024 (Senior SW Developer)Ahmed Mater
 
Machine Learning Software Engineering Patterns and Their Engineering
Machine Learning Software Engineering Patterns and Their EngineeringMachine Learning Software Engineering Patterns and Their Engineering
Machine Learning Software Engineering Patterns and Their EngineeringHironori Washizaki
 
Balasore Best It Company|| Top 10 IT Company || Balasore Software company Odisha
Balasore Best It Company|| Top 10 IT Company || Balasore Software company OdishaBalasore Best It Company|| Top 10 IT Company || Balasore Software company Odisha
Balasore Best It Company|| Top 10 IT Company || Balasore Software company Odishasmiwainfosol
 
SensoDat: Simulation-based Sensor Dataset of Self-driving Cars
SensoDat: Simulation-based Sensor Dataset of Self-driving CarsSensoDat: Simulation-based Sensor Dataset of Self-driving Cars
SensoDat: Simulation-based Sensor Dataset of Self-driving CarsChristian Birchler
 
Cloud Data Center Network Construction - IEEE
Cloud Data Center Network Construction - IEEECloud Data Center Network Construction - IEEE
Cloud Data Center Network Construction - IEEEVICTOR MAESTRE RAMIREZ
 
Intelligent Home Wi-Fi Solutions | ThinkPalm
Intelligent Home Wi-Fi Solutions | ThinkPalmIntelligent Home Wi-Fi Solutions | ThinkPalm
Intelligent Home Wi-Fi Solutions | ThinkPalmSujith Sukumaran
 
Innovate and Collaborate- Harnessing the Power of Open Source Software.pdf
Innovate and Collaborate- Harnessing the Power of Open Source Software.pdfInnovate and Collaborate- Harnessing the Power of Open Source Software.pdf
Innovate and Collaborate- Harnessing the Power of Open Source Software.pdfYashikaSharma391629
 
Taming Distributed Systems: Key Insights from Wix's Large-Scale Experience - ...
Taming Distributed Systems: Key Insights from Wix's Large-Scale Experience - ...Taming Distributed Systems: Key Insights from Wix's Large-Scale Experience - ...
Taming Distributed Systems: Key Insights from Wix's Large-Scale Experience - ...Natan Silnitsky
 
MYjobs Presentation Django-based project
MYjobs Presentation Django-based projectMYjobs Presentation Django-based project
MYjobs Presentation Django-based projectAnoyGreter
 
How To Manage Restaurant Staff -BTRESTRO
How To Manage Restaurant Staff -BTRESTROHow To Manage Restaurant Staff -BTRESTRO
How To Manage Restaurant Staff -BTRESTROmotivationalword821
 

Recently uploaded (20)

Unveiling the Future: Sylius 2.0 New Features
Unveiling the Future: Sylius 2.0 New FeaturesUnveiling the Future: Sylius 2.0 New Features
Unveiling the Future: Sylius 2.0 New Features
 
Post Quantum Cryptography – The Impact on Identity
Post Quantum Cryptography – The Impact on IdentityPost Quantum Cryptography – The Impact on Identity
Post Quantum Cryptography – The Impact on Identity
 
Alfresco TTL#157 - Troubleshooting Made Easy: Deciphering Alfresco mTLS Confi...
Alfresco TTL#157 - Troubleshooting Made Easy: Deciphering Alfresco mTLS Confi...Alfresco TTL#157 - Troubleshooting Made Easy: Deciphering Alfresco mTLS Confi...
Alfresco TTL#157 - Troubleshooting Made Easy: Deciphering Alfresco mTLS Confi...
 
VK Business Profile - provides IT solutions and Web Development
VK Business Profile - provides IT solutions and Web DevelopmentVK Business Profile - provides IT solutions and Web Development
VK Business Profile - provides IT solutions and Web Development
 
Simplifying Microservices & Apps - The art of effortless development - Meetup...
Simplifying Microservices & Apps - The art of effortless development - Meetup...Simplifying Microservices & Apps - The art of effortless development - Meetup...
Simplifying Microservices & Apps - The art of effortless development - Meetup...
 
A healthy diet for your Java application Devoxx France.pdf
A healthy diet for your Java application Devoxx France.pdfA healthy diet for your Java application Devoxx France.pdf
A healthy diet for your Java application Devoxx France.pdf
 
Hot Sexy call girls in Patel Nagar🔝 9953056974 🔝 escort Service
Hot Sexy call girls in Patel Nagar🔝 9953056974 🔝 escort ServiceHot Sexy call girls in Patel Nagar🔝 9953056974 🔝 escort Service
Hot Sexy call girls in Patel Nagar🔝 9953056974 🔝 escort Service
 
Salesforce Implementation Services PPT By ABSYZ
Salesforce Implementation Services PPT By ABSYZSalesforce Implementation Services PPT By ABSYZ
Salesforce Implementation Services PPT By ABSYZ
 
Introduction Computer Science - Software Design.pdf
Introduction Computer Science - Software Design.pdfIntroduction Computer Science - Software Design.pdf
Introduction Computer Science - Software Design.pdf
 
Unveiling Design Patterns: A Visual Guide with UML Diagrams
Unveiling Design Patterns: A Visual Guide with UML DiagramsUnveiling Design Patterns: A Visual Guide with UML Diagrams
Unveiling Design Patterns: A Visual Guide with UML Diagrams
 
Ahmed Motair CV April 2024 (Senior SW Developer)
Ahmed Motair CV April 2024 (Senior SW Developer)Ahmed Motair CV April 2024 (Senior SW Developer)
Ahmed Motair CV April 2024 (Senior SW Developer)
 
Machine Learning Software Engineering Patterns and Their Engineering
Machine Learning Software Engineering Patterns and Their EngineeringMachine Learning Software Engineering Patterns and Their Engineering
Machine Learning Software Engineering Patterns and Their Engineering
 
Balasore Best It Company|| Top 10 IT Company || Balasore Software company Odisha
Balasore Best It Company|| Top 10 IT Company || Balasore Software company OdishaBalasore Best It Company|| Top 10 IT Company || Balasore Software company Odisha
Balasore Best It Company|| Top 10 IT Company || Balasore Software company Odisha
 
SensoDat: Simulation-based Sensor Dataset of Self-driving Cars
SensoDat: Simulation-based Sensor Dataset of Self-driving CarsSensoDat: Simulation-based Sensor Dataset of Self-driving Cars
SensoDat: Simulation-based Sensor Dataset of Self-driving Cars
 
Cloud Data Center Network Construction - IEEE
Cloud Data Center Network Construction - IEEECloud Data Center Network Construction - IEEE
Cloud Data Center Network Construction - IEEE
 
Intelligent Home Wi-Fi Solutions | ThinkPalm
Intelligent Home Wi-Fi Solutions | ThinkPalmIntelligent Home Wi-Fi Solutions | ThinkPalm
Intelligent Home Wi-Fi Solutions | ThinkPalm
 
Innovate and Collaborate- Harnessing the Power of Open Source Software.pdf
Innovate and Collaborate- Harnessing the Power of Open Source Software.pdfInnovate and Collaborate- Harnessing the Power of Open Source Software.pdf
Innovate and Collaborate- Harnessing the Power of Open Source Software.pdf
 
Taming Distributed Systems: Key Insights from Wix's Large-Scale Experience - ...
Taming Distributed Systems: Key Insights from Wix's Large-Scale Experience - ...Taming Distributed Systems: Key Insights from Wix's Large-Scale Experience - ...
Taming Distributed Systems: Key Insights from Wix's Large-Scale Experience - ...
 
MYjobs Presentation Django-based project
MYjobs Presentation Django-based projectMYjobs Presentation Django-based project
MYjobs Presentation Django-based project
 
How To Manage Restaurant Staff -BTRESTRO
How To Manage Restaurant Staff -BTRESTROHow To Manage Restaurant Staff -BTRESTRO
How To Manage Restaurant Staff -BTRESTRO
 

Ubuntu Snap 技术介绍

  • 1. Ubuntu Snap 技术介绍 Rex Tsai Technical Architect rex.tsai@canoincal.com 29 August 2017
  • 3. Canonical We are the company behind Ubuntu
  • 4. Ubuntu is the #1 Choice for Innovators 3 million + developers
  • 6. Ubuntu is powering smart IoT Smart drone controllers Advanced robotics Home gateways Industrial gateways Digital Signage
  • 7. Source: Eclipse Foundation + StackOverflow survey Mint Fedor a Debi an Oth er Ubunt u Ubuntu is the #1 Choice for Innovators & developers 2% 2% 3% 6% 17%
  • 11. 特色软件 - 微信客户端 Electronic WeChat is a unofficial WeChat client. A better WeChat on Linux. Built with Electron. By DawnDIY https://uappexplorer.com/snap/ubuntu/electronic-wechat
  • 12. 特色软件 - 豆瓣FM An unofficial client of Douban FM. You can select the channels you like to play songs and share it to Sina Weibo. By DawnDIY https://uappexplorer.com/snap/ubuntu/douban-fm
  • 14. snap code & assets (squashfs, RO bind-mounted in /snap/<snap_name>/<version>) $SNAP ServiceService CLI GUI ● A squashFS filesystem containing your app runtime and a snap.yaml file with specific metadata. It has a read-only file-system and, once installed, a writable area ● Self-contained. It bundles most of the libraries and runtimes it needs and can be updated and reverted without affecting the rest of the system ● Confined from the OS and other apps through security mechanisms, but can exchange content and functions with other snaps according to fine-grained policies controlled by the user and the OS defaults What is a Snap?
  • 15. snap code & assets (squashfs, RO bind-mounted in /snap/<snap_name>/<version>) $SNAP ServiceService CLI GUI ● As squashFS filesystem based architecture, the snap is capable of providing: ■ Transactional updates ■ Integrity of the content ■ Compression (⅓ of unpacked size) ■ Read Only Snap Package Architecture
  • 16. ● A snap package ships: ■ One or more services ■ CLI apps ■ GUI apps ■ They are not limited to one process. snap code & assets (squashfs, RO bind-mounted in /snap/<snap_name>/<version>) $SNAP ServiceService CLI GUI Snap Package Architecture
  • 17. ● It has its own writable space (services and users) & (versioned and unversioned) Versioned root writable area $SNAP_DATA Versioned User writable area $SNAP_USER_DATA Common root writable area $SNAP_COMMON Common User writable area $SNAP_USER_COMMON snap code & assets (squashfs, RO bind-mounted in /snap/<snap_name>/<version>) $SNAP ServiceService CLI GUI Snap Package Architecture
  • 18. ● Process Isolation (/tmp per process and app process) Common root writable area $SNAP_COMMON Common User writable area $SNAP_USER_COMMON snap code & assets (squashfs, RO bind-mounted in /snap/<snap_name>/<version>) $SNAP ServiceService CLI GUI /tmp /tmp Versioned root writable area $SNAP_DATA Versioned User writable area $SNAP_USER_DATA Snap Package Architecture
  • 19. ● MAC to other resources (Paths (/home), Devices /dev, etc) mediated with interfaces Common root writable area $SNAP_COMMON Common User writable area $SNAP_USER_COMMON snap code & assets (squashfs, RO bind-mounted in /snap/<snap_name>/<version>) $SNAP ServiceService CLI GUI /tmp /tmp Versioned root writable area $SNAP_DATA Versioned User writable area $SNAP_USER_DATA Snap Package Architecture
  • 20. Common root writable area $SNAP_COMMON Common User writable area $SNAP_USER_COMMON Versioned root writable area $SNAP_DATA Versioned User writable area $SNAP_USER_DATA Snap Package Architecture: Snappy FHS ● SNAP​: installation directory (read-only) ● SNAP_DATA​: per-revision application data directory (writable​) ● SNAP_COMMON​: application data directory common to all revisions (writable​) ● SNAP_USER_DATA​: per-revision, per-user application data directory (writable​) ● SNAP_USER_COMMON​: per-user application data directory common to all revisions (writable​) ● SNAP_ARCH​: architecture of the system (eg, amd64, arm64, armhf, i386, etc) ● SNAP_LIBRARY_PATH​: library paths added to LD_LIBRARY_PATH ● SNAP_NAME​: package name ● SNAP_REVISION​: store revision for this snap ● SNAP_VERSION​: package version ● TMPDIR​: temporary directory (writable​) ● XDG_RUNTIME_DIR​: set to /run/user//snap.$SNAP_NAME (writable​) $SNAP
  • 21. The snapd system ● snapd, a management environment that handles installing and updating snaps using the transactional system, as well as garbage collection of old versions of snaps ● snapd-confine, an execution environment for the applications and services delivered in snap packages ● Interface, snaps interact with each other using interface
  • 25. A minimal, secure, transactional Ubuntu designed for IoT
  • 26. What is Ubuntu Core? A minimal version with the same bits as today’s Ubuntu Ubuntu Core with transactional updates Applications confined by technologies lead by Canonical Safe, reliable, worry free updates with tests and rollback Amazing developer experience with snapcraft Easily extensible Easily create app stores for all your devices
  • 27. All Snap Architecture In a snappy system, all software beyond the bootloader is distributed as a snap in this same format. ● The OS snap contains the core operating system. ● The kernel snap contains the kernel and hardware-specific drivers. ● The gadget snap is device specific and is used to configure a particular model of device. Ubuntu Core Kernel 4.4 Confined applications packages as a snap with dependencies Minimal OS packaged as snap Clearly defined Kernel and device packaged as snap
  • 28. OS IMAGE SIZE Ubuntu Core 350 MB 829 MB Ubuntu Server Minimal footprint
  • 29. Legacy Ubuntu Core Kernel Kernel Confined applications packages as a snap with dependencies Minimal OS packaged as snap Clearly defined Kernel and device packaged as snap OS packageApplication B Shared library Device driverApplicatio n A Legend: Modular and simple architecture
  • 30. Transactional updates: Apps, OS and kernel Original data Writable area Original snap Upgrade Modified data during upgrade Writable area Updated snap Original data Writable area Original data is kept on device Original snap Original data Writable area Original snap Rollback on failure
  • 31. Automatically confines applications kernel os appapp writable areawritable area Snaps are confined and isolated app writable area app writable area
  • 32. Security and apps confinement
  • 33. Apps confinement: Trust model The trust model of snappy Ubuntu Core is different from traditional Ubuntu Software is either: ● Part of the base system OS ● Pre-installed via OEM/gadget snaps (apps and frameworks installed during provisioning) ● Snaps installed from a store
  • 34. Apps confinement: Trust model By default the application snaps are untrusted by the OS and: ● cannot access other applications' data ● cannot access non-app-specific user data ● cannot access privileged portions of the OS VSTrusted by the OS Untrusted by the OS
  • 35. Several technologies are used by snappy Ubuntu Core to: ● Implement the security sandboxing ● Implement the application isolation These technologies are mainly: ● AppArmor: A Mandatory Access Control system to confine programs and processes to a limited set of resources. (Application Isolation) ● Seccomp: A secure computing mode that provides an application sandboxing mechanism (wiki) ● Device cgroups: are a kernel mechanism for grouping, tracking, and limiting the resource usage of tasks Apps confinement: Technologies example https://wiki.ubuntu.com/SecurityTeam/Specifications/SnappyConfinement
  • 36. Snap locations after installation data from app with root can be written to var/lib/apps/<app-name>/<version>/ However, if an app does not have root privs, the best place for dumping data is
  • 38. Developers from multiple Linux distributions and companies collaborate on the “snap” universal Linux package format, enabling a single binary package to work perfectly and securely on any Linux desktop, server, cloud or device. snapcraft.io
  • 39. Snapcraft lets developers assemble their snap from existing projects, leveraging different technologies. ... Project A (Part A) Project B (Part B) Project C (Part C) snapcraft.io
  • 40. For developers: ● snap your app once and it will run on any snappy device ● can leverage existing part library ('stand on the shoulder of giants') ● complete control of their entire software stack Snapcraft benefits
  • 41. Snapcraft 组合机制 Snapcraft lets developers assemble their snap from existing projects.
  • 42. ● A central aspect of a snapcraft recipe is a "part". A part is a piece of software or data that the snap package requires to work or to build other parts. ● Each part is managed by a snapcraft plugin that encapsulates the logic of the underlying technology parts: cam: plugin: go source: git://github.com/mikix/golang-static-http stage-packages: - fswebcam glue: plugin: copy files: webcam-webui: bin/webcam-webui snapcraft.io
  • 43. Snapcraft plugins $ snapcraft list-plugins ant cmake gradle kbuild maven plainbox-provider qmake autotools copy gulp kernel nil python2 scons catkin go jdk make nodejs python3 tar-content Write your own plugins: - https://developer.ubuntu.com/en/snappy/build-apps/plugins/ Custom plugin examples: - https://github.com/ubuntu/snappy-playpen
  • 44. Live tour of snapcraft build commands (clean, stage, prime…) Snapcraft upload/update/release commands Snap usage
  • 46. 创见你的第一个 snap... ● 手把手教学 ○ https://tutorials.ubuntu.com/tutorial/create-your-first-snap ○ https://tutorials.ubuntu.com/tutorial/snap-a-python-application ● 动手做一个服务器 ○ https://tutorials.ubuntu.com/tutorial/build-a-nodejs-service ● 看看别人的代码… ○ https://github.com/search?utf8=%E2%9C%93&q=filename %3Asnapcraft.yaml&type=Code
  • 48. build.snapcraft.io Create an update Auto build and publish Auto update and rollback
  • 50. How to build your app for all architectures? ● Develop your application for one architecture and test it successfully, let’s say amd64 ● Create a project on launchpad and make use of the services there ○ https://kyrofa.com/posts/building-your-snap-on-device-there-s-a-better-way ○ Click on the “Create snap package” button
  • 55. 其他英文资源 ● Ask a question on Ask Ubuntu ○ If you’re stuck on a problem, someone else has probably encountered it too and they can help you. Take a look at the "ubuntu-core" tag on Ask Ubuntu or ask a question. ● Join our real time chat (#snappy on freenode.net) ○ Share your projects and ask other developers for support. This high-bandwidth IRC channel is a good place when you are looking for a quick answer to a single question. ● For app developers ○ Reach out to other snap developers by using the"snapcraft" tag on Ask Ubuntu, join the snapcraft mailing list and make sure to join the Ubuntu App Developers Google+ community. ● Snapcraft.io forums ○ This is the place where snap users, contributors and developers get together. We are a multi-distribution team of enthusiasts and professionals that want to improve the way software is distributed and used in Linux systems. https://forum.snapcraft.io/