Edoardo Barbieri
on 27 September 2022
The traditional embedded Linux development model ties applications to the OS. Such a constraint means apps have to target a specific release, which lowers development velocity. Furthermore, broken upgrades in one part of the device may affect refreshes in the rest of the OS.
On the other hand, embedded developers are increasingly looking at open-source software to enable rapid app-centric software deployment and global collaboration.
Does Ubuntu offer a production-grade platform suited for the modern app-centric world of IoT devices? Let’s find out.
Software in the age of app stores
Software was scarce and expensive in the early 90s. Today, the nature of software keeps changing. It’s vastly more complex but also more common and it moves faster than ever. Whereas six months used to be a fast cadence for software releases, it’s grossly inadequate compared to today’s app-centric standards.
Developing robotics and intelligent devices entails apt-get or yum to get curated software from a distro. But this is only a minor part of what developers do today in IoT, as they often build the latest version from upstream or GitHub. As the pace and complexity of software have levelled up in the app store era, software moves too fast for distros and is happening at the speed of Git.
The advent of app stores further changed personal computing: we now consume software from many more parties and have strict expectations around trust. For instance, when downloading a game, we don’t want it to read our address book or access our microphone. Similarly, software development in the personal computing world is application-focused, as engineers need not worry about the underlying processors when developing a mobile app.
For too long, we didn’t have a Linux equivalent in the IoT world. Developing an industrial or embedded app the same way you create one for mobile required a leap of imagination.
As standard Ubuntu can curate only a portion of what those innovators need at the speed of a distribution, these questions informed our vision to accelerate app-centric software development by reducing the work required to package and publish software in the IoT world. The challenge we set out to solve is how to support this new wave of software via Ubuntu while preserving integration, trust and maintenance.
The snaps packaging system was born out of the vision of delivering software at the speed of GitHub, with the convenience of apt-get, while preserving a strong security posture. With snaps, developers can deliver software in a cloud-native way to IoT devices running Ubuntu.
Security in the app-centric age
In the traditional Linux, Windows, and Mac OS-type environments, we treat every piece of software the same. When we apt-get install something, any package can write to any file.
In line with the modern era of app stores, however, your machine should only trust a piece of software for the data you feed. With snaps, each piece of software sits in a box and can only see and write in places inside its confined environment, unless explicitly instructed otherwise.
Rather than limiting the benefits of containerisation at the app level, we brought snaps to the OS layer. Ubuntu Core is a snap-only flavour of Ubuntu, containerised and shipped using the new packaging format. The system segregates into software blobs using kernel primitives for isolation and confinement. Ubuntu Core containerises the Linux kernel and run-time environments, cleanly decoupling the base system and OS from the installed applications.
Apps running on top of Ubuntu Core go into boxes and become single files compressed with everything they depend on with the ability to write to strictly-assigned space. Container primitives lock down and isolate the different features, with applications running in a security sandbox by default, secured by kernel primitives like cgroups and AppArmor.
An app-centric operating system
As the intelligence of a device is ultimately a function of the software it runs, Ubuntu Core makes every device effectively app-enabled. The device’s primary function is an app, and developers can ship other apps next to that primary function. Ubuntu Core is an app-centric, instead of distribution or archive-centric, operating system.
According to that vision, Ubuntu Core decouples apps from the OS, acting as an underlying platform running on virtually every hardware on top of which developers may wish to ship apps. Snapping applications further decouples the hardware from the software, enabling software reusability and composability.
The app-centric nature of Ubuntu Core allows publishers to update applications independently of the OS. Software publishers can decide which updates are signed, certified and delivered to devices. Furthermore, every embedded device running Ubuntu Core has guaranteed platform security and an app store, underpinning the new wave of app-centric software development.
Deploy secure IoT devices at scale with your own app store
Enterprises can set up App Stores representing their specific brand or devices with complete control over their store content, review process and authorisation. Hosted on Canonical’s cloud infrastructure, the App Stores are private application stores tailored to software distribution across fleets of devices.
These custom enterprise stores enable developers to cherry-pick the optimal combination of applications for their devices, including software published in the global Snap Store and custom software developed internally for a specific use case. Device manufacturers can leverage over 6500+ snaps freely available in the global Snap Store to accelerate their time to market.
Further reading
Why is Linux the OS of choice for IoT devices? Find out with the official guide to Linux for embedded applications.
Working on a new IoT project, but unsure which OS to pick? Learn about the trade-offs between Yocto and Ubuntu Core.
Did you hear the news? Real-time Ubuntu 22.04 LTS Ubuntu is now available. Check out the latest webinar on real-time Linux to find out more.
Read our whitepaper on IoT lifecycle management for more insights.
Join the conversation on IoT Discourse to discuss everything related to IoT and tightly connected, embedded devices.