Slashdot Mirror

← Back to Stories (view on slashdot.org)

Ubuntu Gets Container-Friendly "Snappy" Core

Posted by Soulskill on from the snappy-songbird?-corey-cormorant? dept.

judgecorp writes: Canonical just announced Ubuntu Core, which uses containers instead of packages. It's the biggest Ubuntu shakeup for 20 years, says Canonical's Mark Shuttleworth, and is based on a tiny core, which will run Docker and other container technology better, quicker and with greater security than other Linux distros. Delivered as alpha code today, it's going to become a supported product, designed to compete with both CoreOS and Red Hat Atomic, the two leading container-friendly Linux approaches. Shuttleworth says it came about because Canonical found it had solved the "cloud" problems (delivering and updating apps and keeping security) by accident — in its work on a mobile version of Ubuntu.

5 of 149 comments (clear)

  1. Re:20 years? by vux984 · · Score: 4, Informative

    Well TFA says:

    "This is in a sense the biggest break with tradition in 10 years of Ubuntu..."

    Editor fail.

  2. This actually sounds pretty cool. by Fwipp · · Score: 4, Informative

    No dependency management or fooling around packages that require conflicting library versions, possibly near-instant "installation" (depending on if they're distributing Dockerfile-equivalents* or containers directly). Sounds good to me - I'll have to take a look sometime.

    *Yes, I know that Docker is not the only way to do containers, but it's easy to imagine they could be using a similar "build" step.

    1. Re:This actually sounds pretty cool. by Fwipp · · Score: 4, Informative

      Update: Playing with it, It looks like there isn't a build step. Following the steps here: http://www.ubuntu.com/cloud/to... - it seems that docker is installed under /apps/docker (~20 files total) - they're basically just distributing tarballs which contain all necessary dependencies.

      From there, it puts a quick wrapper script at ~/snappy-bin/docker, containing:

      #!/bin/sh
      ##TARGET=/apps/docker/1.3.2.007/bin/docker
      #TMPDIR=/run/apps/docker
      cd /apps/docker/1.3.2.007
      aa-exec -p docker_docker_1.3.2.007 -- /apps/docker/1.3.2.007/bin/docker $@

      To build your own "snappy package" looks as simple as "cd mydir; snappy build ."

    2. Re:This actually sounds pretty cool. by geantvert · · Score: 3, Informative

      The article indicates that containers can be upgraded by sending only the modified files so upgrading a lib should not cost too much.
      If their system is not too stupid then it will manage the container at the file level and will try to share identical files between packages.

      That should not be too difficult using checksums and hard links. If they don't do that then the kernel won't be able to share files between applications and the whole system will use a lot more memory. Linux application are sharing libs but also some data files such as TTF fonts.

    3. Re:This actually sounds pretty cool. by DuckDodgers · · Score: 3, Informative

      I wrote this elsewhere, but to repeat: the advantage of Docker and similar containers isn't static linking. The advantage is that you get most of the important benefits of whole operating system virtualization with much lower overhead in terms of disk space and resource use. Instead of building one 5GB CentOS or Ubuntu VM that runs a copy of your web server software and pushing that all over your network and having every running instance hold 100MB of RAM just for a virtual kernel in addition to the web server itself, you build a 500MB Apache/Nginx/Whatever Docker container with the same web server and push it everywhere, and its memory and CPU overhead on top of the web server is tiny. And since, yes, it uses statically linked libraries, it doesn't matter if the host OS has a different version of libevent as long as it has a compatible version of Docker or lmctfy or whatever container technology you use.

      Now obviously if you wanted to make the virtualized environment available to a remote user as a remote desktop, or for remote login directly into the virtual environment with ssh for configuration changes, you want a full virtualized operating system. In that case you need VirtualBox, KVM, Xen, VMware, Hyper-V, etc... but for deploying identical instances of a configured application to a handful or even hundreds of machines with the smallest feasible overhead and a nice security layer to prevent most breaches of the hosted application from leaking into the host operating system, a container is great. If you look up how Docker and lmctfy work, they are mostly an API wrapper around the Linux kernel cgroup and selinux features for configurable restriction of a process's ability to utilize CPU, RAM, and IO.