We're sorry but this page doesn't work properly without JavaScript enabled. Please enable it to continue.
Feedback

Ubuntu Core: a technical overview

Formal Metadata

Title
Ubuntu Core: a technical overview
Title of Series
Number of Parts
542
Author
License
CC Attribution 2.0 Belgium:
You are free to use, adapt and copy, distribute and transmit the work or content in adapted or unchanged form for any legal purpose as long as the work is attributed to the author in the manner specified by the author or licensor.
Identifiers
Publisher
Release Date
Language

Content Metadata

Subject Area
Genre
Abstract
Ubuntu Core is a different kind of linux. It offers image-based updates and secure boot with disk encryption. This presentation is a technical explanation on how this is achieved. We will focus on what makes Ubuntu Core different from other distributions. Ubuntu Core is based on “snaps” which are readonly squashfs images with signed metadata. Everything on the system is a snap. This includes applications and the kernel. Snaps run in a lightweight container like environment with apparmor confinement and are isolated from each other and can only communicate via well defined security boundaries (“interfaces”). Then the main system is composed of a kernel snap, a bootloader snap, a base (rootfs) snap, and a snapd daemon snap. This granularity is useful to handle IoT hardware since much of the hardware needs custom kernels or bootloaders. Here a new initrd was developed and is presented in the talk. Some hurdles (like how to deal with /etc in a readonly image world) are also presented.