Your submission was sent successfully! Close

Jump to main content
  1. Blog
  2. Article

Vergil Yotov
on 15 June 2022


Save your seat for an intro webinar

If you are packaging your IoT applications as snaps or containers, you are aware of the benefits of bundling an application with its dependencies. Publishing snaps across different operating system versions and even distributions is much easier than maintaining package dependencies. Automated IoT software updates make managing fleets of devices more efficient. While you can avoid the dependency hell between software packages, how could you ensure that the diverse applications on an IoT device work well together?

Ubuntu Core 22 introduces the feature of validation sets that makes IoT device management easier. A validation set is a secure policy (assertion) that is signed by your brand and distributed by your dedicated Snap Store. With validation sets you can specify which snaps are required, permitted or forbidden to be installed together on a device. Optionally, specific snap revisions can be set too.

Applying a validation set

An IoT gateway device, for example, will often run various applications that come from different teams or vendors. This software can be released and updated at different intervals.  Moreover, how applications interface with each other can change in ways that are unpredictable. Even loosely coupled applications need to be tested to observe how well they perform together.

With validation sets, you can describe verified combinations of software. It is your decision if you want such a policy to be optional and monitored when needed or enforced by snapd. When enforcing a validation set, snapd will ensure that:

  • Snaps required by a validation set are both present and, if specified, at the correct revision. Attempting to remove a required snap will result in an error and the process will be rejected.
  • Snaps are only refreshed to newer revisions if they continue to satisfy the applied validation sets.
  • Invalid snaps are not allowed to be installed. Attempting to install them will result in an error.

By enforcing validation sets you can ensure that your devices maintain testing and certification integrity over time and across software changes.

Fine control for your IoT software updates

With effective use of validation sets, you can orchestrate how IoT software updates are performed to your fleet of devices. Even if applications are released and updated at different times, changes to installed software will be kept consistent according to the validation set policy. Application updates in Ubuntu Core are automatic and distributed through the Snap Store. By default, the snapd daemon checks for updates multiple times per day. Each update check is called a refresh. Validation sets provide an elegant alternative to refresh control or using the Snapd REST API to control the conditions under which software updates are performed on a device. Just like updating snaps, rolling out policy updates to your devices can happen automatically through your dedicated Snap Store. This makes managing large scale deployments easier and verifiable.

Learn more

Be sure to read the validation sets and validation-set assertion documentation for more information on how to use this feature with your dedicated Snap Store. This new feature is still under active development. Questions and feedback are always appreciated in the Snapcraft.io forum. If you want to learn more about using snaps, the Snapcraft docs are also a good place to start.

Stay tuned

Watch the Ubuntu Core 22 webinar on June 28th, 2022 at 4:00PM CET.

Curious how your existing project or exciting new idea can benefit from the new features of Ubuntu Core 22, get in touch with us.


Related posts


Holly Hall
9 June 2023

Release management for snaps made simpler

Ubuntu Article

Release management is the process of planning, scheduling, testing and deploying new versions of software. To make this process simpler for snap developers, we have released a new feature called progressive releases. Continue reading to understand what they are, why they are important and how you can use them in the Snap Store. What are ...


Canonical
6 July 2023

불변의 리눅스 데스크톱 기반으로서의 우분투 코어(Ubuntu Core)

Desktop Article

캐노니컬(Canonical)은 IoT를 위한 완전한 컨테이너 플랫폼을 만들기 위해 2014년에 우분투 코어 개발을 시작했습니다. 우분투 코어에서는 도커(Docker) 및 LXC가 구축된 것과 동일한 커널 컨테이너 기술을 사용하여 잘 정의된 업그레이드 및 롤백을 통해 시스템의 모든 구성 요소를 안전한 샌드박스에 넣습니다. 저희는 자율적으로 연결된 사물 인터넷 장치가 사람의 개입 없이 적용할 수 있는 업데이트를 수신하여 에지에서 보안 및 ...


Holly Hall
30 June 2023

Snapcraft.io reloaded: check out the new look and feel

Ubuntu Article

We’re happy to announce that snapcraft.io has a fresh, new look! Time for an update After keeping the same user interface and style for several years, we embarked on a project to redesign snapcraft.io and give it a more modern look. We spent a lot of time analysing how we could improve the store and ...