Empowering Linux Developers for the New Wave of Innovation

New businesses with software at their core are being created every day. Developers are the lifeblood of so much of what is being built and of technological innovation, and they are ever more vital to operations across the entire business. So why wouldn't we empower them?

Machine learning and IoT in particular offer huge opportunities for developers, especially those facing the crowded markets of other platforms, to engage with a sizeable untapped audience.

That Linux is open source makes it an amazing breeding ground for innovation. Developers aren’t constrained by closed ecosystems, meaning that Linux has long been the operating system of choice for developers. So by engaging with Linux, businesses can attract the best available developer skills. 

The Linux ecosystem has always strived for a high degree of quality. Historically it was the Linux community taking sole responsibility for packaging software, gating each application update with careful review to ensure it worked as advertised on each distribution of Linux. This proved difficult for all sides.

Broad access to the code was needed, and open-source software could be offered through the app store. User support requests and bugs were channelled through the Linux distributions, and there was such a volume of reporting, it became difficult to feed information back to the appropriate software authors.

As the number of applications and Linux distributions grew, it became increasingly clear this model would not scale much further. Software authors took matters into their own hands, often picking a single Linux distribution to support and skipping the app store entirely. Because of this, they lost app discoverability and gained the complexity of running duplicative infrastructure.

This placed increased responsibility on developers at a time when the expectations of their role was already expanding. They are no longer just makers, they now bear the risk of breaking robotic arms with their code or bringing down MRI machines with a patch.

As an industry we acknowledge this problem—you can potentially have a bad update and software isn’t an exact science—but we then ask these developers to roll the dice. Do you risk compromise or self-inflicted harm?

Meanwhile the surface area increases. The industry continues a steady march of automation, creating ever more software components to plug together and layer solutions on. Not only do developers face the update question for their own code, they also must trust all developers facing that same decision in all the code beneath their own.

Developers can trade the evolution and growth of their software for a sense of safety by treating their code as immutable. It ships and is never updated, only completely replaced. This is the approach taken by many device makers who calculate the risk of end users clogging up their support lines to be hand-held through device recovery as far greater than the late night phone call facing down a security breach.

The past year has demonstrated for many that while software updates have not become substantially easier for end users to manage, the frequency and impact of security vulnerabilities make the process unavoidably necessary. It is no longer tenable to consider any internet-connected software a finished product. Software maintenance must stretch to the life of the hardware product.

In a model without forced updates, this likely means maintaining patch sets and devoting substantial support costs to the long tail of supported releases.

How then can developers under these pressures deliver on the promises of their software with predictable costs? The answer may lie in snaps.

Snapcraft is a platform for publishing applications to an audience of millions of Linux users. It enables authors to push software updates that install automatically and roll back in the event of failure. The likelihood of an errant update bricking a device or degrading end user experience is greatly reduced. If a security vulnerability is discovered in the libraries used by an application, the app publisher is notified so the app can be rebuilt quickly with the supplied fix and pushed out.

Because the application packages, snaps, bundle their runtime dependencies, they work without modification on all major Linux distributions. They are tamper-proof and confined. A snap cannot modify or be modified by any other app, and any access to the system beyond its confinement is explicitly granted. This precision brings simpler documentation for installing and managing applications. Taken with automatic updates eliminating the long tail of releases, more predictable and lower support costs are typical. There is minimal variance between what the QA department tests and how the application behaves on the multitude of end user system configurations. 

Snapcraft provides powerful tools to organize your releases into different quality grades (channels). One set of tools can be used to push app updates from automatic CI builds, to QA, beta testers and finally to all users. It visualizes your updates as they flow through these channels and helps you track user base growth and retention.

At a time when AI and IoT are spurring a new wave of innovation, simple yet powerful tools give the most vital innovators in a business—developers—confidence to launch some of the world’s most utilized software.

Evan Dandrea is Engineering Manager at Canonical.

Load Disqus comments