Ubuntu Core
Created: 2023/10/22
概要
Ubuntu Coreは次の特徴を備えた組み込み機器想定のOSです。
- イミュータブルなOS
- アプリケーションなどのサンドボックス
- snapを中心にしたアプリケーション管理
- 自律での自動ソフトウェアアップデート
好きなところ
- イミュータブルなところ
- snapをこねくり回せばWebからのアップデート等も実現できるかも(snapdにはREST APIがある)
嫌いなところ
- Ubuntu SSOアカウントが必要、管理には便利かもしれないが会社とかで使うとき面倒
- 有償サポートありきなのかもしれない
- ブランドアカウント等もあるのでうまくやれば良さそう
- アップデートは基本的にインターネットから引っ張ってくるのでオフラインでやるのが少し煩雑になりそう
イメージでのA/Bアップデートとかは想定されてなさそう・・・
インストール
Raspberry piへのインストールは公式にあるチュートリアルから行います。
気をつける点は次のとおりです。
- Ubuntu SSOアカウントが必要
- OSセットアップ時にアカウントを入力します
- Ubuntu SSOに登録するSSH公開鍵でRaspberry piに接続します
メモ
Snap一覧
$ snap list
Name Version Rev Tracking Publisher Notes
core22 20230801 867 latest/stable canonical** base
pi 22-2 132 22/stable canonical** gadget
pi-kernel 5.15.0-1041.44 696 22/stable canonical** kernel
snapd 2.58 17954 latest/stable canonical** snapd
model
デバイスの管理もUbuntu SSOに紐付けられるのかも?
$ snap model
brand Canonical**
model ubuntu-core-22-pi-arm64
grade signed
serial 3cd93c4d-943f-4ec4-a3b3-9b4692140386
apt
存在しない。
$ apt
-bash: apt: command not found
dockerのインストール
とりあえずインストールしてみる。一旦snap refreshが必要だった。
$ snap install docker
error: cannot install "docker": snap "docker" assumes unsupported features: snapd2.59.1 (try to refresh snapd)
$ snap refresh
2023-10-21T04:15:41Z INFO Waiting for automatic snapd restart...
snapd 2.60.4 from Canonical** refreshed
$ snap install docker
docker 20.10.24 from Canonical** installed
$ snap list
Name Version Rev Tracking Publisher Notes
core22 20230801 867 latest/stable canonical** base
docker 20.10.24 2907 latest/stable canonical** -
pi 22-2 132 22/stable canonical** gadget
pi-kernel 5.15.0-1041.44 696 22/stable canonical** kernel
snapd 2.60.4 20298 latest/stable canonical** snapd
$ sudo docker run hello-world
Unable to find image 'hello-world:latest' locally
latest: Pulling from library/hello-world
70f5ac315c5a: Pull complete
Digest: sha256:88ec0acaa3ec199d3b7eaf73588f4518c25f9d34f58ce9a0df68429c5af48e8d
Status: Downloaded newer image for hello-world:latest
Hello from Docker!
This message shows that your installation appears to be working correctly.
To generate this message, Docker took the following steps:
1. The Docker client contacted the Docker daemon.
2. The Docker daemon pulled the "hello-world" image from the Docker Hub.
(arm64v8)
3. The Docker daemon created a new container from that image which runs the
executable that produces the output you are currently reading.
4. The Docker daemon streamed that output to the Docker client, which sent it
to your terminal.
To try something more ambitious, you can run an Ubuntu container with:
$ docker run -it ubuntu bash
Share images, automate workflows, and more with a free Docker ID:
https://hub.docker.com/
For more examples and ideas, visit:
https://docs.docker.com/get-started/
snapのインストールにスーパーユーザー権限は必要無かったが、dockerの実行はsudoが必要だった。
$ sudo docker version
Client:
Version: 20.10.24
API version: 1.41
Go version: go1.20.7
Git commit: 297e128
Built: Wed Aug 23 21:07:16 2023
OS/Arch: linux/arm64
Context: default
Experimental: true
Server:
Engine:
Version: 20.10.24
API version: 1.41 (minimum version 1.12)
Go version: go1.20.7
Git commit: 5d6db84
Built: Wed Aug 23 21:09:40 2023
OS/Arch: linux/arm64
Experimental: false
containerd:
Version: v1.6.20
GitCommit: 2806fc1057397dbaeefbea0e4e17bddfbd388f38
runc:
Version: 1.1.5
GitCommit:
docker-init:
Version: 0.19.0
GitCommit: de40ad0
connection
i2cとかもある、snapで拡張できそう。
$ snap connections --all
Interface Plug Slot Notes
content - docker:docker-executables -
content - docker:docker-registry-certificates -
content docker:graphics-core22 - -
docker docker:docker-cli docker:docker-daemon -
docker-support docker:privileged :docker-support -
docker-support docker:support :docker-support -
firewall-control docker:firewall-control :firewall-control -
gpio - pi:bcm-gpio-0 -
gpio - pi:bcm-gpio-1 -
gpio - pi:bcm-gpio-10 -
gpio - pi:bcm-gpio-11 -
gpio - pi:bcm-gpio-12 -
gpio - pi:bcm-gpio-13 -
gpio - pi:bcm-gpio-14 -
gpio - pi:bcm-gpio-15 -
gpio - pi:bcm-gpio-16 -
gpio - pi:bcm-gpio-17 -
gpio - pi:bcm-gpio-18 -
gpio - pi:bcm-gpio-19 -
gpio - pi:bcm-gpio-2 -
gpio - pi:bcm-gpio-20 -
gpio - pi:bcm-gpio-21 -
gpio - pi:bcm-gpio-22 -
gpio - pi:bcm-gpio-23 -
gpio - pi:bcm-gpio-24 -
gpio - pi:bcm-gpio-25 -
gpio - pi:bcm-gpio-26 -
gpio - pi:bcm-gpio-27 -
gpio - pi:bcm-gpio-3 -
gpio - pi:bcm-gpio-4 -
gpio - pi:bcm-gpio-5 -
gpio - pi:bcm-gpio-6 -
gpio - pi:bcm-gpio-7 -
gpio - pi:bcm-gpio-8 -
gpio - pi:bcm-gpio-9 -
home docker:home :home -
i2c - pi:i2c-0 -
i2c - pi:i2c-1 -
i2c - pi:i2c-2 -
i2c - pi:i2c-3 -
i2c - pi:i2c-4 -
i2c - pi:i2c-5 -
i2c - pi:i2c-6 -
log-observe docker:log-observe - -
network docker:network :network -
network-bind docker:network-bind :network-bind -
network-control docker:network-control :network-control -
opengl docker:opengl :opengl -
pwm - pi:pwm0 -
pwm - pi:pwm1 -
removable-media docker:removable-media - -
serial-port - pi:bt-serial -
serial-port - pi:serial0 -
serial-port - pi:serial1 -
serial-port - pi:serial2 -
serial-port - pi:serial3 -
serial-port - pi:serial4 -
serial-port - pi:serial5 -
serial-port - pi:serial6 -
serial-port - pi:serial7 -
serial-port - pi:serial8 -
serial-port - pi:serial9 -
spi - pi:spidev0 -
spi - pi:spidev1 -
spi - pi:spidev1-0 -
spi - pi:spidev1-1 -
spi - pi:spidev2-0 -
spi - pi:spidev2-1 -
spi - pi:spidev3-0 -
spi - pi:spidev3-1 -
spi - pi:spidev4-0 -
spi - pi:spidev4-1 -
spi - pi:spidev5-0 -
spi - pi:spidev5-1 -
spi - pi:spidev6-0 -
spi - pi:spidev6-1 -
ディレクトリ構造
$ df -h
Filesystem Size Used Avail Use% Mounted on
tmpfs 453M 0 453M 0% /dev/shm
tmpfs 182M 6.4M 175M 4% /run
tmpfs 5.0M 0 5.0M 0% /run/lock
/dev/mmcblk0p2 739M 2.5K 739M 1% /run/mnt/ubuntu-boot
/dev/mmcblk0p1 1.2G 340M 842M 29% /var/lib/snapd/seed
/dev/mmcblk0p4 57G 537M 53G 1% /writable
/dev/mmcblk0p3 26M 49K 23M 1% /var/lib/snapd/save
tmpfs 453M 0 453M 0% /media
tmpfs 453M 0 453M 0% /mnt
tmpfs 453M 0 453M 0% /tmp
tmpfs 453M 0 453M 0% /var/lib/sudo
tmpfs 91M 0 91M 0% /run/user/1000
サービス
$ snap services docker
Service Startup Current Notes
docker.dockerd enabled active -
docker.nvidia-container-toolkit enabled inactive -
$ snap info docker
name: docker
summary: Docker container runtime
publisher: Canonical**
store-url: https://snapcraft.io/docker
contact: https://github.com/docker-snap/docker-snap/issues?q=
license: (Apache-2.0 AND MIT AND GPL-2.0)
description: |
Build and run container images with Docker.
**Usage**
* This build can only access files in the home directory. So Dockerfiles and all other files used
in commands like `docker build`, `docker save` and `docker load` need to be in $HOME.
* You can change the configuration of this build by modifying the files in
`/var/snap/docker/current/`.
* Additional certificates used by the Docker daemon to authenticate with registries need to be
added in `/var/snap/docker/current/etc/docker/certs.d` (instead of `/etc/docker/certs.d`). This
directory can be accessed by other snaps using the `docker-registry-certificates` content
interface.
**Running Docker as normal user**
By default, Docker is only accessible with root privileges (`sudo`). If you want to use docker as
a regular user, you need to add your user to the `docker` group.
sudo addgroup --system docker
sudo adduser $USER docker
newgrp docker
sudo snap disable docker
sudo snap enable docker
**Warning:** if you add your user to the `docker` group, it will have similar power as the `root`
user. For details on how this impacts security in your system, see
https://docs.docker.com/engine/security/#docker-daemon-attack-surface
**Authors**
This snap is built by Canonical based on source code published by Docker, Inc. It is not endorsed
or published by Docker, Inc.
Docker and the Docker logo are trademarks or registered trademarks of Docker, Inc. in the United
States and/or other countries. Docker, Inc. and other parties may also have trademark rights in
other terms used herein.
commands:
- docker.compose
- docker
- docker.help
services:
docker.dockerd: simple, enabled, active
docker.nvidia-container-toolkit: oneshot, enabled, inactive
snap-id: sLCsFAO8PKM5Z0fAKNszUOX0YASjQfeZ
tracking: latest/stable
refresh-date: yesterday at 04:17 UTC
channels:
latest/stable: 20.10.24 2023-05-25 (2895) 109MB -
latest/candidate: 20.10.24 2023-09-29 (2907) 109MB -
latest/beta: 20.10.24 2023-10-02 (2913) 109MB -
latest/edge: 24.0.5 2023-10-07 (2918) 109MB -
core18/stable: 20.10.17 2023-03-13 (2750) 119MB -
core18/candidate: ^
core18/beta: ^
core18/edge: ^
installed: 20.10.24 (2907) 109MB -
その他
Snap(Snappy) コマンドの使い方 | Linux Magazine
- スナップショットもとれるらしい