Traditional Linux software update strategies were non-atomic package-based releases. Whereas an apt-get update works fine for servers within a secure environment, with no power or network outages, intermittent power and network for devices in the field mean an update will likely be interrupted. Delivering reliable software updates to low-powered, inaccessible, and often remotely administered embedded devices requires a well-thought-out solution.
The target devices of an embedded Linux project will likely connect to the internet, with their attack surface increasing due to the network exposure. Intruders may attempt to exploit eventual bugs remotely, and the frequency of the updates will increase due to security issues.
Traditionally, the components to be updated, i.e. the bootloader, the kernel, the root filesystem, and the applications, differed in the frequency and ease of updates, from being relatively simple but rarely updated to being complicated but most frequently updated.
Without a secure, robust and fail-safe software update mechanism, your device risks running legacy code and being susceptible to critical exploits. With traditional mechanisms, faulty updates can cause IoT devices to become unstable, and fixing them requires costly manual intervention through on-site engineer visits or device recalls.
Yocto has no built-in mechanism for over-the-air (OTA) updates, and upgrading software on-Yocto based devices can be tricky. Some third-party, open-source solutions that integrate with Yocto do exist. Among the most popular, Mender.io provides a dual image update scheme designed as an OTA update server and client system written in Go, Python and JavaScript. It supports a full system image update and integrates with Yocto-based images through the meta-mender layer. Available as free and open-source or via paid commercial and enterprise plans, Mender.io requires a fixed layout comprising two A/B partitions with rootfs/kernel, one slot for persistent data and one for U-Boot, and no support for raw NOR, NAND or UBI partitions.
Other popular open-source solutions for updating your embedded Linux project running Yocto are SWUpdate, RAUC and OSTree.
In contrast with Yocto, Ubuntu Core provides out-of-the-box support for OTA delta updates. Following changes to the codebase, snaps will automatically calculate the binary delta to minimize the traffic and time required to distribute the update to your embedded Linux project.
Snaps have automatic recovery mechanisms such that Ubuntu Core will stop and revert to the previous working version of the application were an error to occur at any point during the update. This means that Ubuntu Core will not install the automated and transactional updates unless they are 100% successful. Also, each update preserves the previous version of code and data, so developers can safely move applications forwards and backwards in their version history.
Furthermore, the update that ships inside snaps is compressed and remains compressed and read-only through the whole snap lifetime. As noted, Ubuntu Core handles the kernel and base OS as snaps, so all the update benefits relevant to applications also apply to the system foundation.