Release components: debs, snaps, images, containers
An Ubuntu release is done through several different channels. What you consume will depend on where you are and what your interests are.
The heart of Ubuntu is a collection of ‘deb’ packages that are tested and integrated to work well as a whole. Debs is optimized for highly structured dependency management, allowing you to combine debs very richly while ensuring that the software dependencies needed for each deb (delivered as debs) are installed on your machine.
Ubuntu also supports ‘snap’ packages that are best suited for third-party applications and tools that evolve at their own speed, regardless of Ubuntu. If you want to install a high-profile app like Skype or a toolchain like the latest version of Golang, you probably want the plugin because it will give you fresher versions and more control of the specific major versions you want to track.
Snaps each choose a ‘base’, for example, Ubuntu18 (corresponding to the minimum debs set in Ubuntu 18.04 LTS). However, the choice of base does not affect your ability to use a plugin on any of the supported Linux distributions or versions: it is an editor’s choice and should be invisible to you as a user or developer.
A snap can be strictly confined, meaning it operates in a secure box with only predefined access points to the rest of the system. For third-party apps, this means you’ll have a very high level of confidence that the app can only see the appropriate data you’ve provided to it. Snaps can also be ‘classic, meaning they behave more like debs and can see everything in your system. You need to make sure you have a high level of trust in the publisher of any classic plugin you install, as a compromise or bad faith behavior in that code isn’t limited to the app itself.
It is also common to consume Ubuntu as an image in a public cloud, or as a container. Ubuntu is published by Canonical in all major public clouds, and the latest image for each LTS release will always include security updates accumulated up to two weeks ago at most. You can benefit from installing newer updates than that, but the base image you start in the cloud should always be Canonical’s current one to ensure it’s widely up-to-date and that the number of updates needed for full security is minimal.
Canonical also publishes a set of images and containers that you can download for use with VMware or other on-premises hypervisors and private cloud technologies. These include standard Ubuntu images on the Docker Hub and standard images for use with LXD and MAAS. These images are also kept up to date, with the publication of updated security images rolled up on a regular cadence, and you should automate the use of the latest images to ensure consistent security coverage for your users.
Editions, Classic
, and Core
Each version of Ubuntu is available in minimal configurations that have as few packages installed as possible: available in the installer for Server, Desktop, and as separate cloud images. There are also multiple flavors of desktop Ubuntu corresponding to a number of desktop GUI preferences. All of these images are considered ‘Classic’ Ubuntu because they use debs as a base and can add snaps for specific packages or applications.
The Ubuntu Core image is an instant edition of Ubuntu. It is unusual in that the base operating system itself is delivered as an add-on; That makes it suitable for embedded devices where all possible applications that might need to be installed are available as strictly confined snapshots. Ubuntu Core is an integration-oriented device or edition of Ubuntu, not particularly comfortable for humans, but highly reliable and secure for large-scale device deployments such as IoT and CPE in the telecommunications world.
