Docker vs Snaps: a side by side comparison
Tags: docker , Embedded Linux , IoT , Snaps
The Docker project was initiated by dotCloud, a platform-as-a-service (PaaS) company that created Docker to run their internal infrastructure. Slowly, Docker became more successful than any of their other products, so dotCloud rebranded as Docker Inc. Docker provides easy-to-use tooling and grew into an entire ecosystem for container management. Many developers have learned to use it as part of their toolkit for packaging and distributing applications to the cloud, or for development and testing stages more broadly.
Snaps were introduced by Canonical, the publisher of Ubuntu, as a way to package and distribute Linux applications. There was a growing need to ease the deployment of applications that run across different Linux flavours, versions and even types of compute. Snaps improved the overall system security and the software update lifecycle, including infrastructure for over-the-air updates and automatic rollbacks. The idea behind snaps is to decouple the Linux application from the operating system it runs on, while still providing secure access to host resources through dedicated interfaces and reusing as much as it’s practical from a minimal stable release of Ubuntu.
In sum, while Docker containers were mostly focused on covering the cloud use case and developer workflow, snaps aimed to reinvent the way Linux applications are packaged and distributed.
This resulted in Docker providing a quick and efficient way to containerise cloud services, while snaps became great for the distribution of Linux applications.
As far as Linux applications are concerned, both could be packaged in either a Docker image or a snap. They both run natively on Linux and require a compatibility layer to run on Windows or macOS.
The infographic below provides a quick side by side comparison of the two technologies, their purpose and essential features for IoT deployments. To learn more about this topic, you can also download our whitepaper on considerations for using Docker containers in IoT and learn how to migrate your docker project to snaps.
What’s the risk of unsolved vulnerabilities in Docker images?
Recent surveys found that many popular containers had known vulnerabilities. Container images provenance is critical for a secure software supply chain in production. Benefit from Canonical’s security expertise with the LTS Docker images portfolio, a curated set of application images, free of vulnerabilities, with a 24/7 commitment.