Power loss while performing an update
Mark Shuttleworth
mark at ubuntu.com
Thu Mar 10 20:23:08 UTC 2016
On 09/03/16 22:16, Wolfgang Tolkien wrote:
> and it sounds like this feature is already there for the core. But how
> about frameworks and apps? I assume the system simply wouldn't switch
> over to the newer version if the upgrade process is not completed, is
> that correct? Is there any point in time where a power loss would
> still be fatal?
Broadly speaking, yes, that's correct.
In 16.04, *everything* is a snap. The core OS is a snap. The kernel is a
snap. And all apps / frameworks are snaps. More importantly, snaps are
read-only compressed images, effectively, which means we can always
verify integrity for the snap and check signatures etc.
That said, those snaps are written onto a filesystem, and the snaps
themselves are writing data (such as their databases or working files)
onto the same filesystem. Filesystems can become corrupted if they are
mid-write or unsync'd and there is a power loss.
If you wanted to really belt-and-braces this you would provide
transition power (capacitor or battery) to ensure a clean shutdown, and
under those circumstances the snappy piece would give you very, very
high reliability.
Mark
More information about the snappy-devel
mailing list