Skip to main content

Your submission was sent successfully! Close

Thank you for signing up for our newsletter!
In these regular emails you will find the latest updates from Canonical and upcoming events where you can meet our team.Close

Thank you for contacting us. A member of our team will be in touch shortly. Close

  1. Blog
  2. Article

Vergil Yotov
on 15 June 2022


Save your seat for an intro webinar

If you are packaging your IoT applications as snaps or containers, you are aware of the benefits of bundling an application with its dependencies. Publishing snaps across different operating system versions and even distributions is much easier than maintaining package dependencies. Automated IoT software updates make managing fleets of devices more efficient. While you can avoid the dependency hell between software packages, how could you ensure that the diverse applications on an IoT device work well together?

Ubuntu Core 22 introduces the feature of validation sets that makes IoT device management easier. A validation set is a secure policy (assertion) that is signed by your brand and distributed by your dedicated Snap Store. With validation sets you can specify which snaps are required, permitted or forbidden to be installed together on a device. Optionally, specific snap revisions can be set too.

Applying a validation set

An IoT gateway device, for example, will often run various applications that come from different teams or vendors. This software can be released and updated at different intervals.  Moreover, how applications interface with each other can change in ways that are unpredictable. Even loosely coupled applications need to be tested to observe how well they perform together.

With validation sets, you can describe verified combinations of software. It is your decision if you want such a policy to be optional and monitored when needed or enforced by snapd. When enforcing a validation set, snapd will ensure that:

  • Snaps required by a validation set are both present and, if specified, at the correct revision. Attempting to remove a required snap will result in an error and the process will be rejected.
  • Snaps are only refreshed to newer revisions if they continue to satisfy the applied validation sets.
  • Invalid snaps are not allowed to be installed. Attempting to install them will result in an error.

By enforcing validation sets you can ensure that your devices maintain testing and certification integrity over time and across software changes.

Fine control for your IoT software updates

With effective use of validation sets, you can orchestrate how IoT software updates are performed to your fleet of devices. Even if applications are released and updated at different times, changes to installed software will be kept consistent according to the validation set policy. Application updates in Ubuntu Core are automatic and distributed through the Snap Store. By default, the snapd daemon checks for updates multiple times per day. Each update check is called a refresh. Validation sets provide an elegant alternative to refresh control or using the Snapd REST API to control the conditions under which software updates are performed on a device. Just like updating snaps, rolling out policy updates to your devices can happen automatically through your dedicated Snap Store. This makes managing large scale deployments easier and verifiable.

Learn more

Be sure to read the validation sets and validation-set assertion documentation for more information on how to use this feature with your dedicated Snap Store. This new feature is still under active development. Questions and feedback are always appreciated in the Snapcraft.io forum. If you want to learn more about using snaps, the Snapcraft docs are also a good place to start.

Stay tuned

Watch the Ubuntu Core 22 webinar on June 28th, 2022 at 4:00PM CET.

Curious how your existing project or exciting new idea can benefit from the new features of Ubuntu Core 22, get in touch with us.


Related posts


Rhys Knipe
12 June 2024

Space pioneers: Lonestar gears up to create a data centre on the Moon

Canonical announcements Article

Why establish a data centre on the Moon? Find out in our blog. ...


Gabriel Aguiar Noury
21 November 2024

EdgeIQ and Ubuntu Core; bringing security and scalability to device management 

Internet of Things Article

Today, EdgeIQ and Canonical announced the release of the EdgeIQ Coda snap and official support of Ubuntu Core on the EdgeIQ Symphony platform. EdgeIQ Symphony helps you simplify and scale workflows for device fleet operations, data consumption and delivery, and application orchestration. Distributing EdgeIQ Coda as a snap brings the power ...


Rhys Knipe
5 November 2024

What is IoT device management?

Internet of Things Article

IoT device management refers to processes or practices used to deploy, monitor and maintain IoT devices. As organizations scale up their IoT efforts, a solid device management approach is essential to running a secure, streamlined fleet of devices.  The proliferation of connected devices worldwide (projected to reach 18.8 billion in 2024) ...