# Canonical Voices

Dustin Kirkland

## The Golden Ratio calculated to a record 2 trillion digits, on Ubuntu, in the Cloud!

The Golden Ratio is one of the oldest and most visible irrational numbers known to humanity.  Pi is perhaps more famous, but the Golden Ratio is found in more of our art, architecture, and culture throughout human history.

I think of the Golden Ratio as sort of "Pi in 1 dimension".  Whereas Pi is the ratio of a circle's circumference to its diameter, the Golden Ratio is the ratio of a whole to one of its parts, when the ratio of that part to the remainder is equal.

Visually, this diagram from Wikipedia helps explain it:

We find the Golden Ratio in the architecture of antiquity, from the Egyptians to the Greeks to the Romans, right up to the Renaissance and even modern times.

While the base of the pyramids are squares, the Golden Ratio can be observed as the base and the hypotenuse of a basic triangular cross section like so:

The floor plan of the Parthenon has a width/depth ratio matching the Golden Ratio...

For the first 300 years of printing, nearly all books were printed on pages whose length to width ratio matched that of the Golden Ratio.

Leonardo da Vinci used the Golden Ratio throughout his works.  I'm told that his Vitruvian Man displays the Golden Ratio...

From school, you probably remember that the Golden Ratio is approximately ~1.6 (and change).
There's a strong chance that your computer or laptop monitor has a 16:10 aspect ratio.  Does 1280x800 or 1680x1050 sound familiar?

That ~1.6 number is only an approximation, of course.  The Golden Ratio is in fact an irrational number and can be calculated to much greater precision through several different representations, including:

You can plug that number into your computer's calculator and crank out a dozen or so significant digits.

However, if you want to go much farther than that, Alexander Yee has created a program called y-cruncher, which as been used to calculate most of the famous constants to world record precision.  (Sorry free software readers of this blog -- y-cruncher is not open source code...)

I came across y-cruncher a few weeks ago when I was working on the mprime post, demonstrating how you can easily put any workload into a Docker container and then produce both Juju Charms and Ubuntu Snaps that package easily.  While I opted to use mprime in that post, I saved y-cruncher for this one :-)

Also, while doing some network benchmark testing of The Fan Networking among Docker containers, I experimented for the first time with some of Amazon's biggest instances, which have dedicated 10gbps network links.  While I had a couple of those instances up, I did some small scale benchmarking of y-cruncher.

Presently, none of the mathematical constant records are even remotely approachable with CPU and Memory alone.  All of them require multiple terabytes of disk, which act as a sort of swap space for temporary files, as bits are moved in and out of memory while the CPU crunches.  As such, approaching these are records are overwhelmingly I/O bound -- not CPU or Memory bound, as you might imagine.

After a variety of tests, I settled on the AWS d2.2xlarge instance size as the most affordable instance size to break the previous Golden Ratio record (1 trillion digits, by Alexander Yee on his gaming PC in 2010).  I say "affordable", in that I could have cracked that record "2x faster" with a d2.4xlarge or d2.8xlarge, however, I would have paid much more (4x) for the total instance hours.  This was purely an economic decision :-)

Let's geek out on technical specifications for a second...  So what's in a d2.2xlarge?
• 8x Intel Xeon CPUs (E5-2676 v3 @ 2.4GHz)
• 60GB of Memory
• 6x 2TB HDDs
First, I arranged all 6 of those 2TB disks into a RAID0 with mdadm, and formatted it with xfs (which performed better than ext4 or btrfs in my cursory tests).

`\$ sudo mdadm --create --verbose /dev/md0 --level=stripe --raid-devices=6 /dev/xvd?\$ sudo mkfs.xfs /dev/md0\$ df -h /mnt/dev/md0         11T   34M   11T   1% /mnt`

Here's a brief look at raw read performance with hdparm:

`\$ sudo hdparm -tT /dev/md0 Timing cached reads:   21126 MB in  2.00 seconds = 10576.60 MB/sec Timing buffered disk reads: 1784 MB in  3.00 seconds = 593.88 MB/sec`

The beauty here of RAID0 is that each of the 6 disks can be used to read and/or write simultaneously, perfectly in parallel.  600 MB/sec is pretty quick reads by any measure!  In fact, when I tested the d2.8xlarge, I put all 24x 2TB disks into the same RAID0 and saw nearly 2.4 GB/sec read performance across that 48TB array!

With /dev/md0 mounted on /mnt and writable by my ubuntu user, I kicked off y-crunch with these parameters:

`Program Version:       0.6.8 Build 9461 (Linux - x64 AVX2 ~ Airi)Constant:              Golden RatioAlgorithm:             Newton's MethodDecimal Digits:        2,000,000,000,000Hexadecimal Digits:    1,660,964,047,444Threading Mode:        Thread Spawn (1 Thread/Task)  ? / 8Computation Mode:      Swap ModeWorking Memory:        61,342,174,048 bytes  ( 57.1 GiB )Logical Disk Usage:    8,851,913,469,608 bytes  ( 8.05 TiB )`

Byobu was very handy here, being able to track in the bottom status bar my CPU load, memory usage, disk usage, and disk I/O, as well as connecting and disconnecting from the running session multiple times over the 4 days of running.

And approximately 79 hours later, it finished successfully!

`Start Date:            Thu Jul 16 03:54:11 2015End Date:              Sun Jul 19 11:14:52 2015Computation Time:      221548.583 secondsTotal Time:            285640.965 secondsCPU Utilization:           315.469 %Multi-core Efficiency:     39.434 %Last Digits:5027026274 0209627284 1999836114 2950866539 8538613661  :  1,999,999,999,9502578388470 9290671113 7339871816 2353911433 7831736127  :  2,000,000,000,000`

Amazing, another person (who I don't know), named Ron Watkins, performed the exact same computation and published his results within 24 hours, on July 22nd/23rd.  As such, Ron and I are "sharing" credit for the Golden Ratio record.

Now, let's talk about the economics here, which I think are the most interesting part of this post.

Look at the above chart of records, which are published on the y-cruncher page, the vast majority of those have been calculated on physical PCs -- most of them seem to be gaming PCs running Windows.

What's different about my approach is that I used Linux in the Cloud -- specifically Ubuntu in AWS.  I paid hourly (actually, my employer, Canonical, reimbursed me for that expense, thanks!)  It took right at 160 hours to run the initial calculation (79 hours) as well as the verification calculation (81 hours), at the current rate of \$1.38/hour for a d2.2xlarge, which is a grand total of \$220!

\$220 is a small fraction of the cost of 6x 2TB disks, 60 GB of memory, or 8 Xeon cores, not to mention the electricity and cooling required to run a system of this size (~750W) for 160 hours.

If we say the first first trillion digits were already known from the previous record, that comes out to approximately 4.5 billion record-digits per dollar, and 12.5 billion record-digits per hour!

Hopefully you find this as fascinating as I!

Cheers,
:-Dustin

Dustin Kirkland

## Appellation of Origin: FROM ubuntu

tl;dr:  Your Ubuntu-based container is not a copyright violation.  Nothing to see here.  Carry on.
I am speaking for my employer, Canonical, when I say you are not violating our policies if you use Ubuntu with Docker in sensible, secure ways.  Some have claimed otherwise, but that’s simply sensationalist and untrue.

Canonical publishes Ubuntu images for Docker specifically so that they will be useful to people. You are encouraged to use them! We see no conflict between our policies and the common sense use of Docker.

Going further, we distribute Ubuntu in many different signed formats -- ISOs, root tarballs, VMDKs, AMIs, IMGs, Docker images, among others.  We take great pride in this work, and provide them to the world at large, on ubuntu.com, in public clouds like AWS, GCE, and Azure, as well as in OpenStack and on DockerHub.  These images, and their signatures, are mirrored by hundreds of organizations all around the world. We would not publish Ubuntu in the DockerHub if we didn’t hope it would be useful to people using the DockerHub. We’re delighted for you to use them in your public clouds, private clouds, and bare metal deployments.

Any Docker user will recognize these, as the majority of all Dockerfiles start with these two words....

`FROM ubuntu`

In fact, we gave away hundreds of these t-shirts at DockerCon.

We explicitly encourage distribution and redistribution of Ubuntu images and packages! We also embrace a very wide range of community remixes and modifications. We go further than any other commercially supported Linux vendor to support developers and community members scratching their itches. There are dozens of such derivatives and many more commercial initiatives based on Ubuntu - we are definitely not trying to create friction for people who want to get stuff done with Ubuntu.

Our policy exists to ensure that when you receive something that claims to be Ubuntu, you can trust that it will work to the same standard, regardless of where you got it from. And people everywhere tell us they appreciate that - when they get Ubuntu on a cloud or as a VM, it works, and they can trust it.  That concept is actually hundreds of years old, and we’ll talk more about that in a minute....

So, what do I mean by “sensible use” of Docker? In short - secure use of Docker. If you are using a Docker container then you are effectively giving the producer of that container ‘root’ on your host. We can safely assume that people sharing an Ubuntu docker based container know and trust one another, and their use of Ubuntu is explicitly covered as personal use in our policy. If you trust someone to give you a Docker container and have root on your system, then you can handle the risk that they inadvertently or deliberately compromise the integrity or reliability of your system.

Our policy distinguishes between personal use, which we can generalise to any group of collaborators who share root passwords, and third party redistribution, which is what people do when they exchange OS images with strangers.

Third party redistribution is more complicated because, when things go wrong, there’s a real question as to who is responsible for it. Here’s a real example: a school district buys laptops for all their students with free software. A local supplier takes their preferred Linux distribution and modifies parts of it (like the kernel) to work on their hardware, and sells them all the PCs. A month later, a distro kernel update breaks all the school laptops. In this case, the Linux distro who was not involved gets all the bad headlines, and the free software advocates who promoted the whole idea end up with egg on their faces.

We’ve seen such cases in real hardware, and in public clouds and other, similar environments.  Digital Ocean very famously published some modified and very broken Ubuntu images, outside of Canonical's policies.  That's inherently wrong, and easily avoidable.

So we simply say, if you’re going to redistribute Ubuntu to third parties who are trusting both you and Ubuntu to get it right, come and talk to Canonical and we’ll work out how to ensure everybody gets what they want and need.

Here’s a real exercise I hope you’ll try...

1. Head over to your local purveyor of fine wines and liquors.
2. Pick up a nice bottle of Champagne, Single Malt Scotch Whisky, Kentucky Straight Bourbon Whiskey, or my favorite -- a rare bottle of Lambic Oude Gueze.
3. Carefully check the label, looking for a seal of Appellation d'origine contrôlée.
4. In doing so, that bottle should earn your confidence that it was produced according to strict quality, format, and geographic standards.
5. Before you pop the cork, check the seal, to ensure it hasn’t been opened or tampered with.  Now, drink it however you like.
6. Pour that Champagne over orange juice (if you must).  Toss a couple ice cubes in your Scotch (if that’s really how you like it).  Pour that Bourbon over a Coke (if that’s what you want).
7. Enjoy however you like -- straight up or mixed to taste -- with your own guests in the privacy of your home.  Just please don’t pour those concoctions back into the bottle, shove a cork in, put them back on the shelf at your local liquor store and try to pass them off as Champagne/Scotch/Bourbon.

Rather, if that’s really what you want to do -- distribute a modified version of Ubuntu -- simply contact us and ask us first (thanks for sharing that link, mjg59).  We have some amazing tools that can help you either avoid that situation entirely, or at least let’s do everyone a service and let us help you do it well.

Believe it or not, we’re really quite reasonable people!  Canonical has a lengthy, public track record, donating infrastructure and resources to many derivative Ubuntu distributions.  Moreover, we’ve successfully contracted mutually beneficial distribution agreements with numerous organizations and enterprises. The result is happy users and happy companies.

FROM ubuntu,
Dustin

 The one and only Champagne region of France

Dustin Kirkland

## LXD Challenge: How many containers can you run on your machine?

 652 Linux containers running on a Laptop?  Are you kidding me???

A couple of weeks ago, at the OpenStack Summit in Vancouver, Canonical released the results of some scalability testing of Linux containers (LXC) managed by LXD.

Ryan Harper and James Page presented their results -- some 536 Linux containers on a very modest little Intel server (16GB of RAM), versus 37 KVM virtual machines.

Ryan has published the code he used for the benchmarking, and I've used to to reproduce the test on my dev laptop (Thinkpad x230, 16GB of RAM, Intel i7-3520M).

I managed to pack a whopping 652 Ubuntu 14.04 LTS (Trusty) containers on my Ubuntu 15.04 (Vivid) laptop!

The system load peaked at 1056 (!!!), but I was using merely 56% of 15.4GB of system memory.  Amazingly, my Unity desktop and Byobu command line were still perfectly responsive, as were the containers that I ssh'd into.  (Aside: makes me wonder if the Linux system load average is accounting for container process correctly...)

Check out the process tree for a few hundred system containers here!

As for KVM, I managed to launch 31 virtual machines without KSM enabled, and 65 virtual machines with KSM enabled and working hard.  So that puts somewhere between 10x - 21x as many containers as virtual machines on the same laptop.

I'd love to see someone try this in AWS, anywhere from an m3.small to an r3.8xlarge, and share your results ;-)

### Density test instructions

`## Install lxd\$ sudo add-apt-repository ppa:ubuntu-lxc/lxd-git-master\$ sudo apt-get update\$ sudo apt-get install -y lxd bzr\$ cd /tmp## At this point, it's a good idea to logout/login or reboot`
`## for your new group permissions to get applied`
`## Grab the tests, disable the tools download\$ bzr branch lp:~raharper/+junk/density-check\$ cd density-check\$ mkdir lxd_tools`
`## Periodically squeeze your cache\$ sudo bash -x -c 'while true; do sleep 30; \    echo 3 | sudo tee /proc/sys/vm/drop_caches; \    free; done' &`
`## Run the LXD test\$ ./density-check-lxd --limit=mem:512m --load=idle release=trusty arch=amd64`
`## Run the KVM test\$ ./density-check-kvm --limit=mem:512m --load=idle release=trusty arch=amd64`

As for the speed-of-launch test, I'll cover that in a follow-up post!

Cheers!
Dustin

Ben Howard

## [BETA] New Cloud Image Finder

One of the perennial problems in the Cloud is knowing what is the most current image and where to find it. Some Clouds provide a nice GUI console, an API, or some combination. But what has been missing is a "dashboard" showing Ubuntu across multiple Clouds.

 https://cloud-images.ubuntu.com/locator
In that light, I am please to announce that we have a new beta Cloud Image Finder. This page shows where official Ubuntu images are available. As with all betas, we have some kinks to work out, like gathering up links for our Cloud Partners (so clicking an Image ID launches an image). I envision that in the future this locator page will be the default landing page for our Cloud Image Page..

The need for this page became painfully apparent yesterday as I was working through the fallout of the Ghost Vulnerability (aka CVE 2015-0235). The Cloud Image team had spent a good amount of time pushing our images to AWS, Azure, GCE, Joyent and then notifying our partners like Brightbox, DreamCompute, CloudSigma and VMware of new builds. I realized that we needed a single place for our users to just look and see where the builds are available. And so I hacked up the EC2 Locator page to display other clouds.

Please note: this new page only shows stable releases. We push a lot of images and did not want to confuse things by showing betas, alphas, dailies or the development builds. Rather, this page will only show images that have been put through the complete QA process and are ready for production work loads.

This new locator page is backed by Simple Streams, which is our machine-formatted data service. Simple Streams provides a way of locating images in uniform way across the cloud. Essentially our new Locator Page is just a viewer of the Simple Stream Data.

Hopefully our users will find this new page useful. Feedback is always welcome. Please feel free to drop me a line (utlemming @ ubuntu dot com).

Dustin Kirkland

## snappy vs.apt-get Ubuntu Matrix

With the recent introduction of Snappy Ubuntu, there are now several different ways to extend and update (apt-get vs. snappy) multiple flavors of Ubuntu (Core, Desktop, and Server).

We've put together this matrix with a few examples of where we think Traditional Ubuntu (apt-get) and Transactional Ubuntu (snappy) might make sense in your environment.  Note that this is, of course, not a comprehensive list.

 Ubuntu Core Ubuntu Desktop Ubuntu Server Traditional apt-get Minimal Docker and LXC images Desktop, Laptop, Personal Workstations Baremetal, MAAS, OpenStack, General Purpose Cloud Images Transactional snappy Minimal IoT Devices and Micro-Services Architecture Cloud Images Touch, Phones, Tablets Comfy, Human Developer Interaction (over SSH) in an atomically updated environment

I've presupposed a few of the questions you might ask, while you're digesting this new landscape...

Q: I'm looking for the smallest possible Ubuntu image that still supports apt-get...
A: You want our Traditional Ubuntu Core. This is often useful in building Docker and LXC containers.

Q: I'm building the next wearable IoT device/drone/robot, and perhaps deploying a fleet of atomically updated micro-services to the cloud...
A: You want Snappy Ubuntu Core.

Q: I want to install the best damn Linux on my laptop, desktop, or personal workstation, with industry best security practices, 30K+ freely available open source packages, freely available, with extensive support for hardware devices and proprietary add-ons...
A: You want the same Ubuntu Desktop that we've been shipping for 10+ years, on time, every time ;-)

Q: I want that same converged, tasteful Ubuntu experience on your personal, smart devices like my Phones and Tablets...
A: You want Ubuntu Touch, which is a very graphical human interface focused expression of Snappy Ubuntu.

Q: I'm deploying Linux onto bare metal servers at scale in the data center, perhaps building IaaS clouds using OpenStack or PaaS cloud using CloudFoundry? And I'm launching general purpose Linux server instances in public clouds (like AWS, Azure, or GCE) and private clouds...
A: You want the traditional apt-get Ubuntu Server.

Q: I'm developing and debugging applications, services, or frameworks for Snappy Ubuntu devices or cloud instances?
A: You want Comfy Ubuntu Server, which is a command line human interface extension of Snappy Ubuntu, with a number of conveniences and amenities (ssh, byobu, manpages, editors, etc.) that won't be typically included in the minimal Snappy Ubuntu Core build. [*Note that the Comfy images will be available very soon]

Cheers,
:-Dustin

Dustin Kirkland

## AWSnap! Snappy Ubuntu Now Available on AWS!

Awww snap!

That's right!  Snappy Ubuntu images are now on AWS, for your EC2 computing pleasure.

Enjoy this screencast as we start a Snappy Ubuntu instance in AWS, and install the xkcd-webserver package.

And a transcript of the commands follows below.

`kirkland@x230:/tmp⟫ cat cloud.cfg#cloud-config    snappy:       ssh_enabled: Truekirkland@x230:/tmp⟫ aws ec2 describe-images \> --region us-east-1 \> --image-ids ami-5c442634{    "Images": [        {            "ImageType": "machine",            "Description": "ubuntu-core-devel-1418912739-141-amd64",            "Hypervisor": "xen",            "ImageLocation": "ucore-images/ubuntu-core-devel-1418912739-141-amd64.manifest.xml",            "SriovNetSupport": "simple",            "ImageId": "ami-5c442634",            "RootDeviceType": "instance-store",            "Architecture": "x86_64",            "BlockDeviceMappings": [],            "State": "available",            "VirtualizationType": "hvm",            "Name": "ubuntu-core-devel-1418912739-141-amd64",            "OwnerId": "649108100275",            "Public": false        }    ]}kirkland@x230:/tmp⟫kirkland@x230:/tmp⟫ # NOTE: This AMI will almost certainly have changed by the time you're watching this ;-)kirkland@x230:/tmp⟫ clearkirkland@x230:/tmp⟫ aws ec2 run-instances \> --region us-east-1 \> --image-id ami-5c442634 \> --key-name id_rsa \> --instance-type m3.medium \> --user-data "\$(cat cloud.cfg)"{    "ReservationId": "r-c6811e28",    "Groups": [        {            "GroupName": "default",            "GroupId": "sg-d5d135bc"        }    ],    "OwnerId": "357813986684",    "Instances": [        {            "KeyName": "id_rsa",            "PublicDnsName": null,            "ProductCodes": [],            "StateTransitionReason": null,            "LaunchTime": "2014-12-18T17:29:07.000Z",            "Monitoring": {                "State": "disabled"            },            "ClientToken": null,            "StateReason": {                "Message": "pending",                "Code": "pending"            },            "RootDeviceType": "instance-store",            "Architecture": "x86_64",            "PrivateDnsName": null,            "ImageId": "ami-5c442634",            "BlockDeviceMappings": [],            "Placement": {                "GroupName": null,                "AvailabilityZone": "us-east-1e",                "Tenancy": "default"            },            "AmiLaunchIndex": 0,            "VirtualizationType": "hvm",            "NetworkInterfaces": [],            "SecurityGroups": [                {                    "GroupName": "default",                    "GroupId": "sg-d5d135bc"                }            ],            "State": {                "Name": "pending",                "Code": 0            },            "Hypervisor": "xen",            "InstanceId": "i-af43de51",            "InstanceType": "m3.medium",            "EbsOptimized": false        }    ]}kirkland@x230:/tmp⟫kirkland@x230:/tmp⟫ aws ec2 describe-instances --region us-east-1 | grep PublicIpAddress                    "PublicIpAddress": "54.145.196.209",kirkland@x230:/tmp⟫ ssh -i ~/.ssh/id_rsa ubuntu@54.145.196.209ssh: connect to host 54.145.196.209 port 22: Connection refused255 kirkland@x230:/tmp⟫ ssh -i ~/.ssh/id_rsa ubuntu@54.145.196.209The authenticity of host '54.145.196.209 (54.145.196.209)' can't be established.RSA key fingerprint is 91:91:6e:0a:54:a5:07:b9:79:30:5b:61:d4:a8:ce:6f.No matching host key fingerprint found in DNS.Are you sure you want to continue connecting (yes/no)? yesWarning: Permanently added '54.145.196.209' (RSA) to the list of known hosts.Welcome to Ubuntu Vivid Vervet (development branch) (GNU/Linux 3.16.0-25-generic x86_64) * Documentation:  https://help.ubuntu.com/The programs included with the Ubuntu system are free software;the exact distribution terms for each program are described in theindividual files in /usr/share/doc/*/copyright.Ubuntu comes with ABSOLUTELY NO WARRANTY, to the extent permitted byapplicable law.Welcome to the Ubuntu Core rolling development release. * See https://ubuntu.com/snappyIt's a brave new world here in snappy Ubuntu Core! This machinedoes not use apt-get or deb packages. Please see 'snappy --help'for app installation and transactional updates.To run a command as administrator (user "root"), use "sudo ".See "man sudo_root" for details.ubuntu@ip-10-153-149-47:~\$ mountsysfs on /sys type sysfs (rw,nosuid,nodev,noexec,relatime)proc on /proc type proc (rw,nosuid,nodev,noexec,relatime)udev on /dev type devtmpfs (rw,relatime,size=1923976k,nr_inodes=480994,mode=755)devpts on /dev/pts type devpts (rw,nosuid,noexec,relatime,gid=5,mode=620,ptmxmode=000)tmpfs on /run type tmpfs (rw,nosuid,noexec,relatime,size=385432k,mode=755)/dev/xvda1 on / type ext4 (ro,relatime,data=ordered)/dev/xvda3 on /writable type ext4 (rw,relatime,discard,data=ordered)tmpfs on /run type tmpfs (rw,nosuid,noexec,relatime,mode=755)tmpfs on /etc/fstab type tmpfs (rw,nosuid,noexec,relatime,mode=755)/dev/xvda3 on /etc/systemd/system type ext4 (rw,relatime,discard,data=ordered)securityfs on /sys/kernel/security type securityfs (rw,nosuid,nodev,noexec,relatime)tmpfs on /dev/shm type tmpfs (rw,nosuid,nodev)tmpfs on /run/lock type tmpfs (rw,nosuid,nodev,noexec,relatime,size=5120k)tmpfs on /sys/fs/cgroup type tmpfs (ro,nosuid,nodev,noexec,mode=755)cgroup on /sys/fs/cgroup/systemd type cgroup (rw,nosuid,nodev,noexec,relatime,xattr,release_agent=/lib/systemd/systemd-cgroups-agent,name=systemd)pstore on /sys/fs/pstore type pstore (rw,nosuid,nodev,noexec,relatime)cgroup on /sys/fs/cgroup/cpuset type cgroup (rw,nosuid,nodev,noexec,relatime,cpuset,clone_children)cgroup on /sys/fs/cgroup/cpu,cpuacct type cgroup (rw,nosuid,nodev,noexec,relatime,cpu,cpuacct)cgroup on /sys/fs/cgroup/memory type cgroup (rw,nosuid,nodev,noexec,relatime,memory)cgroup on /sys/fs/cgroup/devices type cgroup (rw,nosuid,nodev,noexec,relatime,devices)cgroup on /sys/fs/cgroup/freezer type cgroup (rw,nosuid,nodev,noexec,relatime,freezer)cgroup on /sys/fs/cgroup/net_cls,net_prio type cgroup (rw,nosuid,nodev,noexec,relatime,net_cls,net_prio)cgroup on /sys/fs/cgroup/blkio type cgroup (rw,nosuid,nodev,noexec,relatime,blkio)cgroup on /sys/fs/cgroup/perf_event type cgroup (rw,nosuid,nodev,noexec,relatime,perf_event)cgroup on /sys/fs/cgroup/hugetlb type cgroup (rw,nosuid,nodev,noexec,relatime,hugetlb)tmpfs on /etc/machine-id type tmpfs (ro,relatime,size=385432k,mode=755)systemd-1 on /proc/sys/fs/binfmt_misc type autofs (rw,relatime,fd=22,pgrp=1,timeout=300,minproto=5,maxproto=5,direct)hugetlbfs on /dev/hugepages type hugetlbfs (rw,relatime)debugfs on /sys/kernel/debug type debugfs (rw,relatime)mqueue on /dev/mqueue type mqueue (rw,relatime)fusectl on /sys/fs/fuse/connections type fusectl (rw,relatime)/dev/xvda3 on /etc/hosts type ext4 (rw,relatime,discard,data=ordered)/dev/xvda3 on /etc/sudoers.d type ext4 (rw,relatime,discard,data=ordered)/dev/xvda3 on /root type ext4 (rw,relatime,discard,data=ordered)/dev/xvda3 on /var/lib/click/frameworks type ext4 (rw,relatime,discard,data=ordered)/dev/xvda3 on /usr/share/click/frameworks type ext4 (rw,relatime,discard,data=ordered)/dev/xvda3 on /var/lib/systemd/snappy type ext4 (rw,relatime,discard,data=ordered)/dev/xvda3 on /var/lib/systemd/click type ext4 (rw,relatime,discard,data=ordered)/dev/xvda3 on /var/lib/initramfs-tools type ext4 (rw,relatime,discard,data=ordered)/dev/xvda3 on /etc/writable type ext4 (rw,relatime,discard,data=ordered)/dev/xvda3 on /etc/ssh type ext4 (rw,relatime,discard,data=ordered)/dev/xvda3 on /var/tmp type ext4 (rw,relatime,discard,data=ordered)/dev/xvda3 on /var/lib/apparmor type ext4 (rw,relatime,discard,data=ordered)/dev/xvda3 on /var/cache/apparmor type ext4 (rw,relatime,discard,data=ordered)/dev/xvda3 on /etc/apparmor.d/cache type ext4 (rw,relatime,discard,data=ordered)/dev/xvda3 on /etc/ufw type ext4 (rw,relatime,discard,data=ordered)/dev/xvda3 on /var/log type ext4 (rw,relatime,discard,data=ordered)/dev/xvda3 on /var/lib/system-image type ext4 (rw,relatime,discard,data=ordered)tmpfs on /var/lib/sudo type tmpfs (rw,relatime,mode=700)/dev/xvda3 on /var/lib/logrotate type ext4 (rw,relatime,discard,data=ordered)/dev/xvda3 on /var/lib/dhcp type ext4 (rw,relatime,discard,data=ordered)/dev/xvda3 on /var/lib/dbus type ext4 (rw,relatime,discard,data=ordered)/dev/xvda3 on /var/lib/cloud type ext4 (rw,relatime,discard,data=ordered)/dev/xvda3 on /var/lib/apps type ext4 (rw,relatime,discard,data=ordered)tmpfs on /mnt type tmpfs (rw,relatime)tmpfs on /tmp type tmpfs (rw,relatime)/dev/xvda3 on /apps type ext4 (rw,relatime,discard,data=ordered)/dev/xvda3 on /home type ext4 (rw,relatime,discard,data=ordered)/dev/xvdb on /mnt type ext3 (rw,relatime,data=ordered)tmpfs on /run/user/1000 type tmpfs (rw,nosuid,nodev,relatime,size=385432k,mode=700,uid=1000,gid=1000)ubuntu@ip-10-153-149-47:~\$ mount | grep " / "/dev/xvda1 on / type ext4 (ro,relatime,data=ordered)ubuntu@ip-10-153-149-47:~\$ sudo touch /footouch: cannot touch ‘/foo’: Read-only file systemubuntu@ip-10-153-149-47:~\$ sudo apt-get updateUbuntu Core does not use apt-get, see 'snappy --help'!ubuntu@ip-10-153-149-47:~\$ sudo snappy --helpUsage:snappy [-h] [-v]             {info,versions,search,update-versions,update,rollback,install,uninstall,tags,build,chroot,framework,fake-version,nap}             ...snappy command line interfaceoptional arguments:  -h, --help            show this help message and exit  -v, --version         Print this version string and exitCommands:  {info,versions,search,update-versions,update,rollback,install,uninstall,tags,build,chroot,framework,fake-version,nap}    info    versions    search    update-versions    update    rollback            undo last system-image update.    install    uninstall    tags    build    chroot    framework    fake-version        ==SUPPRESS==    nap                 ==SUPPRESS==ubuntu@ip-10-153-149-47:~\$ sudo snappy inforelease: ubuntu-core/develframeworks:apps:ubuntu@ip-10-153-149-47:~\$ sudo snappy versions -aPart         Tag   Installed  Available  Fingerprint     Activeubuntu-core  edge  141        -          7f068cb4fa876c  *ubuntu@ip-10-153-149-47:~\$ sudo snappy search dockerPart    Version    Descriptiondocker  1.3.2.007  The docker app deployment mechanismubuntu@ip-10-153-149-47:~\$ sudo snappy install dockerdocker      4 MB     [=============================================================================================================]    OKPart    Tag   Installed  Available  Fingerprint     Activedocker  edge  1.3.2.007  -          b1f2f85e77adab  *ubuntu@ip-10-153-149-47:~\$ sudo snappy versions -aPart         Tag   Installed  Available  Fingerprint     Activeubuntu-core  edge  141        -          7f068cb4fa876c  *docker       edge  1.3.2.007  -          b1f2f85e77adab  *ubuntu@ip-10-153-149-47:~\$ sudo snappy search webserverPart                  Version  Descriptiongo-example-webserver  1.0.1    Minimal Golang webserver for snappyxkcd-webserver        0.3.1    Show random XKCD compic via a build-in webserverubuntu@ip-10-153-149-47:~\$ sudo snappy install xkcd-webserverxkcd-webserver     21 kB     [=====================================================================================================]    OKPart            Tag   Installed  Available  Fingerprint     Activexkcd-webserver  edge  0.3.1      -          3a9152b8bff494  *ubuntu@ip-10-153-149-47:~\$ exitlogoutConnection to 54.145.196.209 closed.kirkland@x230:/tmp⟫ ec2-instancesi-af43de51 ec2-54-145-196-209.compute-1.amazonaws.comkirkland@x230:/tmp⟫ ec2-terminate-instances i-af43de51INSTANCE        i-af43de51      running shutting-downkirkland@x230:/tmp⟫`

Cheers!
Dustin