Amazon EC2 makes traditional updates obsolete for appliances

Linux distributions are obsessed with updates, and rightly so, given the frequent nature of security fixes that must be published. When Linux-based software appliances became popular in the last couple of years, the update paradigm was brought along for the ride. Package manager or system manager software runs on the appliance, and either automatically or at the user´s request updates the entire appliance to a version published by an ISV.

Package managers are big and complex beasts with not a small chance of failing in the middle of an update. Though unlikely, there is also a non-zero chance of such kind of failure being disasterous, rendering the appliance unbootable. Instead of dealing with the downtime and uncertainty associated with updates, the unique nature of the appliance model combined with the power of cloud computing offered by Amazon EC2 renders traditional updates via package managers obsolete.

Before delving into the future of appliance updates, consider how a typical home appliance such as a router or the TiV does updates. These hardware appliances contain special flash ROM that holds firmware. User configuration data is stored in a different location. When a manufacturer releases a firmware update, users download the entire firmware and replace it in one piece. This update mechanism is dead simple and fairly failsafe.

Applying this paradigm to the virtual appliance world, the firmware is the operating system. When deployed on Amazon EC2, the ISV may simply publish all of their appliance versions as templates. Their users associate their own data partition with the common operating system template such that the operating system (firmware) is read-only and all user-specific data is placed in the data partition. When the time comes to update it, the user may simply associate a newer operating system template with the same data partition. If a database schema needs to be migrated to work with the newer OS version, take a backup snapshot of the data partition and run an ISV-supplied migration script first. That was easy, wasn´t it?

R.I.P. traditional package managers. Virtualization ushers in a new way of updating appliances that offers shorter downtime and is less error-prone.