Skip to content

Web app packaging in Sandstorm: It's not LAMP (South Bay)

Photo of Asheesh Laroia
Hosted By
Asheesh L. and 4 others
Web app packaging in Sandstorm: It's not LAMP (South Bay)

Details

Join the Sandstorm community for an evening of socializing and one technical talk. Come for the opportunity to meet others in the Sandstorm community, and work on your project with the guidance from our core devs.

Schedule

• 6:30 PM: Food, drink, and socializing

• 7:00 PM: Asheesh Laroia's talk: "It's not LAMP: Web app packaging in Sandstorm"

• 7:45 - 8:00 PM: Q&A

• 8:00 - 9:30: Time for socializing or hands-on work. Get help from experts or hang out and be part of the community.

Talk details

This talk covers how web app packaging works for the free software Sandstorm.io project. The talk will compare and contrast Sandstorm packaging against the typical install process on a Linux/Apache/MySQL/PHP system. This talk was also featured at Debconf16, the yearly Debian conference.

To allow unprivileged users to install apps with one click, Sandstorm's packaging tools do a few strange things:

• Every app package is a tiny Debian derivative, often as small as 20MB.

• Apps have no Internet connectivity to the outside world.

• Sandstorm uses a FUSE filesystem to identify which files are needed to run the app.

• An app bundles all its needed services, as well as files, resulting in one MySQL service per app.

• Users click and run one instance of an app like Etherpad per document, which is all handled transparently via a web app, a strategy that has neutralized 95% of 0-day web app vulnerabilities, based on our analysis.

• Developers on Mac OS and Windows can create packages for Sandstorm, even though Sandstorm is Linux-only, due to an emphasis on Linux VMs in our development tools.

Somehow we manage to make this scale reasonably well. Additionally, it is popular with upstream authors: of the >50 web apps packaged for Sandstorm, about 1/3 are maintained by their upstreams.

This talk focuses on how the Sandstorm packaging tools work, with community insights as well as technical ones, with the hopes of showing Debian how to more effectively package web apps for end users.

Events in Mountain View, CA
Photo of Sandstorm SF Bay Area group
Sandstorm SF Bay Area
See more events
Sandstorm SF Bay Area
Photo of Sandstorm SF Bay Area group
RethinkDB
156 E. Dana St. · Mountain View, CA
Photo of Sandstorm SF Bay Area group
Sandstorm SF Bay Area
public group