CNAB: a cloud-agnostic format for packaging and running distributed applications announced by Microsoft.
CNAB relies on a handful of technologies you are already familiar with – JSON, Docker containers, and OpenPGP – and describes a format for packaging, installing, and managing distributed applications. By design, it is cloud agnostic. It works with everything from Azure to on-prem OpenStack, from Kubernetes to Swarm, and from Ansible to Terraform. It can execute on a workstation, a public cloud, an air-gapped network, or a constrained IoT environment. And it is flexible enough to accommodate an array of platform needs, from customer-facing marketplaces to internal build pipelines.
Broadly, CNAB brings several features that aren’t currently in the ecosystem:
- Manage discrete resources as a single logical unit that comprises an app.
- Use and define operational verbs for lifecycle management of an app (install, upgrade, uninstall).
- Sign and digitally verify a bundle, even when the underlying technology doesn’t natively support it.
- Attest (or attach a signature to any moment in the lifecycle of that bundle) and digitally verify that the bundle has achieved that state to control how the bundle can be used.
- Enable the export of the bundle and all dependencies to reliably reproduce in another environment, including offline environments (IoT edge, air-gapped environments).
- Store bundles in repositories for remote installation.