Atomic OS Updates via OCI Images
Introducing container-snap
Dan Čermák
Dan joined SUSE to work on development tools as part of the developer engagement program, after working on embedded devices. He is an active open source contributor being involved in various upstream projects and a package maintainer in downstream Linux distributions, like openSUSE and Fedora. Beside testing and cryptography his passions include automating everything, documentation and software design.
No video of the event yet, sorry!
When using tools like RPM or Zypper for updating packages, there is a risk of incomplete updates or breaking the running system. To overcome these challenges, we have developed container-snap, a prototype plugin designed to deliver atomic OS updates that are fully applied or rolled back without compromising the system's state.
container-snap leverages OCI images as the source for updates and integrates seamlessly with openSUSE’s tukit for transactional OS updates. By utilizing Podman’s btrfs storage driver, it creates bootable btrfs subvolumes directly from OCI images, effectively turning them into atomic OS snapshots. This allows you to build OS images using familiar tools like Docker or Buildah and deploy the container image on your host.
This lightning talk covers the following topics:
- The
container-snaparchitecture and implementation details - Main development challenges and solutions
- Lessons learned in bridging container tech and OS updates
- A live demo showcasing atomic updates in action
Join this session to learn more about how to boot from an OCI image without bricking your system!
- Date:
- 2025 June 26 - 13:45
- Duration:
- 15 min
- Room:
- Saal
- Conference:
- openSUSE Conference 2025
- Language:
- Track:
- Cloud, Containers, Virtualization
- Difficulty:
- Medium
- Kowalski, the system configuration assistant
- Start Time:
- 2025 June 26 13:30
- Room:
- Gallerie