When using tools like RPM or Zypper for updating packages, there is a risk of incomplete updates or breaking the running system. To overcome these challenges, we have developed **container-snap**, a prototype plugin designed to deliver **atomic OS updates** that are fully applied or rolled back without compromising the system's state.

**container-snap** leverages OCI images as the source for updates and integrates seamlessly with openSUSE’s [tukit](https://github.com/openSUSE/transactional-update) for transactional OS updates. By utilizing **Podman’s btrfs storage driver**, it creates bootable btrfs subvolumes directly from OCI images, effectively turning them into atomic OS snapshots. This allows you to build OS images using familiar tools like Docker or Buildah and deploy the container image on your host.

This lightning talk covers the following topics:

- The `container-snap` architecture and implementation details

- Main development challenges and solutions

- Lessons learned in bridging container tech and OS updates

- A live demo showcasing atomic updates in action

Join this session to learn more about how to boot from an OCI image without bricking your system!

Licensed to the public under https://creativecommons.org/licenses/by-sa/4.0/

about this event: https://c3voc.de