An Unexpected Approach to Ubuntu Deployment

At the Ubuntu Summit 26.04, an event traditionally focused on the Canonical ecosystem, the presentation by Joseph Marrero Corchado, Principal Software Engineer at Red Hat, captured significant attention. His talk, titled "Bootc: Use your container knowledge and infrastructure to build and deploy your Ubuntu hosts," illustrated how the bootc toolchain can extend container management paradigms to the entire operating system, including Ubuntu hosts. While Ubuntu is very strong in the desktop space, in large corporate server environments, it stands as just another Linux distribution among many. This neutrality allows for its effective management using existing FOSS tooling, a principle that bootc fully embraces.

The presence of a Red Hat engineer at a Canonical summit is not entirely unprecedented. In the past, similar events have hosted presentations on projects based on different distributions or adopting alternative approaches, such as System76's Pop!_OS or Rocky Linux. Marrero himself highlighted that he works at Red Hat but is a long-time Ubuntu user, emphasizing a perspective that transcends corporate affiliations and focuses on the functionality and interoperability of open-source tools. This context underscores a growing trend in the tech industry, where collaboration and the adoption of cross-vendor solutions are increasingly valued for addressing complex infrastructure challenges.

bootc: Containerizing the Operating System for VMs and Bare Metal

At the core of Marrero's presentation is bootc, a toolchain that has achieved CNCF incubator project status. bootc enables operating system installations and upgrades using OCI (Open Container Initiative) or Docker container images. This means that system administrators can define and ship customized OS images, such as Ubuntu, as if they were standard containers. A distinguishing feature of bootc is its ability to perform transactional, in-place updates with rollback capabilities, ensuring greater stability and reliability in deployment processes.

bootc images are unique: despite being containers, they include a kernel, making them runnable on both virtual machines (VMs) and bare metal hardware. This flexibility allows images to be tested and validated in continuous integration (CI) environments before production deployment. bootc positions itself as an alternative to traditional imaging systems, such as Canonical's Ubuntu-image, which rely on apt and standard repositories. Instead, bootc leverages container tools and registries, offering a unified approach to infrastructure management. Projects like SteamOS already utilize bootc, and the Bootcrew project maintains a growing collection of bootc images for various operating systems, including Ubuntu, openSUSE, and Debian.

Implications for On-Premise Deployment and TCO

The adoption of bootc offers significant implications for infrastructure management, particularly for on-premise deployments. The ability to manage a server, cloud, or desktop operating system, along with all its tools and applications, from a single controlled central point, greatly simplifies operations. This approach can replace a wide range of configuration management tools, such as Puppet, Chef, or shell script automation, reducing complexity and the potential for human error. Standardization based on OCI container images allows for granular control over configurations and faster, more consistent deployments.

For organizations evaluating on-premise deployment of AI/LLM workloads, bootc can represent a strategic advantage. It offers greater control over data sovereignty and compliance, allowing OS images and their registries to be kept within the corporate infrastructure, even in air-gapped environments. Potential benefits to the Total Cost of Ownership (TCO) stem from simplified update and maintenance processes, reduced reliance on third-party tools, and increased operational efficiency. The images are constructed using composefs (in its Rust implementation, composefs-rs), which builds upon established Linux tools like overlayfs, the EROFS read-only filesystem, and fsverity for integrity checking, ensuring robustness and security.

A Convincing Demonstration and Future Prospects

During his presentation, Marrero provided a practical demonstration of bootc's effectiveness. He deployed a default Ubuntu installation in just a couple of seconds under QEMU, then added the tmux terminal multiplexer with a single container layer. Subsequently, he showed how to switch to a different image with Apache and a demo page installed, an operation that took about a second plus a VM reboot. He also verified the presence and functionality of snapd and installed LXD, confirming that the bootc-managed system is, in all respects, a complete and functional Ubuntu installation.

The "bootable containers" toolchain has shown remarkable maturity, and the demo highlighted its ability to integrate Ubuntu into a radically different set of management tools with relative ease. This approach offers companies a powerful alternative for operating system deployment and management, particularly in contexts where consistency, speed, and infrastructure control are priorities. For those wishing to delve deeper, Marrero has also made available a guide to converting an Ubuntu 26.04 LTS VM into a bootc-managed system using composefs, resulting in an immutable, image-based system atomically updatable via container images.