One foundational misunderstanding in your very first bullet - Universal Blue distros are installable operating systems that happen to use container image formats as a file representation for network distribution and update mechanisms, but you're expected to be running it on actual hardware or as a traditional VM. The outermost "container" part is largely an incidental implementation detail. You don't run these as a workload on like, a Kube cluster, or anything like that.The underlying project in question for the next conceptual layer down is rpm-ostree:
https://coreos.github.io/rpm-ostree/
rmunn|5 months ago