diff --git a/README.md b/README.md
index 75c72b6c..9fd97f74 100644
--- a/README.md
+++ b/README.md
@@ -120,8 +120,8 @@ For further details, see [the tests documentation](tests/README.md).
 
 ## Platform-Distro Compatibility Matrix
 
-| | Alpine | CentOS | ClearLinux | EulerOS | Fedora | 
-  |--|--|--|--|--|--|
-  | **ARM64** | :heavy_check_mark: | :heavy_check_mark: |  | :heavy_check_mark: | :heavy_check_mark: | 
-  | **PPC64le** | :heavy_check_mark: | :heavy_check_mark: |  |  | :heavy_check_mark: | 
-  | **x86_64** | :heavy_check_mark: |:heavy_check_mark: | :heavy_check_mark: | :heavy_check_mark: | :heavy_check_mark: |
+| | Alpine | CentOS | ClearLinux | EulerOS | Fedora | openSUSE | Ubuntu |
+  |--|--|--|--|--|--|--|--|
+  | **ARM64** | :heavy_check_mark: | :heavy_check_mark: |  | :heavy_check_mark: | :heavy_check_mark: | | |
+  | **PPC64le** | :heavy_check_mark: | :heavy_check_mark: |  |  | :heavy_check_mark: | | |
+  | **x86_64** | :heavy_check_mark: |:heavy_check_mark: | :heavy_check_mark: | :heavy_check_mark: | :heavy_check_mark: | :heavy_check_mark: | :heavy_check_mark: |
diff --git a/rootfs-builder/rootfs.sh b/rootfs-builder/rootfs.sh
index 0659d4a1..9a9fbde4 100755
--- a/rootfs-builder/rootfs.sh
+++ b/rootfs-builder/rootfs.sh
@@ -52,7 +52,7 @@ $(get_distros)
 Refer the Platform-OS Compatibility Matrix: https://github.com/kata-containers/osbuilder#platform-distro-compatibility-matrix
 
 Options:
--a  : agent version DEFAULT: ${AGENT_VERSION} ENV: AGENT_VERSION 
+-a  : agent version DEFAULT: ${AGENT_VERSION} ENV: AGENT_VERSION
 -h  : Show this help message
 -o  : specify version of osbuilder
 -r  : rootfs directory DEFAULT: ${ROOTFS_DIR} ENV: ROOTFS_DIR
@@ -84,17 +84,29 @@ check_function_exist()
 	[ "$(type -t ${function_name})" == "function" ] || die "${function_name} function was not defined"
 }
 
-distro_needs_admin_caps()
+docker_extra_args()
 {
-		if [ "$1" = "ubuntu" ]
-		then
-			echo "true"
-		elif [ "$1" = "debian" ]
-		then 
-			echo "true"
-		else
-			echo "false"
-		fi
+	local args=""
+
+	case "$1" in
+	 ubuntu | debian)
+		# Requred to chroot
+		args+=" --cap-add SYS_CHROOT"
+		# debootstrap needs to create device nodes to properly function
+		args+=" --cap-add MKNOD"
+		;&
+	suse)
+		# Required to mount inside a container
+		args+=" --cap-add SYS_ADMIN"
+		# When AppArmor is enabled, mounting inside a container is blocked with docker-default profile.
+		# See https://github.com/moby/moby/issues/16429
+		args+=" --security-opt apparmor:unconfined"
+		;;
+	*)
+		;;
+	esac
+
+	echo "$args"
 }
 
 generate_dockerfile()
@@ -239,17 +251,7 @@ if [ -n "${USE_DOCKER}" ] ; then
 	docker_run_args+=" --rm"
 	docker_run_args+=" --runtime runc"
 
-	admin_caps=$(distro_needs_admin_caps "$distro")
-	if [ "$admin_caps" = "true" ]; then
-		# Required by debootstrap to mount inside a container
-		docker_run_args+=" --cap-add SYS_ADMIN"
-		# Requred to chroot
-		docker_run_args+=" --cap-add SYS_CHROOT"
-		# debootstrap needs to create device nodes to properly function
-		docker_run_args+=" --cap-add MKNOD"
-		# See https://github.com/moby/moby/issues/16429
-		docker_run_args+=" --security-opt apparmor:unconfined"
-	fi
+	docker_run_args+=" $(docker_extra_args $distro)"
 
 	#Make sure we use a compatible runtime to build rootfs
 	# In case Clear Containers Runtime is installed we dont want to hit issue:
diff --git a/rootfs-builder/suse/Dockerfile.in b/rootfs-builder/suse/Dockerfile.in
new file mode 100644
index 00000000..358951cf
--- /dev/null
+++ b/rootfs-builder/suse/Dockerfile.in
@@ -0,0 +1,19 @@
+#
+# Copyright (c) 2018 SUSE
+#
+# SPDX-License-Identifier: Apache-2.0
+
+#suse: docker image to be used to create a rootfs
+#@OS_VERSION@: Docker image version to build this dockerfile
+from opensuse/leap
+
+# This dockerfile needs to provide all the componets need to build a rootfs
+# Install any package need to create a rootfs (package manager, extra tools)
+
+# RUN commands
+RUN zypper refresh; \
+    zypper --non-interactive install --no-recommends --force-resolution curl git gcc make python3-kiwi tar; \
+    zypper clean --all
+
+# This will install the proper golang to build Kata components
+@INSTALL_GO@
diff --git a/rootfs-builder/suse/config.sh b/rootfs-builder/suse/config.sh
new file mode 100644
index 00000000..c75c4a43
--- /dev/null
+++ b/rootfs-builder/suse/config.sh
@@ -0,0 +1,18 @@
+#
+# Copyright (c) 2018 SUSE
+#
+# SPDX-License-Identifier: Apache-2.0
+
+# May also be "Tumbleweed"
+OS_DISTRO="Leap"
+
+# Leave this empty for distro "Tumbleweed"
+OS_VERSION=${OS_VERSION:-15.0}
+
+OS_IDENTIFIER="$OS_DISTRO${OS_VERSION:+:$OS_VERSION}"
+
+PACKAGES="systemd iptables libudev1"
+
+REPO_URL_OBS="obs://openSUSE:$OS_IDENTIFIER/standard"
+REPO_URL_BASE="http://download.opensuse.org"
+REPO_URL_PATH="/distribution/${OS_DISTRO,,}/$OS_VERSION/repo/oss"
diff --git a/rootfs-builder/suse/config.xml b/rootfs-builder/suse/config.xml
new file mode 100644
index 00000000..230f6426
--- /dev/null
+++ b/rootfs-builder/suse/config.xml
@@ -0,0 +1,35 @@
+<?xml version="1.0" encoding="utf-8"?>
+<!-- 
+ Copyright (c) 2018 SUSE
+ 
+ SPDX-License-Identifier: Apache-2.0
+-->
+<image schemaversion="6.8" name="openSUSE-rootfs-for-Kata-vm">
+    <description type="system">
+        <author>SUSE</author>
+        <contact>mvedovati@suse.com</contact>
+        <specification>openSUSE rootfs for Kata Containers guest vm</specification>
+    </description>
+    <preferences>
+        <version>1.0.0</version>
+        <packagemanager>zypper</packagemanager>
+        <locale>en_US</locale>
+        <keytable>us</keytable>
+        <rpm-excludedocs>true</rpm-excludedocs>
+        <type image="vmx" filesystem="ext4" />
+    </preferences>
+    <repository type="rpm-md">
+        <!-- NOTE: the following is a placeholder, specify the actual path with kiwi option set-repo=... -->
+        <source path="obs://"/>
+    </repository>
+    <packages type="image">
+        <package name=""/>
+    </packages>
+    <packages type="bootstrap" patternType="onlyRequired">
+        <package name="filesystem"/>
+    </packages>
+    <packages type="delete">
+        <package name="zypper"/>
+        <package name="rpm"/>
+    </packages>
+</image>
diff --git a/rootfs-builder/suse/rootfs_lib.sh b/rootfs-builder/suse/rootfs_lib.sh
new file mode 100644
index 00000000..64768a10
--- /dev/null
+++ b/rootfs-builder/suse/rootfs_lib.sh
@@ -0,0 +1,91 @@
+#
+# Copyright (c) 2018 SUSE
+#
+# SPDX-License-Identifier: Apache-2.0
+
+# - Arguments
+# rootfs_dir=$1
+#
+# - Optional environment variables
+#
+# EXTRA_PKGS: Variable to add extra PKGS provided by the user
+#
+# BIN_AGENT: Name of the Kata-Agent binary
+#
+# REPO_URL: URL to distribution repository ( should be configured in
+#           config.sh file)
+#
+# Any other configuration variable for a specific distro must be added
+# and documented on its own config.sh
+#
+# - Expected result
+#
+# rootfs_dir populated with rootfs pkgs
+# It must provide a binary in /sbin/init
+#
+# Note: For some distros, the build_rootfs() function provided in scripts/lib.sh
+#       will suffice. If a new distro is introduced with a special requirement,
+#       then, a rootfs_builder/<distro>/rootfs_lib.sh file should be created
+#       using this template.
+
+build_rootfs() {
+	# Mandatory
+	local ROOTFS_DIR=$1
+
+	#Name of the Kata-Agent binary
+	local BIN_AGENT=${BIN_AGENT}
+
+	# In case of support EXTRA packages, use it to allow
+	# users add more packages to the base rootfs
+	local EXTRA_PKGS=${EXTRA_PKGS:-}
+
+	#In case rootfs is created usign repositories allow user to modify
+	# the default URL
+	local REPO_URL=${REPO_URL:-}
+
+	#PATH where files this script is placed
+	#Use it to refer to files in the same directory
+	#Exmaple: ${CONFIG_DIR}/foo
+	local CONFIG_DIR=${CONFIG_DIR}
+
+	# Populate ROOTFS_DIR
+	# Must provide /sbin/init and /bin/${BIN_AGENT}
+	if [ -e "$ROOTFS_DIR" ] && ! [ -z "$(ls -A $ROOTFS_DIR)" ]; then
+		echo "ERROR: $ROOTFS_DIR is not empty"
+		exit 1
+	fi
+
+	local addPackages=""
+	for p in $PACKAGES $EXTRA_PKGS; do
+		addPackages+=" --add-package=$p"
+	done
+
+	if [ -z "$REPO_URL" ]; then
+		local arch="$(uname -m)"
+		case $arch in
+			x86_64)
+				REPO_URL_PORT=""
+				;;
+			ppc|ppc64le)
+				REPO_URL_PORT="/ports/ppc"
+				;;
+			*)
+				REPO_URL_PORT="/ports/$arch"
+				;;
+		esac
+		REPO_URL="${REPO_URL_BASE}${REPO_URL_PORT}${REPO_URL_PATH}"
+	fi
+
+	# set-repo format: <source,type,alias,priority,imageinclude,package_gpgcheck>
+	# man kiwi::system::build for details
+	local setRepo=" --set-repo $REPO_URL,rpm-md,$OS_IDENTIFIER,99,false,false"
+
+	kiwi system prepare \
+		--description $CONFIG_DIR \
+		--allow-existing-root \
+		--root $ROOTFS_DIR \
+		$addPackages \
+		$setRepo
+	install -d $ROOTFS_DIR/lib/systemd
+	ln -s /usr/lib/systemd/systemd $ROOTFS_DIR/lib/systemd/systemd
+}
diff --git a/tests/test_images.sh b/tests/test_images.sh
index 00498517..7ff2203d 100755
--- a/tests/test_images.sh
+++ b/tests/test_images.sh
@@ -366,7 +366,6 @@ test_distro_ubuntu()
        run_test "${name}" "" "ubuntu" "service" "no"
 }
 
-
 test_distro_fedora()
 {
 	local -r name="Can create and run fedora image"
@@ -401,6 +400,12 @@ test_distro_alpine()
 	run_test "${name}" "" "alpine" "no" "init"
 }
 
+test_distro_suse()
+{
+       local -r name="Can create and run suse image"
+       run_test "${name}" "" "suse" "service" "no"
+}
+
 # Displays a list of all distro test functions
 get_distro_test_names()
 {
@@ -452,6 +457,7 @@ test_all_distros()
 	test_distro_centos
 	test_distro_alpine
 	test_distro_ubuntu
+	test_distro_suse
 	if [ $MACHINE_TYPE != "ppc64le" ]; then
 	   test_distro_clearlinux