AWS Bottlerocket Now Generally Available
Written by Kay Ewbank   
Monday, 07 September 2020

Amazon Bottlerocket, an open source Linux-based operating system that is purpose-built to run containers on both virtual machines and bare metal hosts, is now generally available.

Bottlerocket is a minimal Linux distribution that is aimed at the same market as Google’s container-optimized operating system. Amazon says Bottlerocket was developed based on how Amazon's customers use Amazon Linux to run containers and from running services such as AWS Fargate. Fargate is a compute engine for Amazon ECS and EKS that allows you to run containers without having to manage servers or clusters. Samartha Chandrashekar, Product Manager at AWS, said:

"At every step of the design process, we optimized Bottlerocket for security, speed, and ease of maintenance."

bottlerocket

Bottlerocket's security focus starts with the fact it includes only the software needed to run containers, so reduces the security attack surface. It uses Security-Enhanced Linux (SELinux) in enforcing mode to increase the isolation between containers and the host operating system, and also makes use of standard Linux kernel technologies to implement isolation between containerized workloads—such as control groups (cgroups), namespaces, and seccomp. Bottlerocket uses Device-mapper’s verity target (dm-verity), a Linux kernel feature that provides integrity checking to help prevent attackers from persisting threats on the OS, such as overwriting core system software.

Bottlerocket has been and will continue to be developed as an open source project on GitHub with a public roadmap. Amazon says Bottlerocket comes with a single-step update mechanism. Most containers are run on general-purpose operating systems where updates are applied on a package-by-package basis, making it difficult to automate updating. Bottlerocket has been designed so updates can be applied and rolled back in a single step so they're easy to automate, and the update process is based on an open-source project hosted by the Cloud Native Computing Foundation.

Because Bottlerocket is an open source project, users will be able to customize it with integration with the custom orchestrators, kernels, or container runtimes used to run their infrastructure. All the design documents, code, build tools, tests, and documentation for Bottlerocket will be hosted on GitHub. Bottlerocket includes standard open source components, such as the Linux kernel and container runtime. 

Bottlerocket is available as an Amazon Machine Image for EC2 as a preview, and is generally available with Amazon EKS.

 

bottlerocket

More Information

BottleRocket On GitHub

BottleRocket On AWS

Related Articles

Amazon Announces Bottlerocket

Kubernetes for Full-Stack Developers

Google Promotes ChromeOS at Google I/O

Docker Comes To Pi - It's Official

 

 

To be informed about new articles on I Programmer, sign up for our weekly newsletter, subscribe to the RSS feed and follow us on Twitter, Facebook or Linkedin.

Banner


pg_parquet - Postgres To Parquet Interoperability
28/11/2024

pg_parquet is a new extension by Crunchy Data that allows a PostgreSQL instance to work with Parquet files. With pg_duckdb, pg_analytics and pg_mooncake all of which can access Parquet files, is  [ ... ]



Fermyon's Spin WebAssembly Version 3.0 Released
26/11/2024

The open source developer tool for building, distributing, and running serverless WebAssembly applications reaches version 3.0. What's new?


More News

espbook

 

Comments




or email your comment to: comments@i-programmer.info

Last Updated ( Monday, 07 September 2020 )