AWS Bottlerocket Now Generally Available
Written by Kay Ewbank   
Monday, 07 September 2020

Amazon Bottlerocket, an open source Linux-based operating system that is purpose-built to run containers on both virtual machines and bare metal hosts, is now generally available.

Bottlerocket is a minimal Linux distribution that is aimed at the same market as Google’s container-optimized operating system. Amazon says Bottlerocket was developed based on how Amazon's customers use Amazon Linux to run containers and from running services such as AWS Fargate. Fargate is a compute engine for Amazon ECS and EKS that allows you to run containers without having to manage servers or clusters. Samartha Chandrashekar, Product Manager at AWS, said:

"At every step of the design process, we optimized Bottlerocket for security, speed, and ease of maintenance."

bottlerocket

Bottlerocket's security focus starts with the fact it includes only the software needed to run containers, so reduces the security attack surface. It uses Security-Enhanced Linux (SELinux) in enforcing mode to increase the isolation between containers and the host operating system, and also makes use of standard Linux kernel technologies to implement isolation between containerized workloads—such as control groups (cgroups), namespaces, and seccomp. Bottlerocket uses Device-mapper’s verity target (dm-verity), a Linux kernel feature that provides integrity checking to help prevent attackers from persisting threats on the OS, such as overwriting core system software.

Bottlerocket has been and will continue to be developed as an open source project on GitHub with a public roadmap. Amazon says Bottlerocket comes with a single-step update mechanism. Most containers are run on general-purpose operating systems where updates are applied on a package-by-package basis, making it difficult to automate updating. Bottlerocket has been designed so updates can be applied and rolled back in a single step so they're easy to automate, and the update process is based on an open-source project hosted by the Cloud Native Computing Foundation.

Because Bottlerocket is an open source project, users will be able to customize it with integration with the custom orchestrators, kernels, or container runtimes used to run their infrastructure. All the design documents, code, build tools, tests, and documentation for Bottlerocket will be hosted on GitHub. Bottlerocket includes standard open source components, such as the Linux kernel and container runtime. 

Bottlerocket is available as an Amazon Machine Image for EC2 as a preview, and is generally available with Amazon EKS.

 

bottlerocket

More Information

BottleRocket On GitHub

BottleRocket On AWS

Related Articles

Amazon Announces Bottlerocket

Kubernetes for Full-Stack Developers

Google Promotes ChromeOS at Google I/O

Docker Comes To Pi - It's Official

 

 

To be informed about new articles on I Programmer, sign up for our weekly newsletter, subscribe to the RSS feed and follow us on Twitter, Facebook or Linkedin.

Banner


IBM Updates Granite Models
28/10/2024

IBM has released new Granite models that it says provide state-of-the-art performance relative to model size. The Granite 3.0 collection includes a new, instruction-tuned, dense decoder-only LLM.



Postgres And Kubernetes Together In Harmony
17/10/2024

Yes, they can coexist thanks to CloudNativePG, the PostgreSQL Operator for Kubernetes. Furthermore, if you want to try before you buy you can, thanks to the new learning environment, CNPG Playground.

 [ ... ]


More News

espbook

 

Comments




or email your comment to: comments@i-programmer.info

Last Updated ( Monday, 07 September 2020 )