Amazon has launched its own Linux-based open source operating system, Bottlerocket.
Before you get too excited and try to install and run it, I must tell you that it’s not your regular Linux distribution like Ubuntu, Fedora or Debian. What is it then?
Bottlerocket: Linux distribution from Amazon for running containers
If you are not aware of containers in Linux, I recommend reading this article from Red Hat.
A lot has changed in the IT industry since the term cloud computing was first coined. It takes few seconds to deploy a Linux server (usually running in a VM) thanks to cloud server providers like Amazon AWS, Google, Linode, Digital Ocean etc. On top of that, you can deploy applications and services on these servers in form of containers thanks to tools like Docker and Kubernetes.
The thing is that when your sole purpose is to run containers on a Linux system, a full-fledged Linux distribution is not always required. This is why there are container specific Linux that provide only the necessary packages. This reduces the size of the operating system drastically which further reduces the deployment time.
Bottlerocket Linux is purpose-built by Amazon Web Services for running containers on virtual machines or bare metal hosts. It supports docker images and other images that follow the OCI image format.
Features of Bottlerocket Linux
Here’s what this new Linux distribution from Amazon offers:
No package-by-package updates
The traditional Linux distribution update procedure is composed of updating individual packages. Bottlerocket uses image-based updates instead.
Thanks to this approach, conflicts and breakage are avoided with the possibility of a rapid and complete rollback (if necessary).
Read-only file system
Bottlerocket also uses a primarily read-only file system. Its integrity is checked at boot time via dm-verity. For additional security measures, SSH access is also discouraged and is only available through the admin container (additional mechanism).
AWS already rules the cloud world and with it
Automated updates
You can automate updates to Bottlerocket by using an orchestration service like Amazon EKS.
Amazon also claims that including only the essential software to run containers reduces the attack surface compared to general purpose Linux distributions.
Getting Started with Bottlerocket
You can find Bottlerocket repositories on GitHub and also the public roadmap. As of now, it’s only available for AWS EKS Kubernetes clusters and Amazon ECS clusters as a host OS. Simply, utilize AWS-provided Bottlerocket AMIs with Amazon EKS or ECS.
You will have to build your own images using the instructions in their GitHub page, if you’re wondering.
In addition to all that, you should also check out the announcement post for Bottlerocket’s general availability and their GitHub page for all the necessary instructions.
What do you think?
Amazon is not the first to create a ‘container specific Linux’. I think CoreOS was among the first such distributions. CoreOS was acquired by Red Hat which itself was sold to IBM. Red Hat recently discontinued CoreOS and replaced it with Fedora CoreOS.
Cloud server is a big industry that will continue to grow bigger. A giant like Amazon will do everything to stay at par or ahead with its competitors. In my opinion, Bottlerocket is an answer to (now) IBM’s Fedora CoreOS.
What are your views on it? What does Amazon gain with Bottlerocket? If you used something like CoreOS before, will you switch to Bottlerocket?