Amazon recently announced that Bottlerocket, their Linux based-OS designed for running containers on virtual machines and bare metal, is open for preview by the public.
Bottlerocket was designed with specific tenets in mind:
- Simple – The OS can reduce the automation OS updates down to just one step instead of package-by-package. This lowers the chance of update failures and making the rollback of updates easy. Bottlerocket makes use of two partitions that are exactly the same. During an update, the inactive partition gets it first, then the active and inactive sets swap on the partition table. In the event of boot failure, the update is automatically rolled back.
- Small – Another feature of Bottlerocket is that it is stripped down: it contains only the set of components needed for development and runtime.
- Secure – To improve security, Bottlerocket has neither an SSH server nor a shell in its base image. To obtain a shell, one must first use a special control container to initiate an admin container, which can then run a root shell. Regardless, the system won’t allow changes to persist beyond a restart. Bottlerocket also largely uses Rust, known as a reliable and efficient software, reduces its memory issues and promotes the use of safety-conscious design.
- Open – Bottlerocket is open, meaning it’s neither a Kubernetes nor Amazon distro. While Bottlerocket focuses on AWS and EKS, it is not designed to be limited to just these services.
You may download Bottlerocket now for free at Github, along with build tools and added information, as well as an update operator for Kubernetes.