AWS Makes Bottlerocket AMI Generally Available. What Does It Mean?

Bottlerocket has universally optimised running of containerised applications.

Amazon Web Services has recently announced the general availability of the Amazon ECS optimised Bottlerocket Amazon Machine Image (AMI) on all commercial AWS platforms. Bottlerocket is an open-source OS based on Linux, which is purpose-built to run containers. Bottlerocket includes only the software needed to run a container. It comes with a single step update mechanism that enables user to improve security posture and reduce maintenance required for Amazon ECS clusters. With the new release, users can also automate OS updates for Bottlerocket, improve application availability, and reduce disruptions.

Last year, Amazon had announced the general availability of Bottlerocket purpose-built to run containers. 

Bottlerocket software

Bottlerocket’s root filesystem is read-only and is backed by dm-verity. It comes with Security-Enhanced Linux (SELinux) policies for additional isolation. Users can use AWS CloudFormation template, Bottlerocket ECS Updater for automatic rolling of OS updates for Amazon EC2 instances running Bottlerocket in users’ clusters.

THE BELAMY

Sign up for your weekly dose of what's up in emerging technology.
Credit: Amazon

Bottlerocket’s main components include:

  • An admin container for advanced troubleshooting and debugging
  • Managing and orchestrating updates by integrations with container orchestrators such as the Amazon EKS platform.
  • A single step atomic update mechanism to apply and roll back OS updates.
  • Minimal operating system that includes Linux Kernel and systems software containerised as a container routine 

The prerequisites for using Bottlerocket are– an AWS CLI with appropriate credentials; default VPC in a region of choice( user can use the VPC of your account); a key pair in user’s account to ensure remote access.

Following are the advantages of using Bottlerocket:

  • Improved security: It helps in enhancing safety and reducing moisture overhead from a user’s Amazon ECS clusters. All root files are marked as read-only and cannot be directly modified by userspace processes. The platform checks the integrity of exchanged containers by using a cryptographic digest. It uses dm-verity for its root filesystem image. Any anomaly or corruption can restart the whole process. Modifications are, however, made through APIs.
  • Simplified operational tasks/automated operating system updates: Updates in the platform are applied and rolled back in an atomic manner. AWS claims the process is as simple as updating your phone. This is achieved by two mechanisms in the updation process–two partition sets that use an active/passive flip to swap OS images and a declarative API with modelled settings for runtime configuration.
  • The software only includes the primary software required to run containers. This approach helps the consumers significantly reduce the attack surface and impact of vulnerabilities. 
  • The software is open-sourced and universally available, making it subject to universal development, thus enabling customers, partners, and all interested parties to suggest code changes in its design and dataset.
  • The platform is also entirely supported by Amazon Web Services, which provides excellent support to its users like Amazon EC2, Amazon EKR, Amazon EKS, etc. It ensures that its users have the help they require at an arm’s length. 

Wrapping up

While Bottlerocket is not the first operating system touted to most efficiently run containers, experts believe that it is going to see rapid growth. 

Bottlerocket’s competitors include Red Hat owned CoreOS, Talos, and RancherOS. What makes it a cut above the rest is its tight integration with the native services in AWS, one of the leading public cloud providers, apart from its upgrading and security offerings. Bottlerocket can hook on to native AWS managed container services–EKS and ECS.

More Great AIM Stories

Meenal Sharma
I am a journalism undergrad who loves playing basketball and writing about finance and technology. I believe in the power of words.

Our Upcoming Events

Conference, in-person (Bangalore)
Machine Learning Developers Summit (MLDS) 2023
19-20th Jan, 2023

Conference, in-person (Bangalore)
Rising 2023 | Women in Tech Conference
16-17th Mar, 2023

Conference, in-person (Bangalore)
Data Engineering Summit (DES) 2023
27-28th Apr, 2023

Conference, in-person (Bangalore)
MachineCon 2023
23rd Jun, 2023

Conference, in-person (Bangalore)
Cypher 2023
20-22nd Sep, 2023

3 Ways to Join our Community

Whatsapp group

Discover special offers, top stories, upcoming events, and more.

Discord Server

Stay Connected with a larger ecosystem of data science and ML Professionals

Subscribe to our newsletter

Get the latest updates from AIM