AWS introduces Bottlerocket OS for Containers

AWS introduces Bottlerocket OS for Containers

AWS has launched a new Operating System for containers called Bottlerocket.

The newly introduced Container OS is Linux based and open-source operating system. The OS is designed and optimized for container hosts used for deploying containers.

As of now Bottlerocket only supports container images conforming to Open Container Initiative (OCI) image format as well as Docker images.

As of now, the Bottlerocket OS is only made available as a public preview.

Executive Opinion

Chief Evangelist, AWS, Jeff Barr, said in a blog post,  "Instead of a package update system, Bottlerocket uses a simple, image-based model that allows for a rapid & complete rollback if necessary. This removes opportunities for conflicts and breakage, and makes it easier for you to apply fleet-wide updates with confidence using orchestrators such as EKS."

Chief Technology Officer and Founder of Sysdig, Loris Degioanni, said, "Sysdig’s mission to help customers securely run container workloads in production is well aligned with the key benefits Bottlerocket provides, namely, improved security, better uptime, and the ability to automate OS updates. We are pleased to be one of the first to validate our platform with Bottlerocket and to bring Sysdig’s security, monitoring and compliance capabilities deeper into AWS Cloud."

Security at Bottlerocket OS

A separate admin container is made available to allow SSH access to the container host. But the announcement noted that the SSH access to Bottlerocket OS at the host is not recommended.

Mostly Bottlerocket OS is written in Rust. The Rust lang addresses some classes of memory security bugs and promotes design patterns for security.

With read-only filesystem, Bottlerocket OS checks its integrity at boot time with the help of dm-verity.  SELinux is used to protect the system from security threats.

As of now, AWS is targetting Bottlerocket as a host OS in AWS EKS Kubernetes clusters.

The open-source OS is available at


Note: We at TechSutram take our ethics very seriously. More information about it can be found here.
Mandar Pise Opinions expressed by techsutram contributors are their own. More details

Mandar is a seasoned software professional for more than a decade. He is Cloud, AI, IoT, Blockchain and Fintech enthusiast. He writes to benefit others from his experiences. His overall goal is to help people learn about the Cloud, AI, IoT, Blockchain and Fintech and the effects they will have economically and socially in the future.

No comments:

Post a Comment

    Your valuable comments are welcome. (Moderated)