Amazon Web Services (AWS) announced the General Availability of Bottlerocket, a new open source Linux-based Operating System (OS) purpose-built to run containers. Bottlerocket includes only the software needed to run containers and comes with a transactional update mechanism. These properties enable customers to use container orchestrators to manage OS updates with minimal disruptions, enabling improved security and lower operational costs for containerized applications. AWS-provided Bottlerocket images are available for Amazon EKS (GA) and Amazon ECS (Preview).
Most containers today run on general-purpose operating systems that are built to support applications packaged in a variety of formats. Such operating systems include hundreds of packages and need frequent security and maintenance updates even though only a few of the packages are used for running a containerized application. Bottlerocket focuses on security and reduces exposure to attacks by including only the essential software to host containers. Updates to Bottlerocket are applied and rolled back in an atomic manner to further simplify update management.
AWS-provided builds of Bottlerocket are covered under AWS Support plans. Bottlerocket’s first major release receives security updates and bug fixes for three years. Additionally, many AWS partners provide support for their applications on Bottlerocket, giving customers confidence to run popular partner applications. You can get started using Bottlerocket on Amazon EKS, Amazon ECS or Amazon EC2 in all commercial regions