AWS Previews Streamlined Container OS
Amazon has just released the preview version of its new container optimized OS. Code-named Bottlerocket, this new OS is a stripped-down version of Linux that is specifically designed to host containers. Amazon states that the new OS is “purpose-built to run containers” and it includes only the essential software required to run containers.
Bottlerocket uses a minimal OS that includes the Linux kernel 5.4, system software, and contained as the container runtime. The software can only be run from a container. This slimmed-down OS improves resource usage and reduces the attack surface. Bottlerocket includes an Admin container that can be used to perform advanced troubleshooting and debugging.
Instead of a package update system, Bottlerocket uses a new image-based update model that allows for simple rapid updating as well as rollback. This new update system enables organizations to use container orchestrators to manage updates with minimal disruptions. Updates to general-purpose OSes are typically applied on a package-by-package basis which requires multiple steps. These multiple complex dependencies in the different packages can result in update errors. Plus, they make the OS update process more difficult to successfully automate. With Bottlerocket, updates are applied and rolled back in a single step which reduces errors and makes them easier to automate.
Bottlerocket was developed as an open-source project on GitHub. You can get started with Bottlerocket by launching Amazon EC2 instances with the Bottlerocket Amazon Machine Image (AMI) and joining them to an Amazon Elastic Kubernetes Service (EKS) cluster. The public preview is available at no cost. AWS-provided builds of Bottlerocket will come with three years of support after General Availability is announced later in 2020. Currently, Bottlerocket is supported for use with Amazon EKS. Amazon ECS will be supported in the future.
Say Goodbye to Traditional PC Lifecycle Management
Traditional IT tools, including Microsoft SCCM, Ghost Solution Suite, and KACE, often require considerable custom configurations by T3 technicians (an expensive and often elusive IT resource) to enable management of a hybrid onsite + remote workforce. In many cases, even with the best resources, organizations are finding that these on-premise tools simply cannot support remote endpoints consistently and reliably due to infrastructure limitations.