Bottlerocket: an operating system designed to host containers


Amazon Web Services presented last Tuesday an open source operating system called "Bottlerocket", Especially designed to run containers on virtual machines or physical servers, according to an announcement posted on the AWS blog.

The system has a one-step process to support automatic updates. Bottlerocket is based on a Linux distribution is similar to projects like CoreOS's Linux Container project, which has since disappeared and the operating system optimized for Google containers. The free operating system is currently in developer preview, according to the AWS blog post.

For the time being, the Bottlerocket team focuses on using the system as the host operating system on AWS EKS Kubernetes clusters.

"We look forward to receiving feedback and continuing to work on other use cases!" The team wrote in their post on GitHub.

According to the post, Bottlerocket is designed so that different cloud computing environments and container orchestrators will be supported in the future.

The team calls a version of Bottlerocket that supports different integration functions or features as a "variant". The artifacts of a building include the architecture and the name of the "variant."

As Jeff Barr, head of AWS, points out in his blog post, Bottlerocket supports Docker images and images that conform to the Open Container Initiative image format, which means that it will work all the Linux-based containers that you can start for it.

According to Barr, one of the distinctive features of Bottlerocket is that it eliminates the package update system.

By contrast, uses an image-based modelIt's that "it allows a quick and full rollback if needed," as Barr says, helping to reduce downtime and minimize process failures by making upgrades easier.

This is in contrast to most general purpose operating systems that use a packet-by-packet approach. At the heart of this update process is "The Update Framework", an open source project hosted by the Cloud Native Computing Foundation.

As part of the slim design, Bottlerock takes a secure connection and authentication approach different than typically found in general-purpose systems, according to Barr.

There is no SSH server that supports secure connections, although users can use a separate container to access administrative controls.

"SSH access is not recommended and is only available as part of a separate management container that you can activate as needed and then use for troubleshooting," Barr wrote in his announcement.

According to the post on GitHub, Bottlerocket has a 'control' container, enabled by default, which works outside of the orchestrator in a separate instance of "containerd".

"This container runs the Amazon SSM agent that allows you to run commands or initiate shell sessions, on Bottlerocket instances on EC2," according to the announcement. The post also states that you can easily replace this "control" container with your own.

The operating system also has an administrative container, disabled by default, which works outside the orchestrator in a separate instance of "containerd". "This container has an SSH server that allows you to login as an EC2 user using your SSH key registered in EC2. Once again, the announcement on GitHub indicates that you can easily replace this management container with your own.

Bottlerocket focuses on safety and maintainability, providing a reliable, consistent, and secure platform for container-based workloads, according to the post on GitHub.

AWS retains some notable features of your operating system dedicated to hosting containers: access to the API to configure your system, with secure out-of-band access methods when you need them, updates based on partition changes, for fast and reliable system updates, a modeled configuration that updates and security they automatically migrate as top priority.

AWS declares that it will provide three years of support (after general availability) for your own Bottlerocket builds.


The content of the article adheres to our principles of editorial ethics. To report an error click here!.

Be the first to comment

Leave a Comment

Your email address will not be published. Required fields are marked with *



  1. Responsible for the data: AB Internet Networks 2008 SL
  2. Purpose of the data: Control SPAM, comment management.
  3. Legitimation: Your consent
  4. Communication of the data: The data will not be communicated to third parties except by legal obligation.
  5. Data storage: Database hosted by Occentus Networks (EU)
  6. Rights: At any time you can limit, recover and delete your information.