Introduced recently, Bottlerocket is a new Linux-based operating system built by Amazon Web Services (AWS) that is specifically catered to running containers on virtual machines or bare metal hosts. It has a number of features that can help ease the automation of OS updates, improve security, and help with the integration and deployment of containers.
First, unlike most operating systems today that update on a package-by-package basis, updates to Bottlerocket are applied in a single step. Also, the OS uses an image-based model. This ensures that updates can also be rolled back in their entirety, if necessary. This results in increased uptime for container applications, seamless fleet-wide updates, and lower error rates.
Second, Bottlerocket uses a file system that is primarily read-only. Moreover, DM-verity is used for integrity checking at boot time. Also, SSH access does not come out of the box and its usage is discouraged. But it is available as part of a separate admin container that can be enabled when needed for troubleshooting and debugging.
Third, Bottlerocket has the essential tools needed to help integration with existing container orchestrators. It supports Docker image and images that conform to the Open Container Initiative (OCI) image format. Moreover, the development project for Bottlerocket is open source. This means that developers can contribute to the project directly to create custom builds or have their additions merged with the official project.
Once General Availability is announced, AWS-provided builds of Bottlerocket will come with three years of support. This support will be packaged with AWS support plans at no incremental cost.
Currently, Bottlerocket is available in public preview for free as an Amazon Machine Image (AMI) for Amazon Elastic Cloud Compute (EC2). If you are interested, you may check out the GitHub repository for the setup guide and further details.