AWS has released a new open source, Linux-based open source operating system (OS) designed specifically for running containers in the cloud.
(Containers are units of software that package up code and its dependencies so applications can run across most computing environments).
The cloud heavyweight, which claims that 80 percent of all cloud-based containers are running on AWS, already offers its Amazon Linux OS, but this is restricted to running solely in AWS. (It competes with Ubuntu, Windows, and others).
The new OS, dubbed “Bottlerocket”, has been designed firmly with those running containers in mind however. Written mostly in Rust, it can be used for running containers on virtual machines or bare metal hosts.
It integrates with existing container orchestrators, e.g. Kubernetes, and supports images that conform to the Open Container Initiative (OCI) image format. Bottlerocket is being released under a dual (take your pick) Apache 2.0 or MIT licence.
Bottlerocket’s GitHub Repo is Open for Business
AWS said Bottlerocket, which is in developer preview, is “built with standard open-source components… Bottlerocket-specific additions focus on reliable updates and on the API. Instead of making configuration changes manually, you can change settings with an API call, and these changes are automatically migrated through updates.”
The company’s Jeff Barr added in a short blog: “Instead of a package update system, Bottlerocket uses a simple, image-based model that allows for a rapid & complete rollback if necessary. This removes opportunities for conflicts and breakage, and makes it easier for you to apply fleet-wide updates…using orchestrators such as EKS.”
Things like Talos and now #bottlerocket are really interesting to me, love that they're shaking things up. I'm hoping this motivates Canonical to actually finish Ubuntu Core as a server OS. Google, you've had a container OS for years, push it all the github pls.
— Jorge Castro (@castrojo) March 11, 2020
Sacha Labourey, the CEO of CloudBees (a provider of continuous delivery software services) told Computer Business Review: “Cloud providers essentially don’t really need OS vendors anymore: they have the critical mass to be a vendor themselves and they get to optimise the kernel to their specific hardware/VM target rather than try to certify an entire ecosystem. So, their job is actually easier and the output likely more optimised.
He added: “You could argue that for a long time Red Hat has been an anomaly i.e. an independent OS vendor that was keeping the market balanced (“nobody moves, nobody gets hurt”). Now that Red Hat has been acquired by IBM, this is somewhat tainting them. (‘Somewhat’ as IBM is not really impacting the cloud war).
So, @aws has released a new #opensource project: #bottlerocket! A Linux-based operating system for running containers on virtual machines or bare metal hosts. Mostly @rustlang code. And here are some @chaoss project metrics about the project obtained with @cauldronio pic.twitter.com/MBr0cMzo1j
— Manrique (@jsmanrique) March 10, 2020
Labourey added: “The problem with “Amazon Linux” was the “Amazon” part. It was a good strategy for AWS itself, but it was limiting the scope to just AWS, which means it was of limited interest to ISVs. If other cloud vendors were to join the effort, and only on that condition, then it could be a real shift on the market. Companies such as CloudBees would indeed be interested to leverage a unified OS foundation for all three clouds if that was to crystalise. As in any ecosystem-war, critical mass is the only factor.
AWS’s Barr noted: “Container-based environments lend themselves to easy scale-out, and customers can run host environments that encompass hundreds or thousands of instances. At this scale, several challenges arise with the host operating system.
“For example: Security – Installing extra packages simply to satisfy dependencies can increase the attack surface; Updates – Traditional package-based update systems and mechanisms are complex and error prone, and can have issues with dependencies; Overhead – Extra, unnecessary packages consume disk space and compute cycles, and also increase startup time; Drift – Inconsistent packages and configurations can damage the integrity of a cluster over time.”
Bottlerocket uses a file system that is primarily read-only. It is integrity-checked at boot time via dm-verity
, he noted. “SSH access is discouraged, and is available only as part of a separate admin container that you can enable on an as-needed basis.”
The curious can follow the steps here QUICKSTART to set up an EKS cluster, or wade into the GitHub repo. Red Hat and Ubuntu will be among those no-doubt watching with close interest to see how it takes off. As Computer Business Review writes, a day after the preview launched, Bottlerocket had 14 contibutors, who had made 1,778 commits.