How to use AWS Bottlerocket

data codes through eyeglasses
Reading Time: 2 minutes
GitHub - bottlerocket-os/bottlerocket: An operating system designed for  hosting containers

AWS Bottlerocket is an open source, Linux-based OS. It is built specifically to run containers. It reduces the operational cost by automating updates to your container infrastructure.

How is Bottlerocket different from other OS AMI’s?

Bottlerocket includes only the essential software to run containers. This helps in the following:

  • it Improves the resource usage
  • Reduces security attack surface
  • Reduces management overhead

It also integrates with container orchestrators (such as Amazon EKS and Amazon ECS) to further reduce management and operational overhead while updating container hosts in a cluster.

Now what makes it different from other OS amis is the following features:

  • Bottlerocket does not have a package manager. Only containers can run the softwares. Updates to Bottlerocket are applied and can be rolled back in a single atomic step, which reduces update errors.
  • The primary mechanism to manage Bottlerocket hosts is with a container orchestrator like Amazon EKS. Unlike Amazon Linux, logging into individual Bottlerocket instances is intended to be an infrequent operation for advanced debugging and troubleshooting.

Components of Bottlerocket

  • Bottlerocket has a minimal operating system that includes the Linux kernel (5.4), system software
  • It includes containerd as the container runtime.
  • Bottlerocket has Atomic update mechanism to apply and rollback OS updates in a single step.
  • It provides integrations with container orchestrators such as Amazon EKS to manage and orchestrate updates.
  • It has an Admin container that can be run for advanced troubleshooting and debugging.

As mentioned earlier, Bottlerocket works with a container orchestrator, but we can also run Bottlerocket as a standalone OS.

Compute platforms and EC2 instance types for Bottlerocket

Bottlerocket builds from AWS are supported on an HVM and EC2 Bare Metal instance families with the exception of the P, G, F, and INF instance types. Bottlerocket needs at least 1vCPU and 512MB of RAM.

When not to use Bottlerocket?

Bottlerocket does not allow users to ssh into their severs, therefore if your use case involves ssh-ing into the server don’t go for bottlerocket. If your operational workflows to run containers involves installing software on the host OS with any package manager, or run third-party ISV software that is not containerized (e.g., agents for logging and monitoring), Amazon Linux 2 may be a better fit. Bottlerocket is optimized to run and manage large containerized deployments and does not easily allow many of these activities.

Thank you readers for sticking up till the end. I hope you got the information you were looking for. To setup Bottlerocket, follow this blog. If you have any questions, feel free to post them to my mail:


Written by 

Vidushi Bansal is a Software Consultant [Devops] at Knoldus Inc. She is passionate about learning and exploring new technologies.