BottleRocket Only Runs Containers
BottleRocket is highly focused on just being a platform for running Docker containers, similarly to lightweight hypervisors like Hyper-V, VMWare, or Proxmox. Except instead of running other operating systems, BottleRocket runs Docker containers.
Besides being lightweight, BottleRocket is designed to be very secure. Security is a big focus, especially considering containers aren’t running on separate operating systems and are instead separated using Linux namespaces and other containerization techniques.
Updates to BottleRocket are deployed in a single step, as one big update. This makes updates a lot easier compared to general purpose distributions like AWS Linux and Ubuntu, which usually update package by package. OS updates can also be rolled back in the same way, in the event that something breaks. It also offers Kernel Live Patching by default, which allows for continuous updates to low-level code without stopping the server and the containers running on it.
BottleRocket Is Open Source
BottleRocket is entirely open source, released under Apache 2.0 and MIT licenses, leaving customers free to modify it to support their own orchestration technologies or third-party code. Considering AWS’s recent efforts into expanding their hybrid cloud offerings, the open source approach makes sense.