Bottlerocket is a Linux-based operating system designed specifically for hosting containers. It is free, open-source software that is developed on GitHub. One of the unique aspects of Bottlerocket is its minimal approach, which means unnecessary software is excluded to reduce operational and security overhead. Bottlerocket also offers different variants that are tailor-made for specific requirements, ensuring compatibility with different orchestrators, platforms, and architectures. Updates are delivered via images and can be applied atomically at reboot. Bottlerocket prioritizes security by using compiled languages like Rust and Golang, having an immutable root filesystem, and enforcing a restrictive SELinux policy. Overall, Bottlerocket provides multiple layers of protection against unintended changes to the system.
https://bottlerocket.dev