SYSTEM Cited by 1 source

Bottlerocket

Bottlerocket is AWS's open-source, container-optimised Linux distribution — a minimal OS (no shell by default, no package manager, written largely in Rust) purpose-built to host containers on EC2. Immutable root filesystem, transactional image-based updates (A/B partition scheme with atomic rollback), and a control API for configuration instead of /etc file editing. Stub page — expand on future Bottlerocket-internals sources.

Why it matters here

Bottlerocket is the default AMI under EKS Auto Mode. The tight coupling between the distro's properties and the Auto Mode contract matters:

• Immutable root + A/B updates — Auto Mode's weekly node- replacement cadence is cheap precisely because the OS is designed for rolling replacement, not in-place patching. Auto Mode terminates and replaces nodes; Bottlerocket's design is optimised for that cadence.
• Minimal attack surface — no shell by default, no package manager, API-driven config — a customer can't SSH in and mutate state in a way that makes the next OS upgrade a surprise.
• Security posture alignment — small attack surface pairs with GuardDuty's runtime monitoring and Inspector's vuln scanning.

Seen in

• sources/2026-03-23-aws-generali-malaysia-eks-auto-mode — named as the operating system under EKS Auto Mode's managed node lifecycle: "patching of the underlying operating system (Bottlerocket)."

Related

• systems/aws-eks, systems/eks-auto-mode
• systems/kubernetes