Bottlerocket is a Linux distribution built specifically for cloud use, and tailored even more for Amazon EKS. View in browser »
The New Stack Update

ISSUE 233: AWS Bottlerocket Blasts Off

Talk Talk Talk

“We are mere mortals. We made mistakes. So we language designers want to fix the mistakes in the past.”

Yukihiro Matsumoto, the creator and chief designer of the Ruby programming language, on updating a programming language.
Add It Up
Adoption Plans: VMware Tanzu Won't Surge Unless Uncertainty is Addressed at VMworld

The early 2010s saw enterprise workloads become virtualized, with many eventually running in so-called private clouds based on software such as VMware vSphere and OpenStack. Enterprises accelerated their adoption of public clouds as the decade progressed, but well more than half of the organizations The New Stack contacted this summer still require at least some of their cloud services to be provided on-premises.

At this latest cloud crossroads, 59% of IT professionals are running workloads in an off-premises private cloud according to previously unreported data from the “Faction 2020 VMware Cloud on AWS Market Survey.” Faction is a managed service provider for VMware Cloud on AWS. Our assumption is that most — if not all — of the survey’s sample were VMware users, because the VMware User Group accounted for 83% of the 1,054 respondents, with the remainder solicited from Faction’s database.

The report presents VMware Cloud on AWS as a growing market. Rapid increases in the number of hosts deployed with VMware Cloud on AWS show that money is being made, but grumbling among channel partners also indicates that there is not enough room for a diverse range of competitors. There is an argument to be made that its best days are already behind it, because the off-premises private cloud is really a stop-gap measure that allows companies to migrate workloads without modernizing them.

While private off-premises clouds are common, only 7% of respondents run VMware Cloud on AWS, which means that at least half of all VMware users are running an off-premises private cloud with an alternative approach, like Amazon VPC. A comparison with last year’s report is not encouraging. Not only did that 7% figure remain essentially unchanged, but the pool of potential customers shrunk. In 2019, 55% of respondents with an off-premises private cloud were either using or considering the VMware on AWS offering, but that dropped to 45%, at least partly because of an uptick in people that had evaluated and rejected the option.

What's Happening

Many projects are initiated to solve a problem that an organization or a user is experiencing. Thanks to the magic of open source, the community can serve to help solve the problem and, ideally, offer solutions better than the creators had originally hoped for. The maintainers’ main mission is largely about helping to make sure the software platform or tool continues to improve, and to ensure the contributions are properly maintained and managed.

In this edition of The New Stack Makers podcast, guests from Red Hat and VMware discuss how an open source project develops, changes and becomes sustainable. The guests are: Annette Clewett, principal architect, Red Hat; Michael Michael, director of products, VMware; Rob Szumski, senior manager, product management, OpenShift at Red Hat; and Travis Nielsen, senior principal software engineer, Red Hat. The New Stack founder and publisher Alex Williams hosted this conversation.

Open Source Project Momentum: What it Takes

AWS Bottlerocket Blasts Off

A few months back, we invited onto the TNS Context podcast AWS’ Deepak Singh and Peder Ulander to discuss the company’s recently released Bottlerocket Linux distribution. Bottlerocket is a Linux distribution built specifically for cloud use, and tailored even more for EKS. It differs from older Linux distributions, such as Red Hat Enterprise Linux, in that it factors in the operational model of how many of AWS’ customers used Linux to manage fleets of containers, Singh said.

There are many advantages to using Bottlerocket in your AWS operations. As AWS’ Matt Asay explains in a contributed post this week: “Bottlerock improves uptime by making it possible for you to automatically update thousands of instances hosting your containers with minimal disruptions to your applications. Unlike package-by-package updates in general-purpose operating systems, Bottlerocket applies updates in a single step and can be rolled back if failures occur. Bottlerocket also improves manageability by enabling you to service the OS using orchestrators, such as Kubernetes, and run your applications in containers without introducing the complexity of package managers. Additionally, Bottlerocket improves resource usage, boot times and the overall security profile, by excluding unneeded components to run containers.”

It brings many benefits in the realm of security as well. One feature is something called a “Device-mapper’s verity target” (dm-verity), which provides integrity checking to help prevent attackers from persisting threats on the OS. It also discourages administrators from logging into containers through SSH — a security hazard. In addition, it uses Security-Enhanced Linux (SE Linux) to isolate containers from each other. 

This week, Bottlerocket moved into general availability. For those looking to try out cloud-based container operations, take a look at AWS Bottlerocket. You may like what you find

WordPress Co-Founder Matt Mullenweg Is Not a Fan of JAMstack

Matt Mullenweg, founding developer of WordPress and CEO of Automattic, thinks the currently trendy JAMstack approach to website management — which decouples the frontend from the backend, and doesn’t require web servers — is a backward step for the web. “JAMstack is a regression for the vast majority of the people adopting it,” Mullenweg told us over email. “The usability and functionality is actually lower. Even rebuilding sites in JAMstack harkens back to the Movable Type days, where the bigger your site gets the slower it is to rebuild or update templates.”

Linux cgroups v2 Brings Rootless Containers, Superior Memory Management

Rootless containers have become a very popular means to prevent runtime vulnerabilities in containers. Why rootless containers? With this added security layer, if a container is compromised, the attacker won’t be able to gain root privileges on the host. Rootless containers also allow isolation between nested containers. The problem to date has been that the Linux kernel’s Control Groups (cgroups), integrated into the Linux kernel, did not support imposing resource limitations on rootless containers. Now, Google has given the kernel cgroups v2, which offers that capability to support rootless containers, and numerous other benefits as well.  

OAM, the Kubernetes Application Model Bridging Development and Deployment

Why does Kubernetes need a unified application model? It would be the final piece needed to run a seamless deployment model, one connecting the developer to production, asserted Phil Prasek, a principal product manager at cloud services provider Upbound, in a breakout session at the KubeCon + CloudNativeCon Europe. With a solid application model in place, a developer could finally build a cloud native application on a laptop, and have it work seamlessly — with no modifications — in a production environment. The Open Application Model (OAM), from Microsoft and Alibaba, is one such model.

Party On

Rancher CTO Darren Shepherd, trying to answer our odd questions in this week's TNS Context podcast.

On The Road
DevOps World 2020 // SEPT. 22-24 // VIRTUAL

SEPT. 22-24 // VIRTUAL

DevOps World 2020

DevOps is more important than ever. And that’s not going to change. Now’s the time to see what the future holds in software delivery at DevOps World. And, it’s free! Join us at DevOps World brought to you by the fine team at CloudBees. Register now!

The New Stack Makers podcast is available on: — Pocket CastsStitcher — Apple PodcastsOvercastSpotifyTuneIn

Technologists building and managing new stack architectures join us for short conversations at conferences out on the tech conference circuit. These are the people defining how applications are developed and managed at scale.
Pre-register to get the new second edition of the Kubernetes ebook!

A lot has changed since we published the original Kubernetes Ecosystem ebook in 2017. Kubernetes has become the de facto standard platform for container orchestration and market adoption is strong. We now see Kubernetes as the operating system for the cloud — evolving into a universal control plane for compute, networking and storage that spans public, private and hybrid clouds. In this ebook you’ll learn:

  • Kubernetes architecture.
  • Options for running Kubernetes across a host of environments.
  • Key open source projects in the Kubernetes ecosystem.
  • Adoption patterns of cloud native infrastructure and tools.
Download Ebook
We are grateful for the support of our ebook sponsors:

Copyright © 2020 The New Stack, All rights reserved.

Want to change how you receive these emails?
You can update your preferences or unsubscribe from this list

Email Marketing Powered by Mailchimp