Earlier this year, Linus Torvalds approved of adding drivers and other components in Rust to Linux. Last week, at the virtual Linux Plumbers Conference, developers gave serious thought to using the Rust language for new Linux inline code. And, now Amazon Web Services (AWS) has announced that its just-released Bottlerocket Linux for containers is largely written in Rust.
Mozilla may have cut back on Rust's funding, but with Linux embracing Rust, after almost 30-years of nothing but C, Rust's future is assured.
Rust was chosen because it lends itself more easily to writing secure software. Samartha Chandrashekar, an AWS Product Manager, said it "helps ensure thread safety and prevent memory-related errors, such as buffer overflows that can lead to security vulnerabilities." Many other developers agree with Chandrashekar.
Bottlerocket also improved its security by using Device-mapper's verity target. This is a Linux kernel feature that provides integrity checking to help prevent attackers from overwriting core system software or other rootkit type attacks. It also includes the extended Berkeley Packet Filter (eBPF), In Linux, eBPF is used for safe and efficient kernel function monitoring.
This new Linux discourages administrative connections to production servers. The admin container runs Amazon Linux 2. It contains utilities for troubleshooting and debugging Bottlerocket and runs with elevated privileges. The goal is to make logging into an individual production Bottlerocket instance largely unnecessary except for advanced debugging and troubleshooting.
To make sure that Bottlerocket instances are as secure as possible they run with Security-Enhanced Linux (SELinux) in enforcing mode. This increases the isolation between containers and the host operating system.
Normally when someone mentions SELinux, administrators fear they'll have trouble running applications on it. AWS assures users that that's not the case here. Besides security, Bottlerocket is also designed to be quick and easy to maintain.
It does this, like other container-oriented Linux distributions such as Flatcar Container Linux, Red Hat Enterprise Linux CoreOS (RHCOS), and RancherOS, by including the bare essentials needed to run containers. Many AWS partners already support their applications on Bottlerocket such as Datadog, Splunk, and Puppet.
Don't think that Bottlerocket is just an AWS show. It's not. Bottlerocket is an open-source project. GitHub hosts all its design documents, code, build tools, tests, and documentation. Besides its standard open-source elements, such as the Linux kernel and containerd container runtime, Bottlerocket's own code is licensed under your choice of either the Apache 2.0 or the MIT license. If you modify Bottlerocket, you may use "Bottlerocket Remix" to refer to your builds in accordance with the policy guidelines.
For AWS users, the attraction is, of course, that it's an easy-to-use, secure container Linux for their favorite public cloud. As someone's who used Linux for decades, I find its use of Rust to be its most fascinating feature. For both cloud developers and Linux programmers, there are interesting times ahead.