Building and Maintaining Your Own Secure Container OS

Explore the process of building and customizing Bottlerocket, a free and open-source Linux-based operating system designed for hosting containers, in this 48-minute webinar sponsored by AWS. Learn about Bottlerocket's key features, including its focus on security, flexibility, transactional updates, and isolated runtimes. Dive into the high-level build concepts, necessary tooling, and build process invocation and flow. Discover how to build and publish a Bottlerocket updates repo, provide containers with elevated permissions, work with host and bootstrap containers, and extend kernel capabilities. Gain insights into adding new configuration options, implementing security policies, and explore next steps for further customization and development.

Intro
What is Bottlerocket?
What makes Bottlerocket? (First priority: security)
What makes Bottlerocket? (flexibilty)
What makes Bottlerocket? (transactional updates)
What makes Bottlerocket? (isolated runtimes)
High-level Build Concepts
Lets Talk Tooling for a moment...
Tools Needed to build
Build Process Invocation
Build Process Flow
Build and publish a Bottlerocket updates repo
Providing Containers with Elevated Permissions
Host and Bootstrap Containers
Adding Your Own Bootstrap Containers
Extending Kernel Capabilities
Next Steps