We've been very vocal to AWS product managers and solution architects about our needs for an Amazon Linux 3 that is a refresh over AWS Linux 2 (at least 5 years support with RHEL 8 compatibility, free kernel patching w/o reboots, official support from datadog, vmware images). Sad that we haven't been heard. We'll now need to plan to move over 20k instances to Rocky Linux.
I suspect that the move to using Fedora has something to do with changes to the CentOS project that AWS Linux 2 forked. Let's hope the beancounters at IBM doesn't have other plans for Fedora.
As skeptical as I am about huge tech corps like Amazon, Google, etc., I have to admit I enjoy being their paying customer - nice experience. I find GCP and AWS a pleasure to use.
Enabling it won't in itself secure your company's applications, as the default policies in Fedora only apply to installed services (e.g ssh) that have a policy written for them.
This is probably right on the boundary of the shared-security-model, but I think it would be great if they also offered easier ways for application developers to leverage the advertised feature.
It’s also interesting that at the same time Amazon is sponsoring Rocky Linux: https://rockylinux.org/sponsors/ (Which is based on Red Hat Enterprise Linux.)
Unfortunately I'm just way more used to debian based systems, and I feel like having a mismatch in production would just lead to friction.
* Will be released on a predictable schedule every 2 years, supported for 5 years. Minor releases every quarter.
* GA will be based on Fedora 35. Preview is currently based on Fedora 34
* There's no official statement regarding compatibility with Fedora packages
* SELinux will be enforcing by default
* Kernel will be a kernel.org longterm version, not the Fedora one
* VM images/docker containers will be officially available when GA. For now you can download images unoffically 
* Unofficial ETA is Q2 2022. For reference, AL2 is currently officially supported until June 30, 2023.
I work alongside a small team maintaining quite a lot of machines on AWS. They're struggling (IMHO) to manually apply all of the security patches their scanning tool identifies. My theory is that Amazon Linux gets patched frequently, and so they'd be better off spending time normalizing our EC2 infra so that every instance is running Amazon Linux, and then work on an easy rollout mechanism to deploy the latest version.
Has anyone got any thoughts on this? It wouldn't obviate the need for patching completely, but I feel like AWS is already doing some of this work for us, so we should take advantage.
Only remaining piece is the desktop segment
macOS has a unix environment, so it'll stay relevant (for how long?)
windows has WSL, it's slow, i don't see myself using it since the host OS is a giant piece of shitty crap
MS missed a chance with Win11, they could have went full steam ARM with a Linux Distro, 100% native Android support, 100% cloud native support, 100% unix support as a host OS, i wouldn't use it myself because i despise the company and its culture, but i can see potential, and i smell a huge missed opportunity
Amazon it getting it right, even thought it's exclusively targeting for cloud usages
Marketing wise it's great and consistent with their offering
Welp, better luck next time.
SELinux by default is a welcome addition but I'm concerned it will break many apps.
It's funny, I was just about to move to kernel 5.10 for amz Linux 2. Might just wait a bit for AL2022
AL2022 does not make any commitments similar to AL2 (see text from link below).
It is therefore borderline unusable for enterprises that value stability like my current employer.
1) AWS will provide security updates and bug fixes for all packages in core [for 5 yrs]
2) AWS will maintain user-space Application Binary Interface (ABI) compatibility for the following packages in core:
elfutils-libelf, glibc, glibc-utils, hesiod, krb5-libs, libgcc, libgomp, libstdc++, libtbb.so, libtbbmalloc.so, libtbbmalloc_proxy.so, libusb, libxml2, libxslt, pam, audit-libs, audit-libs-python, bzip2-libs, c-ares, clutter, cups-libs, cyrus-sasl-gssapi, cyrus-sasl-lib, cyrus-sasl-md5, dbus-glib, dbus-libs, elfutils-libs, expat, fuse-libs, glib2, gmp, gnutls, httpd, libICE, libSM, libX11, libXau, libXaw, libXext, libXft, libXi, libXinerama, libXpm, libXrandr, libXrender, libXt, libXtst, libacl, libaio, libatomic, libattr, libblkid, libcap-ng, libdb, libdb-cxx, libgudev1, libhugetlbfs, libnotify, libpfm, libsmbclient, libtalloc, libtdb, libtevent, libusb, libuuid, ncurses-libs, nss, nss-sysinit, numactl, openssl, p11-kit, papi, pcre, perl, perl-Digest-SHA, perl-Time-Piece, perl-libs, popt, python, python-libs, readline, realmd, ruby, scl-utils, sqlite, systemd-libs, systemtap, tcl, tcp_wrappers-libs, xz-libs, and zlib
3) AWS will provide Application Binary Interface (ABI) compatibility for all other packages in core unless providing such compatibility is not possible for reasons beyond AWS’s control.
Will it remove my DE when I install steam ? /s
*LTT Video Series :D