CIS Hardened Image STIG on Amazon Linux 2

I usually ran GoLang applications on Amazon Linux . These applications are compiled for any Linux flavor or architecture. I have worked with API backends for VoIP APIs in the CPaaS platforms.

Recently I got a use case where I needed to implement a noise cancellation application for Amazon Linux  as a backend application. This noise canceller specifically used an Intel procedure which is specific to architecture. I faced some challenges with Amazon Linux in this scenario. I had to switch to Ubuntu  for that specific use case.

If you are building something of your own in a language such as GoLang or Python, it is really easy to set it up and just hit the go button. You just need to build your application and you can have a binary which can run on Amazon Linux easily. However, for specific tasks such as the noise reduction case, I have to install a package for a specific instruction which I had never worked with before. That was a new experience. It is really easy to install on Amazon Linux from the package right away, which is a really good thing.

We are scaling up and scaling down in the EKS environments with Amazon Linux only. Amazon Linux really works well for this.

Amazon Linux is really easy to use. Almost all of the packages and all of the third-party applications are available for Amazon Linux. They are just one command away to install them.

For example, if I use any CentOS  based system, Ubuntu  based system, or Debian  based system, I have to keep updating my repository. Sometimes it is really hard to find some Amazon specific packages for those distributions. However, for Amazon Linux, it is really good and really handy that all of the information and all of the packages are available on just a few commands away.

Regarding the update side, I really appreciate the kernel patches for Amazon Linux. They are released straightaway. Whenever something is fixed in the security domain, it gets released pretty soon compared to other distributions for Amazon Linux. In terms of customer compliance with GDPR and similar requirements, it is really good to have that.

I have noticed benefits in my workflow with Amazon Linux. When I used to have a Windows laptop and whenever I needed a Linux instance, I used to spin up one on EC2 . This brought me a lot of helpful things without owning a machine. Even if I am in an environment where I have very low network bandwidth and I have to compile huge images or build a big image, perhaps something related to AI or training a model, it is really easy to just spin up an EC2  instance and build that image there. The network connectivity and all those aspects help in that way.

It is really easy to integrate Amazon Linux with the conventional tools available for all Linux systems.

Amazon Linux has performed really well under heavy workloads.

I feel there can be a lot of extensibility for Amazon Linux, the same way we have for Ubuntu or Debian . That might be a good use case to look forward to.

I would love to get my hands on Amazon Linux on a laptop, if that is possible. Nowadays the machines are really powerful and if you have an operating system like Ubuntu and you love working with Linux, people will easily switch to Amazon Linux because they are running the same thing on their laptops and even in the cloud. That would be really beneficial in that case.

I have been using Amazon Linux since 2020 and it has been five years now. I have been using Amazon Linux to run production applications on EC2 instances and running some POCs, creating test applications around it. I have used Amazon Linux as my secondary computer in the cloud for four years.

Amazon Linux is really good and stable.

It is easy to scale Amazon Linux. If you want scalability and many out of the box features, you can choose Amazon Linux right away.

I have not had any chance to reach out to customer support.

Negative

I have used a couple of Linux distributions before Amazon Linux. I have used Linux Mint, CentOS , Ubuntu, and Debian. I still use them for some software which is recommended for it, but not much.

Amazon Linux was readily available on the AWS  cloud, so it was an easy switch and there were no major setup complications.

I did purchase Amazon Linux a couple of times through the AWS Marketplace . However, these things are majorly managed by the DevOps team.

I saved around 100 to 200 hours of build time when I used to have a slow laptop before I switched to Mac. That was really helpful. I can do other tasks while the build is going on, so it increased productivity as well.

In general, I have saved many hours in my workflow. We are not in the era of generative AI where you have to research, implement, and test everything. Because I used to have a Windows instance, Amazon Linux was my go-to for any of the tasks.

I mostly found Amazon Linux documentation and community support very easily. Nowadays I majorly use Gemini or ChatGPT for my issues, which is really helpful.

Most of the time Amazon Linux meets the need in the security areas with latest patches for everything.

It is mostly for public cloud, specifically public AWS . We use Amazon Linux across all the environments.

It is really good. As I work in an enterprise environment, most of the pricing and other details are handled by other teams, not the backend engineering team. I have never faced any such issues.

I would rate this product an 8 out of 10.

My main use case for Amazon Linux  is deploying our ClickHouse  cluster. ClickHouse  is an OLAP database where we are spanning data across multiple terabytes, and we're using EC2  instances on AWS , which are based on the Linux operating system. We have a cluster of 16 EC2  instances based on Amazon Linux , and using those instances, we are deploying our ClickHouse cluster.

In addition to deploying our ClickHouse cluster, we are also using Amazon Linux for our ClickHouse Keeper, which is for the coordination, and we are using it for our CHProxy, which is the ClickHouse Proxy for user authentication, query limiting, and other functionality.

Amazon Linux provides us a great capability of deploying ClickHouse, as ClickHouse is much more compatible with Linux instances if you're deploying it on-premises, as the support team has advised us. We have specifically utilized Amazon Linux in our use case to deploy ClickHouse, and since we have configs that we need to manually deploy there, we have to work with Linux commands to change our configs. That sort of capability and ease of doing things is being provided by Linux, so we are very happy with Amazon Linux.

Stability is a great point since we rarely face any downtime with Amazon Linux in terms of Linux instances going down. Regarding security, since we have deployed this in the VPC, we need to ensure we have the right protocols opened, and Linux within itself provides us great capability to ensure we have high-level security as well. Amazon Linux integrates well with services like S3  for storing our data, and we are also using Route 53  for our routing services and DNS services for the ClickHouse cluster. It integrates well with AWS  services, and we are also using CloudWatch for the metrics.

Amazon Linux has positively impacted our organization in a couple of ways. There were two ways to deploy a ClickHouse cluster: the first was to go with a cloud solution, and the other one was to go with Amazon Linux. We looked at the cost in both ways, and the cloud version was expensive for us, so we looked at Amazon Linux on-premises and tried to deploy our cluster by doing a certain POC. We found out there was a significant cost difference. It gave us much more control over how we store our data and what we can do with it, so we went with the approach of deploying a cluster on Amazon Linux. That was a positive impact for us in terms of having control over data, keeping it in a secure network of ours only, and it also saved us costs, giving us a full circle moment to save our expenses.

I believe Amazon Linux provides a wide variety of instances in terms of the RAM and storage that you want with the EBS volumes, so nothing can be improved in that regard. It's just that with the start time, when you're initially starting an instance, it takes a certain amount of time to reboot itself and set up the environment, and if that can be improved to instant speed, I think that will be much more helpful.

I gave it an eight because of the instant speed consideration. Since we are working in a real-time manner and need to scale things immediately, the time it takes to boot an instance and then deploy things is preventing me from giving it a perfect rating. That aspect is crucial, as it affects the time required to start up an instance and instantly deploy it.

I have been working in my current field for 4.5 years.

Amazon Linux is stable in my experience, and we did not face any downtime or reliability issues.

In terms of scalability, we find it easy to scale our workloads up or down, with the only drawback being the time it takes to restart or boot an instance. Otherwise, everything else is good.

We have been satisfied with all of this. We had good support from AWS if we faced any issues, and the documentation is really great. We faced no compatibility issues, so I think we are in good standing on that part.

We didn't reach out to customer support because we didn't face any issues, so I would rate the customer support a 10 out of 10.

Positive

Since our whole cloud network is deployed in AWS, we didn't look into other instances. We initially considered using Windows for the instances, but then we switched to Linux since the ClickHouse team informed us that Linux instances would be hugely compatible with the ClickHouse environment.

As a developer, I'm not directly impacted with the cost, but during the meetings I attended, there were discussions of saving up to 30% of cost savings by going with Amazon Linux.

As I mentioned for the cost savings, we saved 30% in terms of the cloud infrastructure. Time saved is significant since we are working with a real-time database, which saves us time compared to going with OLTP. With Amazon Linux coming in, we have also saved time in terms of query execution time, and those are the numbers that I can share.

My advice to others looking into using Amazon Linux is that it's a great piece of technology you can use to deploy your application environment. It works within a great environment of a private network, integrates well with other AWS services, keeps you in a close-knit ecosystem, is highly scalable, and ensures that you have high performance for your application while rarely facing any downtime. I would rate this product an 8 out of 10.

My main use case for Amazon Linux  is as a base for my EC2  instances, but recently I have been using it almost exclusively as EKS node stock images.

A specific example of how I am using Amazon Linux  in one of my projects is that it hosts our Kubernetes  nodes that connect to AWS  EKS services.

The best feature Amazon Linux offers, in my opinion, is the compatibility with AWS  cloud and AWS services.

When I mention compatibility with AWS cloud and services, I appreciate how it is connected to AWS System Manager and how it automates registration to EKS.

Amazon Linux has impacted my organization positively by simplifying the workflow where we manage our EKS nodes. It simplifies our workflow because it reduces time; we always know that Amazon Linux AMIs are updated with all security patches and compatible with EKS, so we are able to rely on them.

I am not sure how Amazon Linux can be improved, as we are fully satisfied with it, but sometimes we cannot find some modern application packages. I cannot provide examples right now, but I think previously I tried to install a PostgreSQL  server into it and I was unable to find the latest version available from the package registry, so I had to compile it myself.

I do not remember exactly how long I have been using Amazon Linux, but probably starting in 2018.

Amazon Linux is stable in my experience; there were no issues at all with stability.

The scalability of Amazon Linux for my needs is good; it is the same as any Linux distribution.

We previously used Ubuntu  and kops to deploy Kubernetes  clusters, but we switched when Amazon provided the EKS service and AMIs with Amazon Linux that connects to EKS.

Before choosing Amazon Linux, we worked on Ubuntu .

Amazon Linux is free, so we are not purchasing Amazon Linux, but we use AMIs that are published on the Marketplace.

I do not have experience with the pricing of Amazon Linux.

My advice to others looking into using Amazon Linux is to use it if you need it.

I would not add more about the needed improvements, perhaps around package availability or anything else that comes to mind.

My overall review rating for Amazon Linux is 7.

A major use case for Amazon Linux is that it powers both web servers and application servers. As a payment company, we majorly use Amazon Linux to deploy our services. Being able to ship those services to our customers means that the performance of the service is critical to our customers, which speaks to service reliability. Service reliability has been one key thing that Amazon Linux has been able to deliver to us as an organization.

From the performance perspective, our use case is basically the deployment of services, and using Amazon Linux as the baseline OS has really helped us from the performance perspective compared to our experience with other baseline operating systems we have used in the past.

The boot time and resource usage have improved with Amazon Linux compared to other baseline operating systems we have used in the past. Resource usage is more efficient with Amazon Linux. Faster boot time and efficient resource usage make Amazon Linux perform better for us.

Being able to ship services to our customers efficiently and ensuring service reliability is a key benefit delivered by Amazon Linux.

I believe customer feedback and engagement will help improve the product. From my own standpoint for now, nothing comes to mind. We recently moved to Amazon Linux, but it has been efficient for us. Nothing comes to mind at this time.

I have been using Amazon Linux for a few years now and it is currently being used at my workplace. We have a couple of services that are being deployed on Amazon Linux.

Amazon Linux is stable.

From the scalability perspective, Amazon Linux has been efficient for us. It has been able to handle the traffic load for us.

Customer support generally for AWS  has been great, and we have not seen a reason to have any situation with the customer support. On the grand scheme of things, the customer support has been awesome.

Negative

We evaluated and deployed some services on Ubuntu  and some other Linux distributions.

Because we set up Amazon Linux on AWS , which I believe is proprietary to the AWS organization, the experience was efficient.

We have seen a return on investments with that, and we were able as an organization to save something around $8,000 per month. That was really helpful.

The pricing is not bad, especially with the Graviton  instances, the ARM Graviton  instances, which has also really helped us in our organization to basically drop our cloud cost.

It has been a great experience with Amazon Linux for us as an organization. My overall review rating for Amazon Linux is 7 out of 10.

I am working with Infosys, and the client is Denmark's Bank, Danske Bank, one of the largest banks in Denmark. I am part of a migration project with the bank servers moving from on-premises to AWS  cloud. Amazon Linux  was purchased from the Amazon Marketplace, and we have OpenShift, the Red Hat OpenShift  container platform. As a migration engineer, I am not entirely certain how partnerships work with Amazon. My organization is large and its structure regarding how they manage their relation with AWS  cloud is complex. We are using the service, with the OCP cluster purchased from the marketplace running on AWS and managed by Red Hat.

Regarding Amazon Linux , I observe that there is not much difference between Amazon Linux and Red Hat Linux. When I install packages, I notice that Red Hat Linux takes a little more time, and I am uncertain if it is based on the hardware or the security system. The RPM-based package makes it very difficult to install some specific packages in Red Hat Linux, but with Amazon Linux, it is easy to install RPM or DNF packages.

I have been using Amazon Linux for the last one and a half years.

Future features for Amazon Linux, like cost-effectiveness, should be improved because any organization, whether small, a startup company, or a large organization, primarily considers cost. Comparing to Ubuntu , an open-source alternative, I think Amazon Linux could benefit from some cost optimization because it costs a little more than Ubuntu  in Indian Rupees.

Regarding maintenance for Amazon Linux, sometimes it requires maintenance similar to how Red Hat provides end-to-end support for Red Hat Linux.

Regarding Amazon Linux support, we used to raise tickets for any issues related to it. We connect on chat or interact with AWS engineers for critical issues. With the support system for Amazon Linux, I feel there is a lack compared to Red Hat, which provides a stronger support system.

I have overall experience of 6+ years, with six years, nine or ten months as of this January.

Regarding the stability of Amazon Linux, we are migrating thousands of servers from on-premises to AWS cloud for Danske Bank. I observed that while patching and updates from Red Hat systems are handled easily, with Amazon Linux we need to take extra care, particularly with legacy systems, since the latest versions work fine without issues.

In my experience with Amazon's technical support, all issues are resolved whenever I connect with their engineers, but the communication levels can be somewhat different, such as a priority system. I would give a score of 8.5 to 9 out of 10.

Positive

From an installation point of view for Amazon Linux, there is nothing difficult as we are using Terraform  for deployment purposes. We use the Amazon provided AMI directly and deploy it, just as we do with other Linux flavors such as Ubuntu or Red Hat.

From my personal and system perspective, I have experienced over the last one year that any packages run easily in Amazon Linux, which I would recommend because I am a cloud engineer for AWS cloud for the last six plus years and I am aware of how these things are involved. For Amazon Linux overall, I give it nine out of ten because it executes commands very smoothly, and that is what I appreciate about it. I would rate this review nine out of ten.