Amazon Linux 2023 review

Should you upgrade to Amazon Linux 2023? Read on to find out!

Ro'i Bandel
Develeap
9 min readMar 20, 2023

--

It’s finally here! Amazon Linux 2023. Originally named Amazon Linux 2022, then silently renamed to Amazon Linux 2023 after a delay… Was it worth the wait?

Amazon Linux bird logo

I decided to take a look at Amazon’s new Linux distribution. I will cover eight key areas that I personally believe are important to consider when choosing a Linux distro for server workloads in the cloud.

1. Upgrade path

Amazon Linux 2023 can be considered the successor to Amazon Linux 2 ¹. Therefore, you might think you’ll be able to run some commands in order to upgrade your AL2 instances to AL2023, but this is not the case. AL2023 is a major new version and has many breaking changes (as you can tell by the fact that it’s 2,021 versions higher than AL2). For all intents and purposes, I think it’s safe to consider AL2023 an entirely different Linux distro than AL2. I will explain more about the differences below. However, it is important to note that you should not expect any of your existing AL2 workloads to necessarily work in AL2023, unless you have thoroughly tested them.

This might seem disappointing compared to other Linux distros which do offer in-place upgrades (for example Ubuntu and RHEL). However this is not new for Amazon Linux; there was no upgrade path between the original Amazon Linux to Amazon Linux 2 either. If I had to guess the reasoning for this, aside from technical challenges, is that Amazon wants to implicitly encourage us to treat instances as cattle, not pets. That is, we shouldn’t get so attached to a particular instance that we feel we have to upgrade it in-place. Instead, we should be comfortable terminating any one instance and spinning up a new one in its place.

However even if you deploy AL2023 in a new instance, you still have to be aware of its changes and how they might impact your workflows. For example if you have a User data script that automatically runs every time your AL2 instances launch, you will have to test it on AL2023 to ensure it achieves the same results as you expect.

It will be interesting to see if Amazon will have an upgrade path in the future from Amazon Linux 2023 to Amazon Linux 2025. As far as I am aware they have not announced anything in this matter, so I won’t expect it unless Amazon says otherwise.

2. Availability

Amazon Linux 2023 is now generally available in all AWS Regions. This means you can deploy EC2 instances running this new Linux distro by choosing the right AMI (Amazon Machine Image). This can be done from the AWS EC2 Management Console, where it’s possible AL2023 will already appear as the default Quick Start AMI option for you. If it does not appear by default, search for “Amazon Linux 2023” and ensure you choose an option from a “Verified provider”. If using a tool like AWS CLI or Terraform, you can copy the AMI ID yourself (just remember that AMI IDs differ by AWS region); see how to find a Linux AMI in the AWS EC2 documentation.

A view of the AWS EC2 Console showing how to deploy Amazon Linux 2023

3. Cost

Amazon Linux 2023 is free by both definitions of the word. It is open source, and also does not incur any additional costs to use.

Of course you will still need to pay any relevant fees for using EC2, for example payment for on-demand Linux pricing and EBS volumes. However you don’t need to pay any additional pricing for licensing like you do for some operating systems in AWS (e.g. RHEL, SUSE or Windows). In addition, AL2023 is “Free tier eligible” — meaning you can try it for free as long as your usage is within the AWS Free Tier.

An example of EC2 instance pricing. Amazon Linux 2023 falls under “On-Demand Linux pricing” which is cheaper than RHEL, SUSE and Windows pricing. Prices are in “us-east-1” region as of 2022–03–20.
An example of EC2 instance pricing. Amazon Linux 2023 falls under “On-Demand Linux pricing” which is cheaper than RHEL, SUSE and Windows pricing. Prices are in “us-east-1” region as of 2022–03–20.

4. Kernel

Now that I knew that AL2023 is available and understood its costs, I was ready to test it myself. I deployed a micro EC2 instance for testing and started running commands to see what I can find. The first command I ran was uname -a to see the Linux kernel version that is currently included with AL2023. Running that command shows that the current AL2023 Linux kernel version is 6.1.15-28.43.amzn2023.

I was pleasantly surprised to find out that AL2023 runs Linux kernel version 6.1, the latest LTS Linux kernel. This is a big jump compared to AL2 which uses Linux kernel version 5.10. Originally AL2 used kernel version 4.14, but later received updates to 5.4 and 5.10 kernel versions. However AL2 was never updated to Linux kernel 5.15, the previous LTS kernel version.

Amazon Linux 2023 is expected to receive kernel updates as well, at least for the 6.1.x kernel series (and maybe for future LTS kernels too). Kernel live patching is supported, meaning you will be able to install kernel updates without rebooting.

5. OS Family

Obviously Amazon Linux 2023 is “Linux”, and we know that its kernel is 6.1, but which Linux distribution is it based on exactly? The Linux distribution family tree is big and complex, but to simplify things a bit, we can consider the two main branches of Linux distributions to be Debian-based distros and RPM-based distros. These two distro branches are dominant both in the Linux desktop space but especially when it comes to server distros ². Debian-based distros include Ubuntu, RPM-based distros include RHEL, CentOS Stream, Fedora and SUSE.

All Amazon Linux distros are RPM-based. AL2 for example was partially based on CentOS 7. However, AL2023 is instead based on components of Fedora 34/35/36 with some aspects of CentOS 9 Stream. However Amazon clarifies that AL2023 isn’t directly comparable to any specific Fedora release. This means you can’t expect it to behave the same way as Fedora or CentOS Stream. You should treat it as its own distro with its own packages.

5. Package availability

AL2023 uses the DNF package manager, which is the successor to YUM (previously used in AL2). Although yum commands are still available, they now point to dnf instead.

In terms of package availability, AL2023 does not use the Fedora or CentOS Stream repos, instead, AL2023 has dedicated repos of its own. The packages are similar but not identical to what were offered in AL2. Most packages have been updated to the latest versions. When upgrading to AL2023 from AL2, you should ensure that all the packages you need are still available. In addition you should ensure that the version updates don’t have breaking changes that affect you. For example, Python 2.7 is no longer available in AL2023, unlike AL2 which still has extended support for Python 2.7.

In terms of packages outside of the AL2023 repo, support seems limited. AL2023 does not support EPEL repos, nor does it support amazon-linux-extras. Although some packages from amazon-linux-extras are now included in the main AL2023 repos (including docker and nginx), not all of them are; for example, I noticed Ansible is missing (although it can still be installed through pip).

Compared to Fedora repos, there are many packages that are missing from AL2023 repos. I already mentioned Ansible, but to give another example — Podman is missing. This is interesting given how much focus RedHat has put on Podman in recent years (in order to “compete” with Docker). In recent versions of Fedora, Podman is even installed by default. Yet it’s nowhere to be seen in AL2023 which is partially based on Fedora. However, you do get Docker and containerd in the AL2023 repos.

Over on the Amazon Linux 2023 GitHub repo anyone can open issues asking to add missing packages. I hope that the Amazon Linux team will be quick to add highly-requested packages. This is because I am not really sure what the alternative is for users; AL2023 users can’t safely add Fedora, CentOS Stream or EPEL repos because AL2023 is not directly compatible with any of these distributions. I guess maybe we should just run everything in containers? I am not opposed to that idea personally for some packages, but then we should at least get packages like podman and ansible.

Another thing to know about the AL2023 repos, is that they use Deterministic upgrades through versioned repository.

6. Release Cadence and Long Term Support

Starting with Amazon Linux 2023, Amazon plans to release a new major version every two years. Two years from now we can expect to see Amazon Linux 2025, then Amazon Linux 2027 and 2029. Each version should receive Long Term Support (LTS) for five years.

If this kind of release cadence sounds familiar to you, then it is definitely not because of previous versions of Amazon Linux. Historically, Amazon Linux version releases have been quite incosistent, with Amazon Linux 2023 itself being delayed and renamed to Amazon Linux 2022. Instead, this release cadence seems to be inspired by Ubuntu, which releases major LTS versions every two years in April. Regardless of what you think about Ubuntu and Canonical, you can’t fault them for not being consistent. Since Ubuntu 8.04 LTS in 2008, Canonical has consistently released LTS versions every two years, without ever missing the April release date. This is on top of their standard Ubuntu releases which we get every six months. Every Ubuntu LTS release since 12.04 LTS has received at least five years of support. Ubuntu’s consistent release cadence and Long Term Support has been one of the reasons it became a leading Linux distro, both in the desktop space and for server use. When it comes to AWS, Ubuntu competes closely with Amazon Linux.

It will take years to see if Amazon can live up to its promises of consistent Amazon Linux releases. Will Amazon Linux 2025 release on time two years from now, or will it get delayed again and renamed to Amazon Linux 2026? We will have to wait and see. In the meantime, Amazon also promises quarterly minor updates for Amazon Linux 2023.

7. Performance

Amazon claims that AL2023 offers “optimized performance for Amazon Elastic Compute Cloud (EC2) Graviton-based” and “AL2023 optimizes boot time to reduce the time from instance launch to running the customer workload”. Of course optimized performance is always helpful, especially when it comes to EC2 instances which you want to be able to launch fast when needed. At the scale that AWS operates, “optimized performance” can lead to significant gains.

So does AL2023’s performance live up to its promises? According to Michael Larabel over on Phoronix, the answer is yes! See his detailed benchmarks: Amazon Linux 2023 Is Running Well, Boosting EC2 Performance Over Amazon Linux 2

Larabel’s benchmarks were done on a powerful Graviton3 c7g.metal instance. However AL2023 is capable of running even on the weakest EC2 instance types. A minimal AL2023 AMI is also available.

8. Security

According to Amazon, “AL2023 takes a security-by-default approach to help improve your security posture with preconfigured security policies, SELinux in permissive mode and IMDSv2 enabled by default, and the availability of kernel live patching”.

Updates and security updates for supported packages are provided by Amazon, however because of the new Deterministic upgrades through versioned repository system, updates need to be applied differently than how you might expect (see here).

When running Amazon Linux 2023, it is critical to remember the principals of the shared responsibility model.

AWS Shared Responsibility Model
AWS Shared Responsibility Model

Conclusion

Amazon Linux 2023 is an exciting new release. There are many things to like about about it including the new Fedora base, updated packages, improved performance and security. However because of the many breaking changes it is not an easy upgrade to recommend for existing Amazon Linux 2 users. The limited package availability also makes it not suitable for some workloads, which might still be better served by other popular AMIs (such as Ubuntu).

Even though it won’t win everyone over, Amazon Linux 2023 is still an excellent new release and a significant improvement over Amazon Linux 2.

¹ Note that Amazon Linux 2 is still supported until 2025–06–30.

² Yes I know some people run their servers on Arch. Even if that’s arguably not the best idea…

--

--