Bootstrap Container Runtime Simplification; Exploring how Social Groups affect the Development of Serverless Technologies

This paper presents a novel approach to streamline the bootstrap container runtime in Bottlerocket, an open‑source Linux distribution optimized for containerized workloads. Traditional bootstrap mechanisms require users to build and maintain custom container images, manage multiple configuration files, and supply initialization scripts. These tasks introduce complexity, are error‑prone, and demand ongoing maintenance to address security patches and surface level agreements (SLAs). We propose modifying the Bottlerocket bootstrap container to accept user‑provided scripts encoded in Base64 via the Bottlerocket API. This solution retrieves, decodes, and stores the script on the host’s persistent storage, then invokes it through a lightweight wrapper during the boot process. This design eliminates the need for users to construct images or handle external configuration artifacts, thereby reducing setup time, minimizing configuration errors, and improving security by limiting the attack surface associated with custom images. I implemented the prototype and the resulting image can be found in the Amazon s3 repositories. I also conducted usability testing with community contributors. Metrics include reduction in user setup steps, error rates during initial configuration, and subjective user satisfaction. Security analysis shows that isolating custom code within a controlled wrapper script reduces the likelihood of common vulnerabilities and exposures (CVEs). Feedback from the Bottlerocket community affirms that our approach enhances developer productivity and system maintainability. We conclude by discussing integration strategies for broader adoption and outline future work on extending this mechanism to support dynamic configuration updates and enhanced observability. Furthermore, live metrics is an option for improvement. This paper employs the Social Construction of Technology (SCOT) framework to analyze how diverse social groups have shaped the evolution and adoption of serverless computing. Serverless platforms, epitomized by AWS Lambda’s 2014 launch, abstract away server management, enabling developers to focus on code while cloud providers handle provisioning, scaling, and maintenance. Through historical analysis, discourse analysis of developer forums and white papers, and SCOT’s interpretive flexibility concepts, we examine the roles of four key groups: developers, enterprises, open‑source contributors, and end‑users. Developers prioritize reduced operational complexity and rapid deployment, driving features such as provisioned concurrency and enhanced observability. Enterprises emphasize cost optimization, regulatory compliance, and multi‑cloud resilience, leading to hybrid deployment patterns and stricter security controls. Open‑source communities advocate for transparency and vendor‑agnostic solutions, birthing frameworks like OpenFaaS and Knative that mitigate lock‑in concerns. End‑users demand reliability, performance, and ease of use, indirectly steering platform improvements through usage patterns and feedback. We trace how these groups negotiate trade‑offs, such as cold start latency versus cost efficiency, and how cloud providers respond by iterating on platform capabilities. Our analysis reveals that the stabilization of serverless computing hinges on continuous interaction among stakeholders, balancing interpretive flexibility with closure processes. We conclude by discussing implications for future serverless innovations, emphasizing the need for co‑design approaches that integrate technical advances with stakeholder-driven requirements. This socio‑technical perspective offers insights for researchers and practitioners aiming to foster more inclusive, adaptable, and secure serverless ecosystems. The technical and STS papers are linked through their shared focus on optimizing cloud infrastructure—one through practical engineering and the other via socio‑technical analysis. The technical paper addresses a concrete usability challenge in Bottlerocket’s bootstrap container, proposing an API‑driven, base64‑script injection mechanism that simplifies user workflows, reduces errors, and strengthens security. This hands‑on solution exemplifies how understanding user needs and developer feedback can drive targeted system improvements. Conversely, the STS paper situates such engineering endeavors within a broader landscape of stakeholder interactions, employing the SCOT framework to reveal how developers, enterprises, open‑source communities, and end‑users collectively shape serverless technologies. By highlighting interpretive flexibility, the STS analysis provides a lens through which technical decisions gain deeper meaning. Together, these papers demonstrate a virtuous cycle. Socio‑technical insights inform engineering design by uncovering the motivations and constraints of each stakeholder group, while concrete technical implementations, like the Bottlerocket bootstrap enhancement, generate new data points and feedback loops that feed back into socio‑technical discourse. This dual perspective emphasizes that technology does not evolve in isolation but is deeply embedded in complex social dynamics. Ultimately, this integrated approach underscores that successful cloud innovations require both robust technical solutions and a nuanced understanding of the social contexts in which they operate, ensuring that platform evolution aligns with the evolving needs of all participants in the ecosystem. By aligning technological advancements with stakeholder-driven requirements, engineers and practitioners can proactively address socio-technical challenges, fostering broader acceptance and sustainability.

School of Engineering and Applied Science

Bachelor of Science in Computer Science

Technical Advisor: Rosanne Vrugtman

STS Advisor: Joshua Earle

Technical Team Members: Hieu Vu