python-api vs distroless

python-api

Python api built with FastAPI (by abdelino17)

Suggest topics

Source Code

distroless

🥑 Language focused docker images, minus the operating system. (by GoogleContainerTools)

#Docker #Bazel

Source Code

Our great sponsors

Sonar - Write Clean Python Code. Always.

InfluxDB - Access the most powerful time series database as a service

SaaSHub - Software Alternatives and Reviews

Our great sponsors

python-api		distroless
	Project
1	Mentions	107
3	Stars	15,173
-	Growth	3.3%
3.2	Activity	9.0
9 months ago	Latest Commit	8 days ago
Python	Language	Starlark
MIT License	License	Apache License 2.0

The number of mentions indicates the total number of mentions that we've tracked plus the number of user suggested alternatives.
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.

python-api

Posts with mentions or reviews of python-api. We have used some of these posts to build our list of alternatives and similar projects. The last one was on 2022-07-19.

Package your FastAPI application with “Distroless” Docker Images
3 projects | dev.to | 19 Jul 2022

You could find all the code on my github repository: https://github.com/abdelino17/python-api

distroless

Posts with mentions or reviews of distroless. We have used some of these posts to build our list of alternatives and similar projects. The last one was on 2023-03-19.

aws-cli v2: how much smaller can it get? Answer: a lot smaller :)
5 projects | dev.to | 19 Mar 2023

Well, you can think of it like Google's distroless.
87% of Container Images in Production Have Critical or High-Severity Vulnerabilities
4 projects | reddit.com/r/programming | 24 Feb 2023

At the end of the day the distroless is not building their own packages from scratch, they're downloading packages from debian. A distroless base image simply contains fewer packages than a regular debian docker image.

4 projects | reddit.com/r/programming | 24 Feb 2023
Choose the best java distribution for project.
3 projects | reddit.com/r/java | 12 Feb 2023

Using your app in contenerized environment/firecracker? Basically you have no choice if security is something that you aware of: https://github.com/GoogleContainerTools/distroless
Major standard library changes in Go 1.20
5 projects | news.ycombinator.com | 16 Jan 2023

One of my favourite Go security features is the single binary output, it means I can build my binaries into a distroless base image container for running in K8S. It removes a huge attack and vulnerability surface that containers introduce.
My team uses Go whereas the rest of the company heavily uses Python. Our vulnerability scanner tool detects hundreds of high score CVEs just in their container images. Comparably there have been times I haven’t updated our distroless base image for a year and there isn’t even a single vulnerability (this one: https://github.com/GoogleContainerTools/distroless/blob/main...)
In terms of defending your software supply chain, eliminating the cruft that is required to run an interpreted language in a container make a a huge difference.
Alpine Linux in the Browser
5 projects | news.ycombinator.com | 13 Jan 2023

For code that compiles into a binary like Rust, distroless is another option for a minimal image that doesn't run into the compiling issues of Alpine.
https://github.com/GoogleContainerTools/distroless
Can gentoo be as small and secure as alpine?
2 projects | reddit.com/r/Gentoo | 5 Jan 2023

I've been using https://github.com/GoogleContainerTools/distroless for my base docker images and been very pleased with it.
Lies we tell ourselves to keep using Golang
11 projects | reddit.com/r/programming | 30 Dec 2022
Help dockerizing a rocket server with a small image.
4 projects | reddit.com/r/rust | 29 Oct 2022

Google provides distroless docker images that only contains little basic components (no c runtime, no openssl, no OS itself) so they're very tiny. You can check https://github.com/GoogleContainerTools/distroless/tree/main/base for these images.
How to create small Docker images for Rust
5 projects | dev.to | 5 Oct 2022

We can also use the distroless family of images maintained by Google that use packages from debian, but remove all the useless packages in order to create minimal images. Thus, we no longer need to use the MUSL libc.

What are some alternatives?

When comparing python-api and distroless you can also consider the following projects:

iron-alpine - Hardened alpine linux baseimage for Docker.

spring-boot-jib - This project is about Containerizing a Spring Boot Application With Jib

jib - 🏗 Build container images for your Java applications.

dockerfiles - Various Dockerfiles I use on the desktop and on servers.

whalebrew - Homebrew, but with Docker images

docker-alpine - Official Alpine Linux Docker image. Win at minimalism!

podman - Podman: A tool for managing OCI containers and pods.

example-bazel-monorepo - 🌿💚 Example Bazel-ified monorepo, supporting Golang, Java, Python, Scala, and Typescript

Sandboxie - Sandboxie Plus & Classic

fpm - Effing package management! Build packages for multiple platforms (deb, rpm, etc) with great ease and sanity.

docker-socket-proxy - Proxy over your Docker socket to restrict which requests it accepts

Lean and Mean Docker containers - Slim(toolkit): Don't change anything in your container image and minify it by up to 30x (and for compiled languages even more) making it secure too! (free and open source)

distroless vs iron-alpine

distroless vs spring-boot-jib

distroless vs jib

distroless vs dockerfiles

distroless vs whalebrew

distroless vs docker-alpine

distroless vs podman

distroless vs example-bazel-monorepo

distroless vs Sandboxie

distroless vs fpm

distroless vs docker-socket-proxy

distroless vs Lean and Mean Docker containers