Distroless Alternatives

Similar projects and alternatives to distroless

iron-alpine

- 101 3.3 Dockerfile distroless VS iron-alpine

Hardened alpine linux baseimage for Docker.
jib

2 11,910 9.1 Java distroless VS jib

🏗 Build container images for your Java applications.
Scout APM

scoutapm.com
sponsored

Less time debugging, more time building. Scout APM allows you to find and fix performance issues with no hassle. Now with error monitoring and external services monitoring, Scout is a developer's best friend when it comes to application development.
spring-boot-jib

- 1 0.0 Java distroless VS spring-boot-jib

This project is about Containerizing a Spring Boot Application With Jib
dockerfiles

- 12,608 0.0 Dockerfile distroless VS dockerfiles

Various Dockerfiles I use on the desktop and on servers.
dive

6 32,461 0.0 Go distroless VS dive

A tool for exploring each layer in a docker image
whalebrew

- 3,530 7.6 Go distroless VS whalebrew

Homebrew, but with Docker images
ko

5 4,618 9.0 Go distroless VS ko

Build and deploy Go applications on Kubernetes
SonarQube

www.sonarqube.org
sponsored

Static code analysis for 29 languages.. Your projects are multi-language. So is SonarQube analysis. Find Bugs, Vulnerabilities, Security Hotspots, and Code Smells so you can release quality code every time. Get started analyzing your projects today for free.
Sandboxie

- 7,490 9.9 C distroless VS Sandboxie

Sandboxie - Open Source
docker-socket-proxy

- 655 2.5 Python distroless VS docker-socket-proxy

Proxy over your Docker socket to restrict which requests it accepts
example-bazel-monorepo

- 247 1.0 Java distroless VS example-bazel-monorepo

🌿💚 Example Bazel-ified monorepo, supporting Golang, Java, Python, Scala, and Typescript
go

2 101,283 10.0 Go distroless VS go

The Go programming language
kubernetes

2 89,704 10.0 Go distroless VS kubernetes

Production-Grade Container Scheduling and Management
fastapi

2 46,791 9.5 Python distroless VS fastapi

FastAPI framework, high performance, easy to learn, fast to code, ready for production
Lean and Mean Docker containers

2 13,855 8.8 Go distroless VS Lean and Mean Docker containers

DockerSlim (docker-slim): Don't change anything in your Docker container image and minify it by up to 30x (and for compiled languages even more) making it secure too! (free and open source)
wasmer

2 12,497 9.8 Rust distroless VS wasmer

🚀 The leading WebAssembly Runtime supporting WASI and Emscripten
buildkit

2 5,410 9.6 Go distroless VS buildkit

concurrent, cache-efficient, and Dockerfile-agnostic builder toolkit
image-spec

2 2,189 6.2 Go distroless VS image-spec

OCI Image Format
rootcerts

2 83 3.8 Go distroless VS rootcerts

Go package to embed the Mozilla Included CA Certificate List
podman

- 14,365 9.9 Go distroless VS podman

Podman: A tool for managing OCI containers and pods.
postgrest

1 18,880 9.5 Haskell distroless VS postgrest

REST API for any Postgres database

NOTE: The number of mentions on this list indicates mentions on common posts plus user suggested alternatives. Hence, a higher number means a better distroless alternative or higher similarity.

Suggest an alternative to distroless

distroless reviews and mentions

Posts with mentions or reviews of distroless. We have used some of these posts to build our list of alternatives and similar projects. The last one was on 2022-06-22.

How to Containerize a Golang App With Docker for Development and Production
1 project | reddit.com/r/golang | 2 Jul 2022
Minikube now supports rootless podman driver for running Kubernetes
11 projects | news.ycombinator.com | 22 Jun 2022

Unikernel is what you're interested in, but it's not as easy as taking some Linux-based server software and spitting out a bootable image for bare metal. If you strip the kernel and OS out you lose the network stack and all kinds of system services that most software depends on directly.
I think Google's distroless container images are worth checking out as a quasi-alternative: https://github.com/GoogleContainerTools/distroless You use them as a base for a docker image and copy in your server code. These images are tailor made to strip out _everything_ that's not necessary to run the software--there's no shell for example. So you're still running a Linux kernel, libc, etc. but there's nothing there for an attacker to use other than your app code.
I heard docker container does not need an OS for runing but i think the os is base image ?
1 project | reddit.com/r/docker | 2 Jun 2022

For many applications that I work with, we use a distroless build - https://github.com/GoogleContainerTools/distroless
The Promise of WASM
4 projects | dev.to | 26 May 2022

As a result - the web is full of tutorials on how to make your images smaller. There are distroless containers. There's even smart (did anyone say AI?) software to analyze your containers and reduce their size. It all looks a bit upside down. The tech is built on packaging a lot of redundant stuff and we now need more tech to clean up the mess. Why not build it right from the get go by only packaging what we need?
Single Stage and Multi Stage Dockerfiles for Rust Apps
1 project | reddit.com/r/rust | 24 May 2022

meh, distroless image for final image is much better than debian-slim that is if you have OpenSSL.
Distroless Alpine
4 projects | dev.to | 10 May 2022

In my day job, we've been using Google's Distroless images for some time. The benefits of this are well known: smaller image and attack surface. However, what we didn't expect is to still to have to deal with a significant amount of toil dealing with vulnerability triage (see Snyk output below for distroless/base). It could be argued our SDLC is a little, clunky and we're not quite ready for scratch (Graal, Golang, etc.,) images yet so what can we do in the interim? 🤔
Running Containers on AWS Lambda
2 projects | reddit.com/r/aws | 27 Apr 2022

Not surprising if you think about it. In the final stage your artifact is a static binary. When paired with a base image like distroless it’s about as lean as any image can get
Stop root docker login
1 project | reddit.com/r/docker | 25 Apr 2022
Step-by-step to learn writing Dockerfile for Go apps.
1 project | reddit.com/r/docker | 18 Apr 2022
I will never return back to Node.JS after writing Go
7 projects | reddit.com/r/golang | 17 Apr 2022

A lot of services won’t work with scratch, but the static distroless is pretty close size-wise.

7 projects | reddit.com/r/golang | 17 Apr 2022

I mostly use distroless these days. It includes a few things like time zone and root certificate files. See here https://github.com/GoogleContainerTools/distroless/blob/main/examples/go/Dockerfile
Chainguard: It's All About That Base Image
1 project | reddit.com/r/linuxadmin | 1 Apr 2022

A lot can probably be mitigated by using base images like distroless.
Ask HN: Who operates at scale without containers?
7 projects | news.ycombinator.com | 22 Mar 2022

Google's debian-based distroless is fascinating: https://github.com/GoogleContainerTools/distroless

7 projects | news.ycombinator.com | 22 Mar 2022
How to make Docker images even smaller
4 projects | news.ycombinator.com | 16 Mar 2022

If you decouple you build from your packaging you can also use from-scratch containers. You can also use distroless' static image [0] to get a posix-y environment with as little space as possible. Total image size of the static image is ~2.4mb and it comes with a `nonroot` user configured to lock down your perms and packages like ca-certs that are often forgotten.
You can make use of this with multistage builds or with build systems like Bazel and Please.build.
[0] - https://github.com/GoogleContainerTools/distroless/blob/main...

Stats

Basic distroless repo stats

Mentions

Stars

13,121

Activity

9.5

Last Commit

7 days ago

GoogleContainerTools/distroless is an open source project licensed under Apache License 2.0 which is an OSI approved license.

distroless

Distroless Alternatives

Similar projects and alternatives to distroless

distroless reviews and mentions

Stats

Popular Comparisons