4 tiny Docker images for lightweight containers

Docker images can get pretty bulky if you’re not careful. Your typical Docker image includes everything you need to run a particular piece of software (such as the application language’s runtime) and everything those things depend on. Images in the hundreds of megabytes are common, often because they use as their base some variety of Linux distribution. Anything beyond a static binary will have dependencies that need to be included in a container image.

So how small can you make a base Docker image? Pretty small, as it turns out—within the realm of a few dozen megabytes, or even smaller. The quest for slim-and-trim base Docker images has led to the creation of some amazingly compact Linux distributions. Aside from taking up less space, heavily minimized images have a smaller attack surface, fewer dependencies to manage, and faster total build times. So, there’s good reason to invest in making them.

Here’s my quick guide to four of the most useful Docker base images on the small end of the scale, plus a bonus repository of lightweight container experiments to try out on your own.

Alpine (5 MB)

Alpine Linux built its reputation as a small, lightweight, security-conscious Linux for embedded hardware and dedicated devices. The official Alpine Linux image is a mere 5 megabytes.

A big part of Alpine’s minimalism comes from its use of musl libc, a statically linked version of the libc runtime used by many Linux applications. (Most of the other images described here use the conventional glibc.) Alpine also uses BusyBox (more on this below) to keep things compact. And unlike some other super-tiny Linux distros, Alpine does include a package manager, apk (Alpine Package Keeper).

Alpine’s own brand of compactness and minimalism can be a drawback. Some applications require conventional glibc to work, so Alpine’s use of musl libc breaks them outright. musl can also degrade performance—a slowdown of a factor of two is not uncommon—so low-latency applications may suffer.

BusyBox (1 MB to 5 MB)

For an even more minimal image, you can build directly atop one of Alpine’s own components, BusyBox.

This single, compact executable bundles together a whole slew of simplified versions of common Linux tools. File archiving, sending email, process manipulation, disk searching, and volume handling are some of the many, many tools packed into BusyBox. They are not one-for-one substitutes for the original commands, though, as many of them have less commonly used options stripped out to save space, but they should support the vast majority of the day-to-day functionality you expect from those tools.

As an example of what you can accomplish with BusyBox, it includes its own simple HTTP server httpd, which is perfectly adequate for serving nothing but static content. Developer Florian Lipan took things one step further by creating a BusyBox image optimized for serving static websites.

BusyBox comes in various flavors that use different implementations of libc: musl-libc (as used in Alpine), conventional glibc, and another “tiny” variant of libc called uclibc. This way, you can use BusyBox with other software that might also be linked against different libc implementations.

Debian Slim (35.9 MB)

If you use Debian as the base for your applications, the widely-used Debian Linux distribution has a minimal variant called Debian Slim. Most of what’s excluded from Slim is documentation, support for languages other than English, and some application-specific components (e.g., documentation for KDE). These omissions alone shave down the size of the Debian image by around 40%.

Another Debian-based option is Bitnami’s minideb. The images for this distribution are built nightly and contain the most recent security updates. Like Slim, it omits documentation, along with init-system-related components, but includes a custom install_packages script to allow running apt non-interactively during the container build process. The minideb image is used as the foundation for many of Bitnami’s own language runtime containers (PHP, Ruby, Node) and infrastructure applications (Redis, MariaDB).

Red Hat UBI Micro/Minimal (25 MB to 75 MB)

Red Hat provides a set of container images based on Red Hat Enterprise Linux (RHEL) called Universal Base Images. These images, and any images created with them, are freely redistributable under the UBI EULA and include RHEL versions 8 through 10.

The two smallest of these, the Micro and Minimal versions, weigh in at 25 MB and 75 MB respectively, and omit components like language runtimes and initialization and service management tools such as systemd. Micro doesn’t even have a package manager, so it’s best for apps where you provide all your own dependencies. Minimal adds a small subset of conventional dependencies and a minimal package manager (microdnf), so it’s useful if you want to pull extra components from Red Hat’s repositories as part of the image build process.

Bonus: Jérôme Petazzoni’s minimage repository

Developer Jérôme Petazzoni has created a sizable repository of experimental examples of minimal Docker images for various tasks, language runtimes, and with various distributions as their bases.

Many of these examples do not work, as they are intended merely to illustrate the consequences of choosing certain combinations of build steps. But they can be useful to experiment with as starting points for composing your own minimal containers.