Chiselled containers

Speakers: Vladimir Petko & Pushkar Kulkarni

Track: Cloud and containers

Type: Short talk (20 minutes)

Room: Anamudi

Time: Sep 16 (Sat): 12:00

Duration: 0:20

Distroless container images are ultra-small images that only include an application and its runtime dependencies without additional libraries or utilities. They have a smaller footprint and attack surface but require additional effort to identify dependencies and build the distroless image. Chisel is a new tool that automates building distroless containers from Ubuntu. It uses a library of reusable slices - specific file subsets of the Debian packages for creating ultra-small runtime file systems. We will provide an overview of the tool and its configuration, demonstrate the tool in action, and talk about the challenges of building a chiselled image for a complex runtime such as Java.