Docker images should really be distroless most of the time. There’s way too much junk in the majority of Docker images when in most cases, you really just need your app and whatever dynamic libraries or runtimes it requires (if you can’t statically compile it). You don’t need an OS in there!
Also there’d be way more servers running Debian compared to Ubuntu.
You often (if not most of the time) need some infrastructure in OCI containers (while we’re at it, let’s get rid of the misnomer Docker image). And that’s going to be some subset of a distribution hand-crafted for that purpose. Most of the time, that should be Alpine, because they provide the slimmest base image.
I have a Dockerized C# app… I’m going to try .NET Native AOT (which was improved a lot in .NET 8, released today) to compile it into a self-contained binary, and see how well it works with a distroless base container.
I’m curious to hear how that works out. I’m a big fan of C#; not so much the Microsoft ecosystem. I’d say for maximum scalability you’d want languages which compile to small binaries. So, Go, Rust, C++, C, and theoretically some others. The approach with Java and C# to bundle the framework, JIT, etc, and then try to shave off as much as you can get away with feels kind of backwards. And I get the excitement of the Java folks when they manage to create a self-contained binary with GraalVM and co of 12mb. Like, that’s impressive, but had you developed the same thing with Go it would be .5mb. Curious to see how .NET fares in that comparison to Java.
Debian isn’t really an option if you want paid support. You really only have Red Hat, SUSE, and Canonical. Of course, there are a lot of Ubuntu servers out there.
Docker images should really be distroless most of the time. There’s way too much junk in the majority of Docker images when in most cases, you really just need your app and whatever dynamic libraries or runtimes it requires (if you can’t statically compile it). You don’t need an OS in there!
Also there’d be way more servers running Debian compared to Ubuntu.
You often (if not most of the time) need some infrastructure in OCI containers (while we’re at it, let’s get rid of the misnomer Docker image). And that’s going to be some subset of a distribution hand-crafted for that purpose. Most of the time, that should be Alpine, because they provide the slimmest base image.
Distroless containers (e.g. https://github.com/GoogleContainerTools/distroless, Chiselled Ubuntu, etc) are often smaller than Alpine ones. Google’s smallest Debian-based one is around 2MB.
I have a Dockerized C# app… I’m going to try .NET Native AOT (which was improved a lot in .NET 8, released today) to compile it into a self-contained binary, and see how well it works with a distroless base container.
I’m curious to hear how that works out. I’m a big fan of C#; not so much the Microsoft ecosystem. I’d say for maximum scalability you’d want languages which compile to small binaries. So, Go, Rust, C++, C, and theoretically some others. The approach with Java and C# to bundle the framework, JIT, etc, and then try to shave off as much as you can get away with feels kind of backwards. And I get the excitement of the Java folks when they manage to create a self-contained binary with GraalVM and co of 12mb. Like, that’s impressive, but had you developed the same thing with Go it would be .5mb. Curious to see how .NET fares in that comparison to Java.
In the dotnet 8 announcement the brag is that a minimal web service will be 8.5 megs
That’s Alpine
Google’s distroless base images are based on Debian and are smaller than Alpine images.
Debian isn’t really an option if you want paid support. You really only have Red Hat, SUSE, and Canonical. Of course, there are a lot of Ubuntu servers out there.