1. 22
  1.  

  2. 9

    What do you think about the experimental distroless Python3 image by Google?

    1. 4

      Might want to take a look at this fun technique from RedHat for making your own distroless images (instead of relying on Google to do it, seeing as they haven’t updated Python 3 for years): http://crunchtools.com/devconf-2021-building-smaller-container-images/

      1. 1

        This is actually quite interesting, and I didn’t know “distroless” was even a thing. I prefer Debian for my base images, but Redhat certainly has the muscle to get some steam behind this idea, and at the end of the day the focus is more about the application and not necessarily the OS so should theoretically be agnostic anyhow.

        1. 1

          I don’t think this is particularly RedHat-specific, you could probably implement the same thing with Debian, you just need the ability to install packages into a specific root directory? Which dpkg at least does.

      2. 2

        I think that image still uses Python 3.7. Otherwise, it’s a good lightweight option.

        1. 1

          “Distroless” is an oxymoron. It might not be based on an existing well-known distribution but it’s still a distribution. You still rely on them to maintain the tooling that generates the image, receive security updates, and so forth.

        2. 4

          Ended up rewriting this quite a bit with a lot more information than the previous iteration, and to update it with latest releases and changes.

          1. 4

            Calling Debian 11 “most up-to-date” when it was released 2 weeks ago feels slightly dishonest. For most of the next 3-4 years, it will probably not be most up-to-date.

            It’s still a fine basis for many things, obviously.

            1. 4

              It will be the most up-to-date LTS distro until April 2022 (at which point I will update the article).

            2. 2

              You can use alpine and still get a decent performance result, but the point about compilations taking longer certain stands (even moreso if you are compiling python with different build flags).

              Further, I agree with the author that it is probably just not worth it if you are running python… and I say this as a person that runs alpine on servers because I enjoy the OS so much. As the author said, a debian slim base (slim-bullseye) is likely the best option for python right now.

              1. 2

                Unfortunately where I work the “best” image is the one cleared by security and comes from some internal registry

                1. 2

                  I do not often consider a willingness to not learn and improve portability to be a winning factor.

                  Alpine is probably a good choice.

                  Stories with similar links:

                  1. The best Docker base image for your Python application authored by itamarst 2 years ago | 9 points | 9 comments