logo
allArticlesConferencesPresentations

Unravelling the Magical Act of DockerSlim Minifying Container Images

Conference:  ContainerCon 2022

2022-06-23

Authors:   Mritunjay Sharma

Summary

Docker Slim is a tool that makes Docker images smaller, faster, and more secure by analyzing and collecting information from a temporary container.
  • Docker Slim creates a temporary container to analyze and collect information from a fat image
  • It applies heuristics to optimize the image and create a security profile
  • The resulting slim image is much smaller and faster than the original image
  • Docker Slim is a developer-oriented tool that can be used on existing commercial software
  • Future plans for Docker Slim include introducing a Docker Compose feature and using traditional HTTP probes
The pre-recorded demo showed how Docker Slim reduced the size of a Node Docker image from 432 MB to 14 MB while still maintaining the same functionality

Abstract

Ever thought of attending a magical act in an Open Source Summit? Or for that matter doing an X-Ray of your containers or maybe giving them some magical portion to minify their image size? That’s exactly what magician Mritunjay is going to pull out in this act! Growing containers sizes can be a problem for both the size and security it demands. From minifying your Docker container image by up to 30x to make it securer too, this talk will entail how the magical portion of DockerSlim can simplify and optimize the developer experience with containers by making them better, smaller and securer without changing anything in the Docker container image. Through this talk, the audience will learn how DockerSlim optimizes containers by understanding the application and what it needs using various analysis techniques and how one can customize/edit containers and container metadata. Wondering what if you need some of those extra things to debug the containers? Hold your beers, this talk also entails the use of dedicated debugging side-car containers for that! So join this magical act to hook you to the journey of no longer worrying about manually creating Seccomp and AppArmor security profiles or for that matter being an expert in Linux syscalls to have securer and optimized containers!
Materials:
Tags:
Docker containers
Open Source Summit
Mritunjay
DockerSlim
SecComp

Post a comment

Related work

Panel Discussion: Say Hi to the New Couple in the Town – DockerSlim and Kyverno – Making Your Kubernetes Workloads More Secure!

Conference:  Cloud Native SecurityCon North America 2022
Authors: Mritunjay Sharma, Shuting Zhao, Ruhika Bulani
2022-10-25

Containers Security Layers and How Not to Break them

Conference:  ContainerCon 2022
Authors: Aviv Sasson
2022-06-22

Deploying Unikernels in Production with Kubernetes

Conference:  KubeCon + CloudNativeCon North America 2021
Authors: Alexander Jung
2021-10-14

From `docker push` to Bytes on Disk: Inside Distribution

Conference:  KubeCon + CloudNativeCon Europe 2022
Authors: Adam Wolfe Gordon, Wayne Warren
2022-05-19

Back to the Drawing Board: Building Containers with SBoMs

Conference:  KubeCon + CloudNativeCon North America 2021
Authors: Nisha Kumar
2021-10-13

Tutorial: Create and Deploy a Lightweight Microservice in WebAssembly - Tai Hung

Conference:  KubeCon + CloudNativeCon Europe 2023
Authors: Hung-Ying Tai, Vivian Hu
2023-04-21