Canonical launches Chiselled Ubuntu "stripped-down" container image: retain only necessary dependencies and claim to be "efficient"

2024-05-30


Shulou( Report--, November 27, Canonical recently released a container called Chiselled Ubuntu, a stripped-down version of the OCI image that retains only applications and necessary running dependencies, deliberately bypassing system-level packages, "utilities" and libraries. It claims to be able to "significantly improve the efficiency and safety of equipment operation".

It is reported that Canonical provides Chiselled Ubuntu container images for Java and Python, as well as working with Microsoft to launch Chiselled Ubuntu container images for .NET 6, .NET 7 and .NET 8 development. found that Canonical claimed that the Chiselled container image of .NET 8.0 contained only seven components, and only high-frequency projects such as OpenSSL would be added to the image file. However, the uncompressed aspnet Chiselled file is only about 110 MB, which is more than 100 MB less than the existing Ubuntu container image file. it is the smallest image with glibc and the least components released by Microsoft.

In addition, these image files are run as non-root users, and non-root users only have the read and execute permissions of the application, thus further improving the security of the container and being very suitable for cloud application deployment, reducing both capacity requirements and security risks.

