This is the first post in an ongoing series looking at container images. Each week I’m going to analyze a particular image and see how it ticks. The one I’m going to look at first is the library/alpine container.
The Alpine Linux container advertises itself as “a minimal Docker image based on Alpine Linux with a complete package index and only 5MB in size!” and it certainly lives up to this. Alpine was recently chosen to be the base for all official Docker images.
Let’s download the container image and see what’s inside:
$ docker pull alpine $ docker run --name cotw-alpine alpine /bin/true $ docker export cotw-alpine > cotw-alpine.tar $ docker rm cotw-alpine
The above set of commands pulls the latest version of the Alpine image, creates and runs a container named “cotw-alpine” then exports the filesystem to a tarball. Since we like being nice and tidy we clean up the exited container afterwards.
We can take a quick peek at what’s inside:
$ tar tfv cotw-alpine.tar
The contents of the image can be put into a few different buckets:
- busybox (904KB), a replacement for a lot of user space tools. Busybox is often used in embedded Linux distributions but has also found a home in many container images.
- apk (248KB), configuration files and data for the Alpine Package Manager.
- musl-libc (772KB), a lightweight C library and some user space utilities.
- SSL and compression libraries (2,148KB). Compression and SSL cryptography are essential parts of the web and Alpine uses the LibreSSL TSL/crypto stack.
- Miscellaneous other stuff (432KB), consisting of the various odds and ends to make a Linux distribution work.
Wow. That’s actually pretty amazing that you can have a functional container user space in such a small image. Minimal installed versions of Linux distributions such as Ubuntu, CentOS or OpenSuSE can run into the hundreds of megabytes.
Full-service Linux distributions do give you something for this extra space though. There are dozens of behind-the-scenes things that make a Linux distribution tick. In particular:
- Timezone support. Full-service Linux distros can cope with different timezones and in particular daylight savings time changes.
- Non-US English translations. If you are interested in non-English translations of error messages then Alpine Linux probably isn’t for you.
- Optimized and POSIX-compliant C library. GNU libc, for all its warts, is a project that has almost 30 years of development behind it. The amount of effort that has gone in to optimisation, backwards-compatibility and POSIX compliance is staggering and your application my inadvertently rely on some odd behaviour of GNU libc compared to musl libc.
Alpine Linux makes an excellent base container image if you are concerned about size and don’t require a whole lot of the services and features associated with a “brand name” Linux distribution. It’s definitely worth considering using Alpine Linux as a base container for your next Docker image.