During my experiments will building my own Docker images I have become somewhat preoccupied with getting my images as small as possible. Naturally I’m using Alpine as a starting base image but I recently started wondering what could be shed from even this, almost heading toward a Unikernel approach. Not only would these be tiny — and therefore incredibly fast — but also far more secure due to a much reduced attack surface.
After I started doing some research, I happened across a blog post that outlines the process of stripping back a container to its smallest possible image.
My own tinkering continues.