Canonical’s ‘distroless’ Linux images are a game-changer for enterprises

Five penguins in a row behind each other, on a beach, walking towards the right side of the image.

Canonical has announced plans to offer customized Docker container Long Term Support (LTS) Linux images via its Everything LTS service. These custom “distroless” Linux images are set to come with 12 years of security support for Linux, and any included open-source application or dependency within the container.

With these new Open Container Initiative images, Canonical is embracing the “distroless” container paradigm, in which images contain just enough of the operating system and software to run a specific application. These hardened, minimal containers have a reduced attack surface, making them much more secure than conventional Linux VMs or containers. Distros that use this approach include Alpine Linux, Fedora CoreOS, and Wolfi.

Quite interesting as for example Microsoft takes the opposite route, with tons of bloatware and complexity included in their OS. This Canonical approach suggests better stability and ease of support, and probably also implies that older hardware can also be used (again, not a trait of Microsoft).

See https://www.zdnet.com/article/canonicals-distroless-linux-images-are-a-game-changer-for-enterprises/