Image using alpine

[hoegertn]

Do you plan on building an Alpine based docker image? This is much smaller and perfect for microservices running on ECS.

[Mart-Bogdan]

Indeed

amazon-corretto-8:latest   e1aebeee4fdd        5 minutes ago       674MB
openjdk:8-alpine           97bc1352afde        2 weeks ago         103MB

[Mart-Bogdan]

but there should be problems with Alpine, as it uses MUSLibc instead of glibc, it requires separate build.

[EricEdens]

First of all, thanks for the feedback!

To tease this apart, is the request specifically to offer an Alpine-based variant? Or is it a more general request to have a minimal image that is as small and optimized as possible?

[hoegertn]

It is a general request to have a minimal image. The 103M of alpine are quite a benchmark ;-)

[nbihan-mediware]

According to https://aws.amazon.com/corretto/faqs/ Corretto is only supported on Amazon Linux 2 distro? Is it a technical limitation or a licensing limitation?

[bernd-aws]

We have focused on delivering the distribution for Amazon Linux 2 first. Support for other distributions will be available when ready.

[EricEdens]

@hoegertn : Follow-up question: In a minimal runtime image, would you want the developer tools such as javac and javadoc, or just the runtime components? What type of applications would you be running?

[hoegertn]

I would not want the dev tools to be inside the container. For sizing reasons and for security reasons.

I would run applications like https://github.com/taimos/dvalin-examples/tree/master/jaxrs-hello-world or Spring Boot Apps inside it on ECS.

[Mart-Bogdan]

@EricEdens It would be nice to have separate images for JDK and JRE, I guess. One for build and second for run. Perhaps with some debugging tools, like one for taking memory dump.

[hoegertn]

anything new on this topic?

[cer]

Slim images are very useful in a microservice architecture. I'd like to use Corretto but the image size is an obstacle:

REPOSITORY          TAG                 IMAGE ID            CREATED              SIZE
amazon-corretto-8   latest              94608800ca72        About a minute ago   511MB
openjdk             8u191-jre-alpine    7e72a7dcf7dc        8 days ago          83.1MB

It would be great if you could provide a "slim" Corretto image sooner rather than later.

[cer]

BYTW One useful feature would for the slim imagine to include a command equivalent to curl that could be used for a Docker HEALTH check https://docs.docker.com/engine/reference/builder/#healthcheck, e.g. for a Spring Boot application there is a health check endpoint /actuator/health

HEALTHCHECK --interval=5m --timeout=3s \
  CMD curl -f http://localhost/actuator/health || exit 1

[nbihan-mediware]

A slim image should not have curl. Power to the users to add curl or any other tools when building images based on the slim image.

[Mart-Bogdan]

Perhaps this https://github.com/frol/docker-alpine-glibc could be used as base image. It's based on Alpine, but has glibc, which, I belie coretto is built upon, and testing it against muslibc would be quite tiresome.

P.S. Funny, 32 likes. Have anybody built own image? I would have tried, but I'm not actually in need of one for now.

[dannygu]

+1 for all of the above, I'd also like to use Corretto but the image size is an obstacle, we currently use slim Alpine based images.

[smoell]

+1 currently, I use debian:9-slim as base image, but it would be great to have an alpine-based Docker image for Corretto 11 (also to use jlink).

[jeffersonbezerra]

+1

[alfoltran]

+1 for jre-slim image

[wlsc]

I would like to see slim (or/and alpine) versions of Docker images as well. I hope, there will be a positive decision on this matter as it consumes less bandwidth and allows faster deployments.

[yamadamn]

Hi, If you don't stick to Corretto, you can use other distributions like Azul Zulu or BellSoft Liberica JDK. https://www.azul.com/downloads/zulu/zulu-download-alpine/ https://hub.docker.com/r/azul/zulu-openjdk-alpine https://hub.docker.com/u/bellsoft

[chrisburrell]

If you're attempting to do any docker image scanning, then alpine doesn't seem as good these days: https://kubedex.com/follow-up-container-scanning-comparison/

[EricEdens]

Quick survey: When using Alpine, what extra packages are you installing from the package manager for your application?

[wlsc]

@chrisburrell don't you think, that this ain't Alpine problem, but rather a problem of particular security scan software?

[amccague]

@EricEdens procps net-tools (same in corretto tbh!)

[arun-gupta]

Customer feedback: https://twitter.com/javapapo/status/1122172208766431233

[melaniecebula]

Is there any plan on Amazon's roadmap to build corretto on alpine? Would like a rough idea of whether this is going to be prioritized soon or not, as it will help us decide whether to run on corretto or not.

[clrxbl]

https://github.com/clrxbl/alpine-corretto/ I've created a simple Alpine Linux docker image with Corretto 8. Feel free to use / modify / fork.

[chirangaalwis]

@melaniecebula +1

Is it possible to know Amazon's road map with regards to providing support for Corretto on Alpine?

[skomarica]

For those considering Corretto 11 and newer versions, I'm sharing my thoughts and experiences about the topic; maybe it will help somebody to make the wait-or-do-not-wait decision.

Two things:

• there is no official stable OpenJDK 11 build for Alpine yet due to the mentioned libc vs glibc reasons
• even there is an Alpine distribution, it's likely that the java 11 image would be larger than what people expect based on 8-jre-alpine experiences (there are some details in the links I shared)

For us in the team, the choice was the existing amazonlinux-based image vs building our own. I have no doubts that the Amazon Linux is great, but we simply have more experience with Debian-based systems and wanted to control all the installed components. So we took the official Debian stretch slim image and Debian Corretto 11 distribution.

The image is around 400 MB, but I don't really see any significant impact on build/deployment times. We run Spring Boot microservices and use it for all the Java build and deployment environments.

Sharing a pretty minimal Dockerfile

FROM debian:stretch-slim

RUN apt-get update \
    && apt-get install -y curl java-common locales procps

RUN curl 'https://d3pxv6yz143wms.cloudfront.net/11.0.3.7.1/java-11-amazon-corretto-jdk_11.0.3.7-1_amd64.deb' -o java-11-amazon-corretto-jdk.deb -s \
    && mkdir /usr/share/man/man1 \
    && dpkg --install java-11-amazon-corretto-jdk.deb \
    && rm java-11-amazon-corretto-jdk.deb

RUN sed -i -e 's/# en_US.UTF-8 UTF-8/en_US.UTF-8 UTF-8/' /etc/locale.gen \
    && locale-gen

ENV LANG="en_US.UTF-8" \
    LANGUAGE="en_US:en" \
    LC_ALL="en_US.UTF-8"

[lordbuddha]

You can get Alpine with OpenJDK built natively (for Alpine) using MUSL C. These images do not need nor contain GLIBC.

https://hub.docker.com/r/azul/zulu-openjdk-alpine/

It would be cool if Amazon Corretto did the same.

[gschnaubelt]

A corretto equivalent of distroless images would be great

[sureshmahajan]

Hi, Is there any updates on Corretto with Alpine image? Our decision to use Corretto depends upon this as alpine images are really slim

[davecurrie]

@sureshmahajan We are working on this now and expect to share news shortly. Please stay tuned!

[sureshmahajan]

Thanks @davecurrie , Any ETA for this? At least high level idea, when it will be available?

[ziyiluo]

Hi all,

Corretto Alpine docker support is now in preview! 😊 You can find more details on our announcement page.

If you cannot wait to try them out, find out all available image tags on the Docker hub page: https://hub.docker.com/r/amazoncorretto/alpine-preview/tags

[vijayyadav06]

Thanks @davecurrie and team on completing this!