search

traefik / mesh

Traefik Mesh - Simpler Service Mesh
https://traefik.io/traefik-mesh
Apache License 2.0
2.02k stars 142 forks source link

Reduce Docker image size and improve security #844

Open reneleonhardt opened 10 months ago

reneleonhardt commented 10 months ago

Welcome!

Proposal

I was able to reduce the Docker image size by 77% (8.6 MB instead of 38.8 MB in v1.4.8) by compressing the static binary and switching from alpine to scratch, only a few lines had to be changed. Of course the security attack surface shrank massively too, no other binaries or libs with new CVEs every week.

Background

The Docker images are not being rebuilt regularly to address CVEs, so reducing the attack surface improves security by a long shot. Smaller images start faster and make development easier when running integration tests again and again.

Workarounds

I have to rebuild mesh if I want to improve security, the project should do it so all users can enjoy these official improvements.

shkarface commented 5 months ago

Is this repo active at all?