Base Systems for Docker Containers - Security Analysis

Abstract

Docker based containerization is currently one of the most popular methods of delivering and creating of a software. It allow multiple teams to standarize their work, but also to reduce disadvantages of virtual machines that can impact performance and usability. This work concerns security of base systems, focusing on distroless. Base container images are one of the critical parts of a cloud environment. The results of analysis presented here allow for independent and objective comparison of advantages and disadvantages of various containers' base systems which are widely used in orchestration platforms such as Kubernetes and OpenShift.