Containers are bloated. We built a runtime tool to remove bloat and CVEs
github.comWe are a bunch of academics who have worked on debloating tools for containers and we just released our code with an MIT license to Github: https://github.com/negativa-ai/BLAFS
A full description of the work is here: https://arxiv.org/abs/2305.04641
We have tested the tool on many containers. For the top 20 pulled docker containers, the savings are up to 95% with all the containers working. We have done the same tests with slim-toolkit and it was only able to debloat 8 out of 20. We are looking at making this more automated for users.
Now, we only support docker, but we are working on podman and lXCs. We are also working on a version that guarantees generality (i.e., we give you 100% guarantees that your container will always work) with zero requirements to profile.
Please do try it and let us know what you think! All feedback is welcome!
If only something this existed for Windows images...
While we have no clue if we will be able to do it, we have added this to our feature list. We will try, and likely fail :)
He, cool. It sounds like one of those things which is definitely possible but probably really tricky. :)