{"id":19438968,"url":"https://github.com/sebt3/debian_micro_containers","last_synced_at":"2025-09-14T02:31:20.561Z","repository":{"id":160491449,"uuid":"137637510","full_name":"sebt3/debian_micro_containers","owner":"sebt3","description":"Build your own micro containers based on debian","archived":true,"fork":false,"pushed_at":"2019-01-28T14:08:20.000Z","size":89,"stargazers_count":1,"open_issues_count":0,"forks_count":0,"subscribers_count":3,"default_branch":"master","last_synced_at":"2025-02-25T07:18:00.744Z","etag":null,"topics":["bash","containers","debian","docker","kubernetes"],"latest_commit_sha":null,"homepage":null,"language":"Shell","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"bsd-3-clause","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/sebt3.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null}},"created_at":"2018-06-17T07:40:51.000Z","updated_at":"2024-09-11T08:01:17.000Z","dependencies_parsed_at":"2023-07-14T03:45:26.989Z","dependency_job_id":null,"html_url":"https://github.com/sebt3/debian_micro_containers","commit_stats":null,"previous_names":[],"tags_count":0,"template":false,"template_full_name":null,"purl":"pkg:github/sebt3/debian_micro_containers","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/sebt3%2Fdebian_micro_containers","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/sebt3%2Fdebian_micro_containers/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/sebt3%2Fdebian_micro_containers/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/sebt3%2Fdebian_micro_containers/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/sebt3","download_url":"https://codeload.github.com/sebt3/debian_micro_containers/tar.gz/refs/heads/master","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/sebt3%2Fdebian_micro_containers/sbom","scorecard":null,"host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":275052413,"owners_count":25397143,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","status":"online","status_checked_at":"2025-09-14T02:00:10.474Z","response_time":75,"last_error":null,"robots_txt_status":"success","robots_txt_updated_at":"2025-07-24T06:49:26.215Z","robots_txt_url":"https://github.com/robots.txt","online":true,"can_crawl_api":true,"host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["bash","containers","debian","docker","kubernetes"],"created_at":"2024-11-10T15:20:27.111Z","updated_at":"2025-09-14T02:31:20.533Z","avatar_url":"https://github.com/sebt3.png","language":"Shell","funding_links":[],"categories":[],"sub_categories":[],"readme":"# debian micro container\n## Overview\ndmc is a bash script that build micro container images based on debian.\nFeatures :\n- Multi-architectures support\n- Multi-templates designs, \"[built your owns](https://github.com/sebt3/debian_micro_containers/blob/master/templates/README.md \"Howto make your own\")\"\n- debian/ubuntu mirrors support\n- Build Micro containers by default\n- Able to build \"Small\" containers too\n- Able to build images from sources or from debian packages\n- Able to upload the images to a private docker repository\n- Kubernetes deployment support\n\n## Why\nUsing Dockerfile to build container images have many drawbacks.\n[Ref](https://blogs.oracle.com/developers/the-microcontainer-manifesto \"The microcontainer manifesto\")\"\n\n### Use single layer images\nPer nature, a docker image is a multi-layered overlayfs image. Each \"RUN\" command in a dockerfile create a new layer. Each layer add to the size of the final image. That's the reason why a \"RUN apt-get clean\" line do NOT reduce the size of the image.\nBut the larger an image is, the longer docker will take to fetch an image. So the idea is to keep to number of layers in your image as low as possible. \nThis script generate single layer images.\n\n### Dont use images from docker hub\nMost images from the docker hub are multi-layered, and many images come from untrustable sources. \nEach fecth from your (private) infrastructure can be logged by Docker offering this company many insight on your infrastructure.\nCurrently docker hub offer a central point to compromise every single private cloud infrastructure. If hackers manage to hack that and compromise the images stored there, your infrastructure will be compromised too.\nFinally, hosting your own private docker repository allow you to not use any internet bandwith and thus speed up the docker fetches.\n\n### Why basing on debian\nFor image size reason, lately the usage have been to base the image on alpine. This trend have been largely suggested by Docker to reduce the stress on the docker hub.\nAlpine, have it's roots as a distribution targetting single floppy linux installation. To reach that goal many compromise have been made, one of these have been to use musl-libc which have lower compatibility.\nBeside, unlike debian, the alpine projet dont have the work force to maintain up-to-date and patched package for everything.\nDebian have a dedicated \"security\" team which make sure there's no breach in the debian packages.\n\n### Why micro containers\nUsing debootstrap, we can create rather small image (~60M), but these images containt many tools (systemd, netutils...) that wont be used. Beside adding cluter to the image size, theses tools may offer some attack vector to some hackers. The less an image contain, the less attack surface it offer.\nSo just like the chroots we were building years ago, the idea is to only include the needed binaries, libraries and datafiles in the images. Nothing more.\nThe images this script create doesnt even include 'ls' or 'ps'. These tools can be included (using the -T flag) in an image for image debuging purpose. But that should'nt be used for productions image.\n\n### Reproductible builds\n\n\n## Help \n```\ndmc: Debian Micro Container images creator\ndmc [-A|--archs ARCHS] [-D|--dist DIST] [-M|--mirror MIRROR] [-H|--host DOCKERHOST] [-T|--tools] [-X|--delete] [-t|--templates TMPTS] [-g|--groups GROUP] [-a|--activity ACT] [-l|--list] [-b|--begin MIN] [-e|--end MAX] [-o|--only ONLY] [-h|--help]\n./dmc [ACT]\n-A|--archs ARCHS         : Architectures to build for   (DEFAULT: amd64,arm64)\n-D|--dist DIST           : Debian disribution           (DEFAULT: buster)\n-M|--mirror MIRROR       : Debian mirror                (DEFAULT: http://ftp.fr.debian.org/debian)\n-H|--host DOCKERHOST     : Docker hostname              (DEFAULT: )\n-T|--tools               : Add some debuging tools to the image (not for production)\n-X|--delete              : Remove from kubernetes\n-t|--templates TMPTS     : A coma-separated list of templates\n-g|--groups GROUP        : A coma-separated list of template groups\n-a|--activity ACT        : Select the activity to run\n-l|--list                : List all available tasks\n-b|--begin MIN           : Begin at that task\n-e|--end MAX             : End at that task\n-o|--only ONLY           : Only run this step\n-h|--help                : Show this help text\n\nAvailable values for TMPTS (A coma-separated list of templates):\nadminer                  : adminer\nmariadb                  : mariadb\nnginx                    : nginx\nphp                      : php\n\nAvailable values for GROUP (A coma-separated list of template groups):\napp                      : app\nbase                     : base\ncore                     : core\n\nAvailable values for ACT (Select the activity to run):\nupdate                   : Update the rootfs\nsetup                    : Setup the builds environnements\ncreate                   : Create the container\nload                     : Load a container\n```\n\n## Usage instruction\nBeside evrything is done by root...\n\n### initial setup\nEdit the conf/dmc.conf file to your linking, then :\n```\n    dmc -a setup\n```\nto install all the requiered packages and bootstrap the rootfs.\n\n### On using dmc\nTo build the mariadb container use :\n```\n    dmc -t mariadb \n```\nYou can see what is going to be done using the \"-l\" flag : \n```\n    dmc -t mariadb -l\n```\n\n## Keeping your images up-to-date\nBellow would be a good batch script to keep your images up to date :\n```\n    export LOG_level=ALL OUT_level=NONE LOG_dir=/some/path/to/write/logs\n    dmc -a update\n    dmc -g core,base,app\n```\n\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fsebt3%2Fdebian_micro_containers","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fsebt3%2Fdebian_micro_containers","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fsebt3%2Fdebian_micro_containers/lists"}