Distroless container images are container images that have just your application and its runtime dependencies.
Stuff you wanna know:
- Kubernetes supports distroless images since v1.15.
- Distroless images enable you to deploy minimal container images that reduce attack surface and exposure to bugs and vulnerabilities.
- Distroless images do not include a shell or any debugging utilities.
More stuff:
- Google container tools – Distroless (GitHub) — https://github.com/GoogleContainerTools/distroless
- Uses for ephemeral containers using distroless images — https://kubernetes.io/docs/concepts/workloads/pods/ephemeral-containers/#uses-for-ephemeral-containers