🌟 How I Decreased Docker Image Size by Half with Distroless Images

reddit [#143] Created with Sketch.
Andrew Ghobrial
Andrew Ghobrial
1 min read

One of the key factors in building efficient, secure, and lightweight containers is minimizing image size.
Large images lead to slower deployments, wasted storage, and a bigger attack surface.

That’s where Distroless Images come in. πŸš€

What Are Distroless Images?

Distroless images contain only the essential runtime dependencies for your application.

  • ❌ No shell
  • ❌ No package manager
  • ❌ No OS components

Instead, they include just what your app needs to run β€” nothing more.
The result? Images that are smaller, faster, and safer.

Why Use Distroless?

Here are the key benefits I experienced when switching to distroless:

πŸ›‘ Enhanced Security

By removing unnecessary tools and libraries (like bash, apt, curl), the attack surface is drastically reduced.
This makes it harder for an attacker to exploit vulnerabilities inside your container.

πŸ“‰ Smaller Image Sizes

A typical Node.js image (node:18) can weigh in at hundreds of MBs.
Distroless trims this down significantly β€” in my case, I saw image sizes cut by about 50%.

This reduction translates to:

  • Faster builds
  • Faster deployments
  • Lower storage and bandwidth costs

⚑ Faster Startup Times

Smaller images also start up faster.
For systems where containers scale up and down frequently (e.g., serverless workloads, Kubernetes pods), this can have a big impact on responsiveness.

Example: Using Distroless in a Dockerfile

Switching is straightforward.
Here’s an example for a Node.js app:

# Use Google's distroless image for Node.js
FROM gcr.io/distroless/nodejs

WORKDIR /app
COPY . /app

CMD ["server.js"]

That’s it. You now have a leaner, safer container.

πŸ”§ Development vs Production

One trade-off with distroless is the lack of debugging tools (no shell, no package manager). To handle this, use a multi-stage build:

Stage 1: Development image (with debugging tools, shells, package managers)

Stage 2: Production distroless image (lightweight, stripped down)

This way, you keep developer convenience without bloating production images.

Pro Tip

If you want to dive deeper, Google maintains a repo of distroless examples and base images: πŸ‘‰ Distroless GitHub

Final Thoughts

Switching to distroless images was one of the simplest yet most impactful changes I made:

βœ… Reduced image size by ~50%

βœ… Improved container startup times

βœ… Strengthened security posture

If you’re building for scalability, efficiency, or security, distroless is a tool worth exploring.

πŸ’¬ Have you tried distroless images in your workflows? What impact did you see?