Container Hardening with Paketo and Wolfi - Ram Iyengar, Cloud Foundry Foundation
Container Hardening with Paketo and Wolfi - Ram Iyengar, Cloud Foundry Foundation
Wolfi is a Linux distribution, whose aim is to provide a secure base layer for container images. It is popularly marketed as an “undistro”, and is kept CVE-free. Cloud Native Buildpacks are a way to create containers from source code. A good example of Cloud Native Buildpacks, that are open-source and production-ready, are Paketo. In this talk, I will demonstrate how to use Wolfi as the base image to create Paketo Buildpacks. I will also demonstrate how the resulting container is smaller in size and more secure than using other methods (docker build, Jammy base image, etc).