Building minimal, up-to-date cloud images with Wolfi

At KubeCon NA ‘23, I gave a presentation on Wolfi which is now available on YouTube. The session provides an introduction to Wolfi, an innovative open source project aimed at reimagining the way you can approach Linux distributions for the cloud with secure, up-to-date container images.

Key takeaways from the presentation:

• If you are looking to reduce the likelihood of Common Vulnerabilities and Exposures (CVEs) in your images, Wolfi fosters the creation of custom images with minimal attack surfaces that significantly reduces these threats. This is possible because Wolfi prioritizes three main goals: a security-first architecture, proactive updates, and minimalism.

• Wolfi’s architecture is built on unique tooling that solves software supply chain security problems from outside in, including melange, apko, apk, and more. These technologies employed in Wolfi help keep software continually up-to-date for users, allowing for faster updates of upstream releases, daily patching, and detailed security advisories. Learn more about these purpose-built tools on Chainguard Academy.

• Real-world use cases for Wolfi can extend far beyond just secure container images. You can use existing Wolfi packages to help build your own creations or add your project to Wolfi for the rest of the community to benefit.

‍

If you’re a developer spending too much time triaging, mitigating, and patching CVEs, a cloud architect seeking to optimize resource usage and security, or a DevOps engineer in search of innovative tools that are at the forefront of the industry, check out wolfi.dev or visit the Hello Wolfi workshop on Chainguard Academy.

‍

Get involved!

• Monthly community call — 1st Wednesday of every month at 12pm ET! Add the invite from Wolfi’s public calendar to your schedule!

• Questions to discuss? Submit them to our GitHub Community discussions forum.

• Get started with Wolfi using the Chainguard Academy “Hello Wolfi” kit.

• Find us on social media: Mastodon & X