Container of the Week: Python & Flask

← Slim Blog

From the SlimDevOps Twitch stream: Martin and Pieter walked through the first of our weekly container slimming examples: This one is a basic containerized Python Flask APIusing the official Python3:latest container as a base image.

We first build a very simple app that merely returns a static success message. We then run through a simple testing protocol (i.e., we hit it with a web browser) to ensure it is operating correctly, and then begin the containerization process.

We use the Slim Developer Platform's web portal to look inside the base image, then get to work Dockerizing our basic app. We take a quick look at layer construction, get the container running, and re-do our simple tests to ensure it's operating as expected.

We then Slim the image using the basic DockerSlim build command. As you'll see, the slim container works exactly as the original, but is 95% lighter. As the coup de grace, we scan the image using the Snyk.io scan tool in Docker. The original image is downright scary, with 323 known security vulnerabilities, 27 of them listed as critical! The Slim image has none whatsoever.

Watch and let us know what you think over in the Slim.AI Community.

--

Have a good idea for a Container of the Week example? Let us know on Twitter or Discord.

Make security collaboration easier today

Join the waitlist to try out Slim's shared workspace for communicating and coordinating vulnerability fixes with your software vendors.
Responsive HubSpot Form

Join our Beta

Take the complexity and frustration out of coordinating vulnerability fixes with your vendors.

  • Communicate directly in the platform to assign owners, due dates and negotiate fixes
  • Get a view into the status of each vulnerability
  • Receive notifications the moment vulnerabilities are fixed

Additionally, our Beta users get access to:

  • Multiple vulnerability scanners
  • SBOM generation
  • Reachability analysis
  • Enhanced container intelligence software
  • Dedicated Support

Join our Beta

Take the frustration out of vulnerability fixes with software vendors directly on our platform.

  • Assign owners, set due dates, track vulnerability statuses, and get instant fix notifications.
  • Beta users gain access to multiple scanners, SBOM generation, reachability analysis, enhanced container intelligence, and dedicated support.