![[The AI Show Episode 144]: ChatGPT’s New Memory, Shopify CEO’s Leaked “AI First” Memo, Google Cloud Next Releases, o3 and o4-mini Coming Soon & Llama 4’s Rocky Launch](https://www.marketingaiinstitute.com/hubfs/ep%20144%20cover.png)
![[DEALS] The All-in-One Microsoft Office Pro 2019 for Windows: Lifetime License + Windows 11 Pro Bundle (89% off) & Other Deals Up To 98% Off](https://www.javacodegeeks.com/wp-content/uploads/2012/12/jcg-logo.jpg){kind=logo}
![Is this too much for a modular monolith system? [closed]](https://i.sstatic.net/pYL1nsfg.png)
_Andreas_Prott_Alamy.jpg?width=1280&auto=webp&quality=80&disable=upscale#)
![What features do you get with Gemini Advanced? [April 2025]](https://i0.wp.com/9to5google.com/wp-content/uploads/sites/4/2024/02/gemini-advanced-cover.jpg?resize=1200%2C628&quality=82&strip=all&ssl=1)
![Apple Shares Official Trailer for 'Long Way Home' Starring Ewan McGregor and Charley Boorman [Video]](https://www.iclarified.com/images/news/97069/97069/97069-640.jpg)
![Apple Watch Series 10 Back On Sale for $299! [Lowest Price Ever]](https://www.iclarified.com/images/news/96657/96657/96657-640.jpg)
![EU Postpones Apple App Store Fines Amid Tariff Negotiations [Report]](https://www.iclarified.com/images/news/97068/97068/97068-640.jpg)
![Apple Slips to Fifth in China's Smartphone Market with 9% Decline [Report]](https://www.iclarified.com/images/news/97065/97065/97065-640.jpg)
UC Pocket Ubuntu OS: From 303MB to 80MB with Docker Optimization
Introduction As developers and DevOps engineers, we constantly seek ways to optimize our environments—reducing image sizes, improving security, and maintaining performance. In this article, I'll walk you through how I transformed a standard 303MB Ubuntu Docker image into a lean 80MB distroless-based container while retaining full functionality (SSH, Apache, and persistent storage). We'll cover: ✅ Multi-stage builds to eliminate unnecessary dependencies ✅ Distroless optimization for security and size reduction ✅ Persistent storage to retain data across container restarts ✅ DevSecOps benefits (smaller attack surface, faster CI/CD) ✅ How non-Linux users can replace VMs with this pocket Ubuntu The Problem: Bloated Ubuntu Images Initially, my Dockerfile used a standard Ubuntu base with SSH and Apache: Original Dockerfile (303MB) FROM ubuntu:latest # Set environment variables ENV TZ=Africa/Lagos ENV LANG=en_US.UTF-8 # Install packages RUN apt-get update && \ apt-get install -y \ tzdata \ locales \ openssh-server \ apache2 \ && rm -rf /var/lib/apt/lists/* # Configure timezone & locale RUN ln -snf /usr/share/zoneinfo/$TZ /etc/localtime && \ echo $TZ > /etc/timezone && \ locale-gen en_US.UTF-8 # Set up SSH RUN mkdir /var/run/sshd && \ echo 'root:password' | chpasswd && \ sed -i 's/#PermitRootLogin prohibit-password/PermitRootLogin yes/' /etc/ssh/sshd_config # Expose ports EXPOSE 22 80 # Persistent data volume RUN mkdir /data # Keep container running RUN echo '#!/bin/bash\n\ service ssh start\n\ service apache2 start\n\ tail -f /dev/null' > /entrypoint.sh && \ chmod +x /entrypoint.sh ENTRYPOINT ["/entrypoint.sh"] Issues with this approach: ❌ 303MB is too large for a minimal Ubuntu environment ❌ Unnecessary packages increase security risks ❌ No multi-stage optimization The Solution: Distroless + Multi-Stage Builds By using multi-stage builds and distroless base images, we reduce bloat while keeping essential functionality. Optimized Dockerfile (80MB) # Stage 1: Builder (Full Ubuntu) FROM ubuntu:22.04 AS builder # Install only essentials RUN apt-get update && \ apt-get install -y --no-install-recommends \ openssh-server \ apache2 \ && rm -rf /var/lib/apt/lists/* # Configure SSH RUN mkdir /var/run/sshd && \ echo 'root:password' | chpasswd && \ sed -i 's/#PermitRootLogin prohibit-password/PermitRootLogin yes/' /etc/ssh/sshd_config # Stage 2: Distroless Runtime FROM gcr.io/distroless/base-debian11 # Copy only necessary binaries COPY --from=builder /usr/sbin/sshd /usr/sbin/ COPY --from=builder /usr/sbin/apache2 /usr/sbin/ COPY --from=builder /bin/bash /bin/ # Copy essential libraries COPY --from=builder /lib/x86_64-linux-gnu/ /lib/x86_64-linux-gnu/ COPY --from=builder /lib64/ld-linux-x86-64.so.2 /lib64/ # Set up persistent storage RUN mkdir /data && chmod 777 /data VOLUME /data # Entrypoint script RUN echo '#!/bin/bash\n\ /usr/sbin/sshd -D &\n\ /usr/sbin/apache2 -DFOREGROUND &\n\ tail -f /dev/null' > /entrypoint.sh && \ chmod +x /entrypoint.sh EXPOSE 22 80 ENTRYPOINT ["/entrypoint.sh"] Key Optimizations ✔ Multi-stage build separates build and runtime dependencies ✔ Distroless base removes unnecessary packages (no shell, no bloat) ✔ Only essential binaries copied (SSH, Apache, Bash) ✔ Persistent /data volume for file storage How to Use UC Pocket Ubuntu 1. First, Run the Container in Detached Mode docker run -d \ -p 2222:22 -p 8080:80 \ -v ~/ubuntu-data:/data \ --name my-ubuntu \ ucheenyi/uc-pocket-ubuntu 2. Then, Execute Commands Inside the Running Container # Get an interactive bash shell docker exec -it my-ubuntu bash # Or run single commands docker exec my-ubuntu ls /data docker exec my-ubuntu apt-get update 3. Access Services SSH: ssh root@localhost -p 2222 (password: password) Apache: Open http://localhost:8080 4. Stop and Remove When Done docker stop my-ubuntu docker rm my-ubuntu # Your data persists in ~/ubuntu-data on host Why This Matters for DevSecOps & DevOps
Introduction
As developers and DevOps engineers, we constantly seek ways to optimize our environments—reducing image sizes, improving security, and maintaining performance. In this article, I'll walk you through how I transformed a standard 303MB Ubuntu Docker image into a lean 80MB distroless-based container while retaining full functionality (SSH, Apache, and persistent storage).
We'll cover:
✅ Multi-stage builds to eliminate unnecessary dependencies
✅ Distroless optimization for security and size reduction
✅ Persistent storage to retain data across container restarts
✅ DevSecOps benefits (smaller attack surface, faster CI/CD)
✅ How non-Linux users can replace VMs with this pocket Ubuntu
The Problem: Bloated Ubuntu Images
Initially, my Dockerfile used a standard Ubuntu base with SSH and Apache:
Original Dockerfile (303MB)
FROM ubuntu:latest
# Set environment variables
ENV TZ=Africa/Lagos
ENV LANG=en_US.UTF-8
# Install packages
RUN apt-get update && \
apt-get install -y \
tzdata \
locales \
openssh-server \
apache2 \
&& rm -rf /var/lib/apt/lists/*
# Configure timezone & locale
RUN ln -snf /usr/share/zoneinfo/$TZ /etc/localtime && \
echo $TZ > /etc/timezone && \
locale-gen en_US.UTF-8
# Set up SSH
RUN mkdir /var/run/sshd && \
echo 'root:password' | chpasswd && \
sed -i 's/#PermitRootLogin prohibit-password/PermitRootLogin yes/' /etc/ssh/sshd_config
# Expose ports
EXPOSE 22 80
# Persistent data volume
RUN mkdir /data
# Keep container running
RUN echo '#!/bin/bash\n\
service ssh start\n\
service apache2 start\n\
tail -f /dev/null' > /entrypoint.sh && \
chmod +x /entrypoint.sh
ENTRYPOINT ["/entrypoint.sh"]
Issues with this approach:
❌ 303MB is too large for a minimal Ubuntu environment
❌ Unnecessary packages increase security risks
❌ No multi-stage optimization
The Solution: Distroless + Multi-Stage Builds
By using multi-stage builds and distroless base images, we reduce bloat while keeping essential functionality.
Optimized Dockerfile (80MB)
# Stage 1: Builder (Full Ubuntu)
FROM ubuntu:22.04 AS builder
# Install only essentials
RUN apt-get update && \
apt-get install -y --no-install-recommends \
openssh-server \
apache2 \
&& rm -rf /var/lib/apt/lists/*
# Configure SSH
RUN mkdir /var/run/sshd && \
echo 'root:password' | chpasswd && \
sed -i 's/#PermitRootLogin prohibit-password/PermitRootLogin yes/' /etc/ssh/sshd_config
# Stage 2: Distroless Runtime
FROM gcr.io/distroless/base-debian11
# Copy only necessary binaries
COPY --from=builder /usr/sbin/sshd /usr/sbin/
COPY --from=builder /usr/sbin/apache2 /usr/sbin/
COPY --from=builder /bin/bash /bin/
# Copy essential libraries
COPY --from=builder /lib/x86_64-linux-gnu/ /lib/x86_64-linux-gnu/
COPY --from=builder /lib64/ld-linux-x86-64.so.2 /lib64/
# Set up persistent storage
RUN mkdir /data && chmod 777 /data
VOLUME /data
# Entrypoint script
RUN echo '#!/bin/bash\n\
/usr/sbin/sshd -D &\n\
/usr/sbin/apache2 -DFOREGROUND &\n\
tail -f /dev/null' > /entrypoint.sh && \
chmod +x /entrypoint.sh
EXPOSE 22 80
ENTRYPOINT ["/entrypoint.sh"]
Key Optimizations
✔ Multi-stage build separates build and runtime dependencies
✔ Distroless base removes unnecessary packages (no shell, no bloat)
✔ Only essential binaries copied (SSH, Apache, Bash)
✔ Persistent /data volume for file storage
How to Use UC Pocket Ubuntu
1. First, Run the Container in Detached Mode
docker run -d \
-p 2222:22 -p 8080:80 \
-v ~/ubuntu-data:/data \
--name my-ubuntu \
ucheenyi/uc-pocket-ubuntu
2. Then, Execute Commands Inside the Running Container
# Get an interactive bash shell
docker exec -it my-ubuntu bash
# Or run single commands
docker exec my-ubuntu ls /data
docker exec my-ubuntu apt-get update
3. Access Services
-
SSH:
ssh root@localhost -p 2222(password:password) -
Apache: Open
http://localhost:8080
4. Stop and Remove When Done
docker stop my-ubuntu
docker rm my-ubuntu
# Your data persists in ~/ubuntu-data on host
Why This Matters for DevSecOps & DevOps
![Cải Thiện Hiệu Suất Trong Next.js [2]](https://media2.dev.to/dynamic/image/width%3D1000,height%3D500,fit%3Dcover,gravity%3Dauto,format%3Dauto/https:%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2Fkmeg8db5iqm9rx54faev.png)
