TNS
SUBSCRIBE
Join our community of software engineering leaders and aspirational developers. Always stay in-the-know by getting the most important news and exclusive content delivered fresh to your inbox to learn more about at-scale software development.
REQUIRED
 
It seems that you've previously unsubscribed from our newsletter in the past. Click the button below to open the re-subscribe form in a new tab. When you're done, simply close that tab and continue with this form to complete your subscription.
Welcome and thank you for joining The New Stack community!
Please answer a few simple questions to help us deliver the news and resources you are interested in.
REQUIRED
REQUIRED
REQUIRED
REQUIRED
REQUIRED
Great to meet you!
Tell us a bit about your job so we can cover the topics you find most relevant.
REQUIRED
REQUIRED
REQUIRED
REQUIRED
REQUIRED
 
Welcome!

We’re so glad you’re here. You can expect all the best TNS content to arrive Monday through Friday to keep you on top of the news and at the top of your game.

What’s next?

Check your inbox for a confirmation email where you can adjust your preferences and even join additional groups.

Become a TNS follower on LinkedIn.

Check out the latest featured and trending stories while you wait for your first TNS newsletter.

PREV
of
NEXT
VOXPOP
As a JavaScript developer, what non-React tools do you use most often?
Angular
0%
Astro
0%
Svelte
0%
Vue.js
0%
Other
0%
I only use React
0%
I don't use JavaScript
0%
 
NEW! Try Stackie AI
Cloud Native Ecosystem Containers Databases Edge Computing Infrastructure as Code Linux Microservices Open Source Networking Storage
Building a Cloud-to-Edge Architecture Across 40K Global Locations
Nov 20th 2025 10:00am, by Vicki Walker
Knative Has Finally Graduated From the CNCF
Nov 12th 2025 3:00pm, by Steven J. Vaughan-Nichols
Migrating VMs to Kubernetes: A Roadmap for Cloud Native Enterprises
Nov 3rd 2025 5:07am, by Janakiram MSV
Can the 50-Year-Old Actor Model Rescue Agentic AI?
Oct 22nd 2025 7:47am, by Kimberley Mok
OpenSearch 3.3's New AI Agents Now Generally Available for Developers
Oct 16th 2025 12:00pm, by Steven J. Vaughan-Nichols
Hummingbird: Red Hat's Answer to Alpine, Ubuntu Chiseled, Wolfi
Nov 19th 2025 1:00pm, by Steven J. Vaughan-Nichols
How To Deploy an Open Source Version of NotebookLM
Nov 12th 2025 2:00pm, by Jack Wallen
Practitioners’ Guide to Chiseled Containers: Smaller, Faster, Safer
Nov 10th 2025 6:00am, by Pankaj Gupta
Monitor Docker Containers Across Servers With Beszel
Nov 7th 2025 2:00pm, by Jack Wallen
Apptainer for Docker Developers: A Comprehensive Guide
Nov 7th 2025 6:00am, by Janakiram MSV
Self-Service Analytics Failed. Can Agentic AI Finally Succeed?
Nov 25th 2025 5:05am, by Alasdair Brown
Defining the Ideal Database for the AI Era
Nov 24th 2025 9:00am, by Tony Kim
Percona Brings Transparent Data Encryption to Postgres
Nov 21st 2025 2:00pm, by Joab Jackson
Thoughts on the GigaOm Radar for Vector Databases v3
Nov 21st 2025 1:00pm, by Tim Young
Microsoft's Azure HorizonDB Takes on Aurora, AlloyDB
Nov 20th 2025 4:00pm, by Darryl K. Taft
Kubernetes at the Edge: Lessons From GE HealthCare’s Edge Strategy
Nov 24th 2025 10:00am, by Vicki Walker
Building a Cloud-to-Edge Architecture Across 40K Global Locations
Nov 20th 2025 10:00am, by Vicki Walker
The AI Inflection Point Isn't in the Cloud, It's at the Edge
Oct 26th 2025 8:00am, by Alex Williams
Right-Sizing AI for the Edge: Power, Models and Security
Oct 9th 2025 10:00am, by Chris J. Preimesberger
Why the Edge Isn't Just 'Cloud Computing, But Closer'
Sep 16th 2025 9:00am, by Charles Humble
KubeCon: A Terraform Killer Built on Apple's Pkl
Nov 12th 2025 5:15am, by Joab Jackson
Build Terraform Modules That Your Team Will Actually Reuse
Nov 7th 2025 10:00am, by Rak Siva
Pulumi's AI Agent Tackles Infrastructure Compliance Backlogs
Nov 5th 2025 6:00am, by Darryl K. Taft
Project infragraph: IBM's Real-Time Model for Infrastructure Assets
Sep 26th 2025 4:00am, by Joab Jackson
Chef Creator Unveils AI Platform To Fix Flaws With Infrastructure Automation
Aug 27th 2025 8:00am, by Heather Joslyn
Tuxedo OS: Ubuntu Base, KDE Plasma, Awesome Performance
Nov 23rd 2025 7:00am, by Jack Wallen
Angular v21 Adds Signal Forms, New MCP Server
Nov 22nd 2025 6:00am, by Loraine Lawson
Hummingbird: Red Hat's Answer to Alpine, Ubuntu Chiseled, Wolfi
Nov 19th 2025 1:00pm, by Steven J. Vaughan-Nichols
RHEL 10.1 Soft Reboot Slashes Downtime for Updates
Nov 18th 2025 12:00pm, by Steven J. Vaughan-Nichols
Portmaster, an Open Source Firewall for the Desktop
Nov 16th 2025 7:00am, by Jack Wallen
Deploy Agentic AI Workflows With Kubernetes and Terraform
Nov 26th 2025 9:00am, by Oladimeji Sowole
How Dapr and WebAssembly Team Up for Microservices
Oct 2nd 2025 6:00am, by B. Cameron Gain
Your CI/CD Pipeline Wasn't Built for Microservices
Aug 7th 2025 7:00am, by Arjun Iyer
Introduction to Microservices
Aug 5th 2025 5:00pm, by TNS Staff
FoundationDB: A Distributed Database That Can't Be Killed
Jul 25th 2025 7:00am, by Joab Jackson
SolidJS Creator on Fine-Grained Reactivity as Next Frontier
Nov 26th 2025 8:00am, by Loraine Lawson
Deepnote CEO: Why Notebooks Are the 'Perfect User Interface' for AI Agents
Nov 24th 2025 10:19am, by Michelle Gienow
Angular v21 Adds Signal Forms, New MCP Server
Nov 22nd 2025 6:00am, by Loraine Lawson
Percona Brings Transparent Data Encryption to Postgres
Nov 21st 2025 2:00pm, by Joab Jackson
A 3-Question Framework for Making Ethical Tech Decisions
Nov 19th 2025 10:30am, by Michelle Gienow
Tutorial: Implement a Nginx Gateway Fabric as an Alternative to Ingress
Nov 21st 2025 6:01am, by Janakiram MSV
CNCF Retires the Ingress Nginx Controller for Kubernetes
Nov 21st 2025 6:00am, by Joab Jackson
3-Hour Cloudflare Outage Knocks Out AI Chatbots, Shopify
Nov 20th 2025 7:00am, by Steven J. Vaughan-Nichols
Tailscale Welcomes Kubernetes Co-Founder Joe Beda as Advisor
Nov 10th 2025 5:00am, by Joab Jackson
Monitor Docker Containers Across Servers With Beszel
Nov 7th 2025 2:00pm, by Jack Wallen
Thoughts on the GigaOm Radar for Vector Databases v3
Nov 21st 2025 1:00pm, by Tim Young
Adam Jacob on Why Scaling Is ‘The Funnest Game’
Nov 20th 2025 11:00am, by Cynthia Dunlop
Data Locality vs. Independence: Which Should Your Database Prioritize?
Nov 17th 2025 12:00pm, by Franck Pachot
How AI Is Pushing Kubernetes Storage Beyond Its Limits
Nov 11th 2025 11:00am, by Ramya Prabhakar and Aarthi Mahesh
Why Inkless Kafka Is a Game-Changer for Running Kafka at Scale
Nov 4th 2025 2:00pm, by Vicki Walker
AI AI Engineering API Management Backend development Data Frontend Development Large Language Models Security Software Development WebAssembly
Cursor 2.0 IDE Is Now Supercharged With AI and I'm Impressed
Nov 26th 2025 1:00pm, by
Beyond Scripts: The Shift From Automation to Agentic AI
Nov 26th 2025 10:00am, by and
How Autonomous Agents Are Changing Infrastructure Management
Nov 25th 2025 12:00pm, by
Amazon CTO Werner Vogels' Predictions for 2026
Nov 25th 2025 8:30am, by
How Mozilla’s AI Strategy Disconnects From Its Browser Heritage
Nov 25th 2025 7:37am, by
KServe Joins CNCF To Standardize AI Model Serving on Kubernetes
Nov 26th 2025 12:00pm, by
When AI Starts Seeing and Hearing, IT Must Start Rethinking
Nov 21st 2025 10:00am, by
Why Load Tests Lie: Harsh Truth About AI Agent Performance
Nov 21st 2025 8:00am, by
Google’s Web AI Playbook: The Paved Road vs. the Open Field
Nov 20th 2025 2:00pm, by
5 Engineering Skills to Prioritize in the AI-Driven Era
Nov 20th 2025 5:00am, by
6 Pillars for a Best in Class API Strategy
Nov 19th 2025 6:00am, by
Conformant Kubernetes Update Availability Varies Significantly Across Services
Nov 6th 2025 1:00pm, by
MCP vs. API Gateways: They’re Not Interchangeable
Oct 20th 2025 8:00am, by
React Native Rolls Out Its Latest Version on New Architecture
Oct 18th 2025 7:00am, by
The Modern APIs Roundtable: How AI Creates New Challenges for API Security
Oct 15th 2025 11:00am, by
Vibe Coding: When AI Writes the Code, Who Secures It?
Sep 26th 2025 1:00pm, by
How MCP Uses Streamable HTTP for Real-Time AI Tool Interaction
Aug 18th 2025 10:34am, by
A Backend for Frontend: Watt for Node.js Simplifies Operations
Aug 14th 2025 6:00am, by
Human-on-the-Loop: The New AI Control Model That Actually Works
Aug 4th 2025 8:00am, by
IT Orchestration Is the Secret Behind Smooth, Scalable IT Operations
Aug 3rd 2025 10:00am, by
Self-Service Analytics Failed. Can Agentic AI Finally Succeed?
Nov 25th 2025 5:05am, by
Inside Uber's Multicloud AI Reality: The Gap Between Data and Compute
Nov 24th 2025 2:00pm, by
Deepnote CEO: Why Notebooks Are the 'Perfect User Interface' for AI Agents
Nov 24th 2025 10:19am, by
Microsoft's Azure HorizonDB Takes on Aurora, AlloyDB
Nov 20th 2025 4:00pm, by
A 3-Question Framework for Making Ethical Tech Decisions
Nov 19th 2025 10:30am, by
SolidJS Creator on Fine-Grained Reactivity as Next Frontier
Nov 26th 2025 8:00am, by
WebAssembly Still Expanding Frontend Uses 10 Years Later
Nov 22nd 2025 8:00am, by
Angular v21 Adds Signal Forms, New MCP Server
Nov 22nd 2025 6:00am, by
3-Hour Cloudflare Outage Knocks Out AI Chatbots, Shopify
Nov 20th 2025 7:00am, by
The React Component Pyramid Scheme: An Over-Engineering Crisis
Nov 20th 2025 5:05am, by
OpenAI Says Its New Codex-Max Model Is Better, Faster and Cheaper
Nov 19th 2025 10:01am, by
The Future of Secure Development: Faster and Safer Code
Nov 18th 2025 7:00am, by
How To Deploy an Open Source Version of NotebookLM
Nov 12th 2025 2:00pm, by
How RTEB Prevents 'Teaching to the Test' in AI Models
Nov 10th 2025 10:00am, by
Context Engineering: The Foundation for Reliable AI Agents
Oct 31st 2025 1:00pm, by
AWS WAF vs. Google Cloud Armor: A Multicloud Security Showdown
Nov 25th 2025 10:00am, by
Percona Brings Transparent Data Encryption to Postgres
Nov 21st 2025 2:00pm, by
GitHub and Microsoft Use AI To Fix Security Debt Crisis
Nov 20th 2025 6:00pm, by
Hummingbird: Red Hat's Answer to Alpine, Ubuntu Chiseled, Wolfi
Nov 19th 2025 1:00pm, by
The Future of Secure Development: Faster and Safer Code
Nov 18th 2025 7:00am, by
How To Perform Basic NLP in JavaScript With the Natural Library
Nov 24th 2025 7:09am, by
Hands-On With Antigravity: Google’s Newest AI Coding Experiment
Nov 22nd 2025 5:00am, by
GitHub and Microsoft Use AI To Fix Security Debt Crisis
Nov 20th 2025 6:00pm, by
The React Component Pyramid Scheme: An Over-Engineering Crisis
Nov 20th 2025 5:05am, by
6 Pillars for a Best in Class API Strategy
Nov 19th 2025 6:00am, by
WebAssembly Still Expanding Frontend Uses 10 Years Later
Nov 22nd 2025 8:00am, by
Google’s Web AI Playbook: The Paved Road vs. the Open Field
Nov 20th 2025 2:00pm, by
How To Build WebAssembly Components With the MoonBit Language
Nov 8th 2025 7:00am, by
Wasm 3.0: No Component Model and No 'Docker Moment'
Oct 6th 2025 3:00pm, by
How Dapr and WebAssembly Team Up for Microservices
Oct 2nd 2025 6:00am, by
AI Operations CI/CD Cloud Services DevOps Kubernetes Observability Operations Platform Engineering
3 AI Plays To Survive During Holiday Change Freezes
Nov 26th 2025 7:00am, by Debora Cambe
There’s No SKU for AI: A 3-Box Framework to Avoid AI Failures
Nov 19th 2025 8:00am, by Pete Johnson
How Azure Copilot’s New Agents Automate DevOps and SecOps
Nov 18th 2025 8:00am, by Mary Branscombe
The ROI of AI-Driven Security Automation: Metrics That Matter
Nov 17th 2025 11:00am, by Asaf Wiener
Your Top 2026 Priority? Prepare Your Data for AI
Nov 13th 2025 7:00am, by Jennifer Riggins
Deploy Agentic AI Workflows With Kubernetes and Terraform
Nov 26th 2025 9:00am, by Oladimeji Sowole
Tech Veterans’ New Approach To Eliminate ‘Configuration Hell’
Nov 26th 2025 6:00am, by Susan Hall
Will AI Replace Human Project Managers? Not So Fast
Nov 24th 2025 8:00am, by Igor Mishurov
What To Know Before Building Fluent Bit Plugins With Go
Nov 21st 2025 12:00pm, by Phil Wilkins
When AI Starts Seeing and Hearing, IT Must Start Rethinking
Nov 21st 2025 10:00am, by Derek Ashmore
AWS WAF vs. Google Cloud Armor: A Multicloud Security Showdown
Nov 25th 2025 10:00am, by Advait Patel
3-Hour Cloudflare Outage Knocks Out AI Chatbots, Shopify
Nov 20th 2025 7:00am, by Steven J. Vaughan-Nichols
How to Wrangle Cloud Bursting Costs
Nov 13th 2025 1:00pm, by Idan Yalovich
Google Debuts GKE Agent Sandbox, Inference Gateway at KubeCon
Nov 11th 2025 4:00am, by Joab Jackson
LLMs Broke the SRE Runbook. Now What?
Nov 5th 2025 10:00am, by Sylvain Kalache
Tech Veterans’ New Approach To Eliminate ‘Configuration Hell’
Nov 26th 2025 6:00am, by Susan Hall
Goodbye Dashboards: Agents Deliver Answers, Not Just Reports
Nov 23rd 2025 9:00am, by Ketan Karkhanis
Adam Jacob on Why Scaling Is ‘The Funnest Game’
Nov 20th 2025 11:00am, by Cynthia Dunlop
How Can We Solve Observability's Data Capture and Spending Problem?
Nov 20th 2025 9:00am, by B. Cameron Gain
Composable Platforms: Why You Need One
Nov 20th 2025 8:00am, by Massimiliano Bianchessi
KServe Joins CNCF To Standardize AI Model Serving on Kubernetes
Nov 26th 2025 12:00pm, by Joab Jackson
Kubernetes at the Edge: Lessons From GE HealthCare’s Edge Strategy
Nov 24th 2025 10:00am, by Vicki Walker
Tutorial: Implement a Nginx Gateway Fabric as an Alternative to Ingress
Nov 21st 2025 6:01am, by Janakiram MSV
CNCF Retires the Ingress Nginx Controller for Kubernetes
Nov 21st 2025 6:00am, by Joab Jackson
Building a Cloud-to-Edge Architecture Across 40K Global Locations
Nov 20th 2025 10:00am, by Vicki Walker
What To Know Before Building Fluent Bit Plugins With Go
Nov 21st 2025 12:00pm, by Phil Wilkins
Taking Your Observability Strategy to the Next Level
Nov 21st 2025 7:00am, by Hazel Weakly
How Can We Solve Observability's Data Capture and Spending Problem?
Nov 20th 2025 9:00am, by B. Cameron Gain
Data Telemetry Is the Lifeline of Modern Analytics and AI
Nov 18th 2025 10:00am, by Tapan Manaktala and Ashok Singamaneni
Unblock DevEx by Getting Observability Tools Out of The Way
Nov 17th 2025 3:00pm, by Vicki Walker
KServe Joins CNCF To Standardize AI Model Serving on Kubernetes
Nov 26th 2025 12:00pm, by Joab Jackson
Beyond Scripts: The Shift From Automation to Agentic AI
Nov 26th 2025 10:00am, by Ankush Dhar and Minav Suresh Patel
3 AI Plays To Survive During Holiday Change Freezes
Nov 26th 2025 7:00am, by Debora Cambe
Tech Veterans’ New Approach To Eliminate ‘Configuration Hell’
Nov 26th 2025 6:00am, by Susan Hall
How Autonomous Agents Are Changing Infrastructure Management
Nov 25th 2025 12:00pm, by Fahmid Kabir
Composable Platforms: Why You Need One
Nov 20th 2025 8:00am, by Massimiliano Bianchessi
Confidence: Spotify Gives Developers a Platform for Experiments
Nov 18th 2025 6:00am, by Jennifer Riggins
How IDPs Balance Productivity and Control in the AI Era
Nov 13th 2025 9:00am, by Dario Esposito
Your Top 2026 Priority? Prepare Your Data for AI
Nov 13th 2025 7:00am, by Jennifer Riggins
How To Build an AI-First Organization, One Engineer at a Time
Nov 13th 2025 6:00am, by Jennifer Riggins
C++ Developer tools Go Java JavaScript Programming Languages Python Rust TypeScript
AWS WAF vs. Google Cloud Armor: A Multicloud Security Showdown
Nov 25th 2025 10:00am, by Advait Patel
Goodbye Dashboards: Agents Deliver Answers, Not Just Reports
Nov 23rd 2025 9:00am, by Ketan Karkhanis
Rust vs. C++: a Modern Take on Performance and Safety
Oct 22nd 2025 2:00pm, by Zziwa Raymond Ian
Building a Real-Time System Monitor in Rust Terminal
Oct 15th 2025 7:05am, by Tinega Onchari
SQL vs. Python: Frenemies of the Data World
Oct 14th 2025 7:00am, by Ivan Novick
Cursor 2.0 IDE Is Now Supercharged With AI and I'm Impressed
Nov 26th 2025 1:00pm, by Jack Wallen
Deepnote CEO: Why Notebooks Are the 'Perfect User Interface' for AI Agents
Nov 24th 2025 10:19am, by Michelle Gienow
Hands-On With Antigravity: Google’s Newest AI Coding Experiment
Nov 22nd 2025 5:00am, by David Eastman
Microsoft's Azure HorizonDB Takes on Aurora, AlloyDB
Nov 20th 2025 4:00pm, by Darryl K. Taft
AWS' Kiro to Bring Automated Reasoning to Agentic Development
Nov 18th 2025 5:00pm, by Darryl K. Taft
Go Experts: 'I Don't Want to Maintain AI-Generated Code'
Sep 28th 2025 6:00am, by David Cassel
How To Run Kubernetes Commands in Go: Steps and Best Practices 
Jun 27th 2025 8:00am, by Sunny Yadav
Prepare Your Mac for Go Development
Apr 12th 2025 7:00am, by Damon M. Garn
Pagoda: A Web Development Starter Kit for Go Programmers
Mar 19th 2025 6:10am, by Loraine Lawson
Microsoft TypeScript Devs Explain Why They Chose Go Over Rust, C#
Mar 18th 2025 7:00am, by David Cassel
Why Bloomberg Chose Vendor-Neutral Java Over Big Tech
Oct 2nd 2025 5:00pm, by Darryl K. Taft
Microsoft AI Agents Automate Enterprise Java and .NET Migrations
Sep 26th 2025 4:00pm, by Darryl K. Taft
Java 25: Oracle Makes Java Easier To Learn, Ready for AI Development
Sep 18th 2025 4:00pm, by Darryl K. Taft
Vibe Coding Fails Enterprise Reality Check
Sep 10th 2025 4:00pm, by Darryl K. Taft
New Tool Ends Java Configuration Nightmare in K8s
Aug 21st 2025 3:00pm, by Darryl K. Taft
SolidJS Creator on Fine-Grained Reactivity as Next Frontier
Nov 26th 2025 8:00am, by Loraine Lawson
How To Perform Basic NLP in JavaScript With the Natural Library
Nov 24th 2025 7:09am, by Jessica Wachtel
WebAssembly Still Expanding Frontend Uses 10 Years Later
Nov 22nd 2025 8:00am, by Loraine Lawson
Angular v21 Adds Signal Forms, New MCP Server
Nov 22nd 2025 6:00am, by Loraine Lawson
The React Component Pyramid Scheme: An Over-Engineering Crisis
Nov 20th 2025 5:05am, by Alexander T. Williams
Build Your First HTTP Server in Python
Nov 4th 2025 3:00pm, by Jessica Wachtel
OpenTelemetry Adoption Update: Rust, Prometheus and Other Speed Bumps
Oct 26th 2025 11:00am, by B. Cameron Gain
Rust vs. C++: a Modern Take on Performance and Safety
Oct 22nd 2025 2:00pm, by Zziwa Raymond Ian
React Foundation Leader on What’s Next for the Framework
Oct 21st 2025 11:05am, by Loraine Lawson
SQL vs. Python: Frenemies of the Data World
Oct 14th 2025 7:00am, by Ivan Novick
From Physics to the Future: Brian Granger on Project Jupyter in the Age of AI
Nov 13th 2025 8:00am, by Michelle Gienow
PSF Gets a Donor Surge After Rejecting Anti-DEI Federal Grant
Nov 9th 2025 6:00am, by David Cassel
Build Your First HTTP Server in Python
Nov 4th 2025 3:00pm, by Jessica Wachtel
The Rise of JavaScript in Machine Learning
Oct 23rd 2025 9:03am, by Loraine Lawson
SQL vs. Python: Frenemies of the Data World
Oct 14th 2025 7:00am, by Ivan Novick
Debian Mandates Rust for APT, Reshaping Ubuntu and Other Linux Distros
Nov 11th 2025 12:00pm, by Steven J. Vaughan-Nichols
Moving From C++ to Rust? ClickHouse Has Some Advice
Nov 5th 2025 7:00am, by Joab Jackson
Why Sudo-rs Brings Modern Memory Safety to Ubuntu 26.04
Oct 28th 2025 7:30am, by Steven J. Vaughan-Nichols
OpenTelemetry Adoption Update: Rust, Prometheus and Other Speed Bumps
Oct 26th 2025 11:00am, by B. Cameron Gain
How TARmageddon Compromises Rust Security: A Developer's Guide
Oct 24th 2025 10:00am, by Steven J. Vaughan-Nichols
JavaScript Utility Library Lodash Changing Governance Model
Nov 1st 2025 7:00am, by Loraine Lawson
Microsoft TypeScript Devs Explain Why They Chose Go Over Rust, C#
Mar 18th 2025 7:00am, by David Cassel
Go Power: Microsoft's Bold Bet on Faster TypeScript Tools
Mar 12th 2025 1:00pm, by Darryl K. Taft and Loraine Lawson
Oracle Won’t Release ‘JavaScript’ Without a Fight
Jan 11th 2025 5:00am, by Loraine Lawson
The Year in JavaScript: Top JS News Stories of 2024
Dec 27th 2024 6:30am, by Loraine Lawson
Containers / Kubecon Cloudnativecon NA 2025 / Kubernetes

Practitioners’ Guide to Chiseled Containers: Smaller, Faster, Safer

By including only essential application components, chiseled containers produce smaller images, enhance security and improve performance.
Nov 10th, 2025 6:00am by
Featued image for: Practitioners’ Guide to Chiseled Containers: Smaller, Faster, Safer
Featured image by William Warby on Unsplash.

Containerization has transformed how teams build and deploy applications, but it’s also introduced new operational challenges. Traditional container images often include far more components than necessary — shell utilities, package managers and libraries that never get used by the running application. This bloat increases image sizes, slows deployment and broadens the attack surface.

To meet modern performance and security demands, the industry should consider shifting toward more minimal, deterministic images. This is where chiseled containers — images that include only what’s essential to run the application and nothing else — offer a new path forward.

What Are Chiseled Containers?

Chiseled containers are built by removing most nonessential components from a base image — no shell, no package manager, no runtime dependencies beyond what the application strictly requires. The concept was implemented in the Ubuntu ecosystem, where automation “chisels away” unnecessary layers while maintaining identical runtime behavior and stability. The same principle can be applied across other Linux distributions and frameworks.

For example, Canonical benchmarks show image size reductions of up to 90% for .NET applications and about 50% for Java workloads compared to standard Ubuntu base images. Smaller images mean faster deployment, fewer CVEs and easier compliance.

Bar chart comparing image sizes for chiseled vs. nonchiseled images

(Source: Broadcom)

Why Organizations Are Adopting Chiseled Containers

Reducing images to only the essential components improves:

  • Security and compliance: By removing shells, compilers and package tools, chiseled containers significantly reduce exposure to common CVEs. This approach trims up to 80% of a container’s attack surface compared to a traditional image, according to Ubuntu, dramatically reducing the risk of vulnerabilities. This simplifies patching workflows and helps teams maintain compliance based on their regulatory needs, such as Security Technical Implementation Guides (STIG) and Federal Information Processing Standards (FIPS).
  • Performance and efficiency: Smaller images translate directly into faster pulls, shorter startup times, and lower bandwidth and storage costs. These are especially critical for large-scale microservices or edge workloads.
  • Operational simplicity: Chiseled containers are deterministic and immutable by design. Without shells or package managers, runtime modification is impossible, which enables consistent builds across environments and eliminates classic “it works on my machine” issues.
  • Sustainability: Leaner images consume fewer compute and network resources, reducing both cost and environmental footprint.

These benefits translate directly into practical advantages across several key deployment scenarios.

Recommended Use Cases for Minimal Images

Following are some of the areas where chiseled containers are most useful.

  • Regulated workloads: Healthcare, finance and public sector workloads benefit from secure, predictable auditable runtime environments.
  • E-commerce and burst capacity: Chiseled containers enable e-commerce and other bursty applications to scale rapidly during traffic spikes, reducing cost and energy use through faster startup and lower overhead.
  • Edge and IoT deployments: Minimal images deploy quickly over limited connections and run efficiently on constrained devices.

How Chiseled Containers Integrate With VKS

As enterprises adopt minimal container images, consistency across their Kubernetes environments becomes essential. VMware vSphere Kubernetes Service (VKS), the CNCF-certified Kubernetes runtime built into VMware Cloud Foundation (VCF), enables platform engineers to deploy and manage both traditional and chiseled containers within a unified platform.

With integrated multicluster management, centralized policy enforcement and a consistent security model, VKS helps teams operationalize minimal, deterministic images while maintaining compliance across clouds and data centers.

Canonical’s chiseled Ubuntu containers, when deployed on VCF, illustrate how organizations can achieve both high performance and strong security within an enterprise Kubernetes footprint.

This demo highlights the advantages of using Canonical’s chiseled Ubuntu containers on VMware Cloud Foundation (VCF).

The Future of Secure Application Deployment

Chiseled containers aren’t just smaller. They represent a smarter, more secure foundation for modern applications. By removing nonessential components, they deliver measurable improvements in efficiency, reproducibility and compliance. As more organizations modernize their platforms, adopting minimal, deterministic images will become a standard best practice.

TRENDING STORIES
Created with Sketch.
Pankaj Gupta is Senior Director of Private Cloud Solutions at VMware by Broadcom, where he helps customers unlock the full value of their private cloud investments. Previously, he led go to market initiatives across networking, security, and cloud portfolios at...
Read more from Pankaj Gupta
SHARE THIS STORY
TRENDING STORIES
TRENDING STORIES
TNS DAILY NEWSLETTER Receive a free roundup of the most recent TNS articles in your inbox each day.