I’m a beginner and I’d like to start a container from one of the official PostgreSQL images, but there are a several “distributions” to choose from and I don’t know what criteria I should use to choose one.
First, I’m surprised that there are images based on both “minimalist” distributions (Linux Alpine, etc.) and full distributions (Debian Trixie, etc.): why should I choose one over the other? Actually, I find it strange that we have a choice between the two: if PostgreSQL can run from Alpine, why do they also offer images based on full distributions?
My intuition tells me they did this so we can build our own images from theirs. In other words, if I have an application and I want to run PostgreSQL alongside it in the same container, and my application needs features not available in Alpine, I could choose the image based on “bookworm” or “trixie”. In short, these images are there to make things easier for us. Is my intuition correct?
In my case, if everything I’ve just written is true, and since I don’t want to add anything to the PostgreSQL image, I should choose the “minimal” distribution, namely Alpine.
For people that want to build their own custom image based on a distribution that provides the dependencies they need, or just provides the distro they are experienced with. For instance, if you are in a company, which requires http proxies and requires CA certificate of your organization, you would add them to a custom image.
Usually the alpine image is just fine, and can be preferred. It contains very few packages → less potential surface for vulnerabilities. As long as the application works on alpine → go for it!
There are other alternatives like hardened or distroless images.
Troubleshooting minimal, distroless or hardend images can be a challenge though. Especially in the times before docker debug was released, it required deep knowledge before docker debug was available.
A container is meant to run a single main process(!). To stick with your example: you would NOT add an application to a custom postgresql image, but you could add sql scripts to initial the database on first start.
Rule of thumb: if processes can communicate over the network, they should be contained in their own image, and run as separated containers.
