Alpine Linux - DeveloPassion

# Alpine Linux Alpine Linux is a security-oriented, lightweight [[Linux]] distribution based on musl libc and [[BusyBox]]. Founded by Natanael Copa in 2006 as a fork of LEAF (Linux Embedded Appliance Firewall), it was designed for routers, firewalls, and embedded systems. Today, Alpine is best known as the go-to base image for [[Docker]] containers due to its minimal footprint—the base image is only ~5MB. Unlike mainstream distributions that use glibc and GNU coreutils, Alpine uses musl (a lightweight C library) and BusyBox (which provides hundreds of utilities in a single binary). This makes Alpine dramatically smaller than Debian or Ubuntu while remaining fully functional. The apk package manager is fast and simple, and the distribution maintains ~15,000 packages in its repositories. ## Key Characteristics | Feature | Description | |---------|-------------| | **Base Size** | ~5MB Docker image, ~130MB installed system | | **C Library** | musl libc (not glibc) | | **Core Utilities** | BusyBox | | **Package Manager** | apk (Alpine Package Keeper) | | **Init System** | OpenRC | | **Security** | Hardened kernel, PIE binaries, stack-smashing protection | | **Release Cycle** | ~6 months; 2 year support per release | ## Why Alpine for Containers ``` Image Size Comparison (approximate): ┌─────────────────────────────────────────────┐ │ Ubuntu ███████████████████████ ~77MB │ │ Debian ███████████████████ ~124MB │ │ Alpine ██ ~5MB │ └─────────────────────────────────────────────┘ ``` Benefits for Docker: - **Smaller images**: Faster pulls, less storage, smaller attack surface - **Faster builds**: Less to download and cache - **Security**: Minimal packages = fewer vulnerabilities - **Production-ready**: Stable and well-maintained ## Package Management (apk) ```bash # Update package index apk update # Install packages apk add nginx curl vim # Remove packages apk del nginx # Search packages apk search nginx # Upgrade all packages apk upgrade # Add package from edge repository apk add --repository=http://dl-cdn.alpinelinux.org/alpine/edge/testing package ``` ## Dockerfile Example ```dockerfile FROM alpine:3.19 # Install packages RUN apk add --no-cache \ nodejs \ npm WORKDIR /app COPY package*.json ./ RUN npm ci --only=production COPY . . EXPOSE 3000 CMD ["node", "server.js"] ``` Note: `--no-cache` avoids storing the package index in the image. ## Alpine vs Other Distros | Aspect | Alpine | Debian | Ubuntu | |--------|--------|--------|--------| | Base image | ~5MB | ~124MB | ~77MB | | C library | musl | glibc | glibc | | Utilities | BusyBox | GNU | GNU | | Package manager | apk | apt | apt | | Init system | OpenRC | systemd | systemd | | Package count | ~15,000 | ~60,000 | ~60,000 | ## musl Compatibility musl libc differences from glibc can cause issues: - Some software assumes glibc-specific behavior - DNS resolution behaves differently - Locale support is limited - Some precompiled binaries won't work Solutions: - Install `gcompat` for glibc compatibility layer - Use `alpine:edge` for newer packages - Compile from source with musl ## Common Use Cases - **Docker base images**: Most popular use case - **Embedded systems**: Routers, IoT devices - **Virtual machines**: Lightweight VMs - **Containers on Kubernetes**: Minimal pod images - **Raspberry Pi**: Lightweight ARM distribution ## Directory Structure Alpine follows a minimal Unix layout: - `/etc/apk` - Package manager configuration - `/etc/init.d` - OpenRC init scripts - `/var/cache/apk` - Package cache (often cleared) ## References - https://alpinelinux.org - https://wiki.alpinelinux.org - https://hub.docker.com/_/alpine - https://en.wikipedia.org/wiki/Alpine_Linux ## Related - [[Linux]] - [[Docker]] - [[BusyBox]] - [[musl]] - [[Containerization]] - [[Kubernetes]] - [[Debian]] - [[Ubuntu]]