See for yourself: the benefits of chiselled Ubuntu images in action with an ASP.NET shop demo

This article is more than 1 year old.


Looking for a way to improve the performance and reliability of your online shopping and payment systems during the holiday season? Look no further than chiselled Ubuntu images! In this blog series, I’ve already discussed the benefits of using these lightweight and efficient images for your containerised applications. In this second part, I’ll show you how to put these benefits into action with a festive ASP.NET shopping application. Get ready to deck the halls (and your containers) with chiselled Ubuntu.

A festive shopping experience

Ready to start your holiday shopping? First, I’ll introduce the online shopping demo application, built using ASP.NET and chiselled Ubuntu containers. Then, I’ll also give you a tour of the environment used to perform the tests and comparisons.

Screenshot of the running eShop ASP.NET 6 demo application as seen from the browser

For our demo application, I used the sample eShop ASP.NET Core 6.0 reference application created by the Microsoft team. The app is split into three components: an API server, a Web server, and a SQL server database.

I created two forks of this demo app, one using traditional Ubuntu containers and the other using our brand new chiselled Ubuntu containers for ASP.NET 6. I then compared the attributes and performance of the two versions using a cloned virtualised environment with limited resources.

Setting up my first testing lab to gather some base for comparison using classic Ubuntu

My lab is a 4GB RAM, 20GB disk Multipass virtual machine with 2 vCPUs running Ubuntu 22.04. I used the same clean environment for both versions of our demo application to ensure a fair comparison. By using a cloned virtualised environment with limited resources, I was able to accurately compare the attributes and performance of the two versions without introducing bias. I also made sure to maintain (as much as I could) consistent operating conditions during the tests.

Let’s now unwrap the benefits of chiselled Ubuntu, demonstrating how they’ll make your holiday shopping experience faster, more secure, and more scalable.

Smaller size, bigger savings with chiselled Ubuntu

With no doubt, the top benefit using chiselled Ubuntu container images is their smaller size. And it’s probably the easiest one to illustrate! We will compare the size of container images used to deploy our online eShop demo, both using chiselled Ubuntu images and the usual Ubuntu base image.

The sizes, in megabytes, for the two main components’ uncompressed image are displayed in the table below:

Base image type“API” image size“Web” image size
Ubuntu 22.04 LTS284MB317MB
Chiselled Ubuntu 22.04181MB (-36%)250MB (-21%)

As you can see on the table above, chiselled Ubuntu-based images are up to 100MB smaller than traditional Ubuntu-based, saving on disk space and bandwidth when downloading and running the image. For applications that are deployed at scale and much more so in distributed and edge computing environments, this can result in significant storage and deployment cost savings.

Showing the Docker images sizes on my testing lab environments, chiselled is 100MB smaller!

While I hoped for even greater savings, the Web component of our demo application uses SqlClient from ASP.NET, which requires the Globalisation feature and its accompanying ICU globalisation package. As a result, I had to use a chiselled Ubuntu base that included the ICU packages, which is 40% larger than the chiselled Ubuntu for ASP.NET images available on MCR. However, I did notice faster build times thanks to the network bandwidth savings when pulling the smaller chiselled base images.

Stay safe and secure with chiselled Ubuntu

Chiselled Ubuntu images are created using high-quality components from the Ubuntu operating system and are updated in accordance with the same release cycle and with the same support guarantees. Ubuntu has a strong track record of receiving fixes for critical vulnerabilities in less than 24 hours. Furthermore, the smaller size of chiselled Ubuntu OCI images means that there are fewer opportunities for attackers to exploit (reduced attack surface).

In addition, chiselled Ubuntu images do not include any additional libraries, tools, or components that are typically found in Linux distributions. This means that there’s no package manager, shell, or other utilities for potential hackers to use. Finally, the prebuilt chiselled Ubuntu images for .NET and ASP.NET do not include the “root” user, suppressing privilege escalation for potential attackers.

Check out Rich Lander (@runfaster2000) and I’s joint talk at the 2022 .NET developers conference for a proof of concept of the improved security benefits of chiselled Ubuntu:

Using .NET with Chiseled Ubuntu Containers | .NET Conf 2022

Run faster with chiselled Ubuntu

Chiselled Ubuntu images can boost performance for cloud and containerised apps in addition to being smaller and more secure.

The startup times and resource usage for each container type are displayed in the table below:

Base image typeStartup timeCPU usageMemory usageCPU (stressed Web server)Memory (stressed Web server)
Ubuntu4.608s~0.1%76-81MB115%218MB
Chiselled Ubuntu3.721s~0.0%67-79MB118%172MB

To measure the startup time, I timed the duration of the command docker-compose up -d, with all images cached locally. This isn’t a perfect measure, it only considers the time for the container to create and bootstrap. But as you can see, it’s already a good indicator showing that chiselled images are faster to start up (almost 20% faster).

To measure the resource consumption, I simply used the docker stats command. I first compared memory and CPU usage after once the application was launched. Then I did due-diligence stress testing of the Web component, generating 500 requests with up to 5 in parallel using cURL (kudos to Ivo on dev.to for the advice). As you can see, adoption of chiselled Ubuntu containers drives down memory usage (7%) and particularly in stressed situations (21%).

Stress-testing our demo application with a homemade cURL bash command and docker stats

This means that the application can be up and running more quickly, and it can run more efficiently on the host system. This means a faster, more responsive user experience for our Christmas-time online-shopper customers!

Celebrate the season with chiselled Ubuntu

In this blog series, I have shown the key advantages of using chiselled Ubuntu images in practice by building a simple online shopping application using the ASP.NET runtime. Although my measurements might not be the most accurate, the improvements going from Ubuntu to chiselled Ubuntu as base images for .NET/ASP.NET are quite impressive. All that with very little changes and a seamless continued developer experience.

As we look ahead to the new year, I encourage you to try out chiselled Ubuntu images for yourself and see the benefits for your own applications. Whether you are a developer, system administrator, or just interested in learning more about container technologies, chiselled Ubuntu images can provide you with a stable, efficient, and secure platform for deploying and running your applications.

So don’t let the holiday season be a pain in the elf; use chiselled Ubuntu images to keep your containerised applications running smoothly, and make sure your customers have a ho-ho-happy experience. Happy holidays, and happy containerising!

ubuntu logo

What’s the risk of unsolved vulnerabilities in Docker images?

Recent surveys found that many popular containers had known vulnerabilities. Container images provenance is critical for a secure software supply chain in production. Benefit from Canonical’s security expertise with the LTS Docker images portfolio, a curated set of application images, free of vulnerabilities, with a 24/7 commitment.

Integrate with hardened LTS images ›

Newsletter signup

Get the latest Ubuntu news and updates in your inbox.

By submitting this form, I confirm that I have read and agree to Canonical's Privacy Policy.

Related posts

Canonical announces the general availability of chiselled Ubuntu containers

Production-ready, secure-by-design, ultra-small containers with chiselled Ubuntu Canonical announced today the general availability of chiselled Ubuntu...

Implementing an Android™ based cloud game streaming service with Anbox Cloud

Since the outset, Anbox Cloud was developed with a variety of use cases for running Android at scale. Cloud gaming, more specifically for casual games as...

Docker container security: demystifying FIPS-enabled containers with Ubuntu Pro

In today’s rapidly changing digital environment, the significance of robust Docker container security measures cannot be overstated. Even the containerised...