Fedora and Centos don’t come with access to a CVE database. This leaves RHEL which requires a paid subscription to use.

If you have a paid subscription and are already going down the RHEL -> OpenShift -> Project Atomic route anyway then this is a good container to use. RHEL Atomic is 31mb compressed and 78.4mb on disk.

For those wanting to create a small Centos base image and don’t mind the lack of a CVE database you can use Buildah to create a minimal Centos 7 image that’s just 23mb compressed.

For those without a RHEL subscription I’d avoid Redhat base images entirely. Both Ubuntu and Debian now provide minimal base images that are small and come with a CVE database that ensures you can scan for vulnerabilities and get regular security patches.

Read our comparison blog to see how Redhat compares to the others.

Tell us about a new Kubernetes application


Never miss a thing! Sign up for our newsletter to stay updated.


Discover and learn about everything Kubernetes