Skip to main content
Minimus standard images are distroless and minimal, but sometimes it can be helpful to customize images to your exact needs. Create your own private image to simplify Dockerfiles, reduce overhead for dev teams, and streamline processes. Minimus maintains a private image as any standard Minimus image with daily builds and package updates, to keep the private image fresh and free of vulnerabilities (whenever patches and updates are available).

Creating a private image

1

Select your starter image

Select an image type from your Minimus subscription to begin.Select Starter Image
2

Select packages to add

You can add multiple packages to your starter image. All Minimus packages are available, including the Minimus Cryptographic Module for FIPS images. The recommended process is as follows:
  1. Review the SBOM of the latest production version of your starter image - expand the folder starter image packages in the right preview panel.
  2. Search the list of available add-on packages by name, description or version.
  3. Select packages to add.
    For a FIPS-validated starter image, select FIPS-validated packages whenever available. Note that some packages are FIPS-neutral and are not offered in a FIPS-validated format.

    Please contact our support team with any questions. We’re happy to walk you through the process.
  4. Review the added packages in the right preview panel under the folder added packages.
  5. In the right-panel preview, fine-tune your selection and remove packages, as needed. Starter Image SBOM
The final number of packages added will depend on the package dependencies. Dependencies are detected at the build stage and will be listed in the private image SBOM.

A maximum of 100 added packages are allowed.
3

Add custom environment variables

You can add custom env variables (short for environment variables) to pass configuration settings into the container at runtime without hardcoding them in the image. These may include ports, credentials, modes, etc.
  • Avoid duplicate keys as they will cause the build to fail. This is to protect against overrides that can interfere with the starter image configurations.
  • You can add key-value pairs. Key-only variables (also, empty environment variables) are not accepted.
  • Once you make your updates, your custom env variables are shown in the right preview panel, where you can review them and remove them if needed.
4

Set image details

The next step is to give your private image a name and optionally, provide a description. Your organization’s tenant ID will be prepended to the image name to clearly indicate that it is private to your organization. You image will also marked with the label private image.
The image name must be 2–40 characters long and begin and end with a lowercase letter. Only lowercase letters, numbers, and hyphens are accepted.
Read the testing recommendations then save your image.
5

Wait for the image to be built

While the image is being built, it’s card will be shown in the Image Creator gallery with a status label - in progress. The build generally takes under 15 minutes, depending on the components.
  • When the image is ready, it will appear with the label created and will show a timestamp of when it was first created. Click the button view image to dive into the image card.
6

Testing your private image

Testing your private image for functionality is the next step. Minimus standard images undergo strict unit testing as described in our architecture article. Since testing is particular to the exact components of the image, Minimus is not able to cover all testing requirements for private images.

Image lines and versions in private images

Minimus will attempt to build a private image for the newest version of each image line. If a particular image line runs into version conflicts with added packages, Minimus will skip it. The final private image will only include image lines that build successfully without errors.

How Minimus handles conflicts

Pairing the right package version with the image version can potentially get tricky. To avoid broken builds, Minimus handles potential package version conflicts in private images automatically: Minimus will attempt to build a private image for every maintained image line of the starter image and skip image lines that don’t build successfully.

Mutable tags (latest)

Mutable tags (aka floating tags) refer to tags like latest that reference a different image over time. The version tagged as latest in the private image might not be the same as the starter image, as a consequence of the private image skipping image lines due to conflicts. The general rule is the most advanced version available is tagged as latest . For example, the latest tag may refer to version 8.3 for a private image and version 8.4 for the starter image. This would happen if the private image skipped 8.4 due to compatibility issues. In this case, the mutable tag 8 would also refer to different image lines, and so forth.

Managing private images

Viewing your private images

To view your gallery of private images, go to Image Creator. Here you can create a new private image and manage your existing private images. Private images are labeled as private images and have a name that begins with your Minimus ID. Private Image Label

Editing a private image

You can update the added packages and env variables for your private images. The starter image and image name are fixed and cannot be changed. Once updated, the private image will be rebuilt. To edit a private image, go to Image Creator and select Edit in the image menu.

Deleting a private image

Private images are all about experimentation. Easily remove outdated or unhelpful private images from your Minimus console. To edit a private image, go to Image Creator and select Delete in the image menu.

Troubleshooting a failed build

If your private image was not successfully built, contact our team for assistance. Please provide the error code if possible. The image may fail to build due to conflicts or incompatible components. Our team is at your service to help resolve the issues. Private Image Build Failure

Actions for private images

Currently, Minimus actions do not support private images created by Creator.