2025.33
Released 2025-09-18
Image Catalog
Base VM and container images, with architectures and variants.
All images are released simultaneously with a version number like
YYYY.nn(e.g.,2025.33). Every release publishes all images (even if no explicit changes). Base OS/components are not fully pinned, so most releases include upstream security/bug-fix updates. Older PHP lines (7.4, 8.1) may change less often.
VM image families
| Family | Architectures | Notes |
|---|---|---|
nfs-server |
amd64, arm64 | Storage-oriented NFS server base. |
web-server |
amd64, arm64 | Host for running web workloads in a container |
container-host |
arm64 only | Minimal host for running containers. |
Container image families
| Family | Variant / Base | Architectures | Notes |
|---|---|---|---|
php-fpm |
7.4 (alpine) | amd64 | EOL and unsupported upstream. |
| 8.1 (alpine) | amd64 | Pinned ustream to Alpine Linux 3.21. | |
| 8.2 (alpine) | amd64 | — | |
| 8.3 (alpine) | amd64 | — | |
| 8.4 (alpine) | amd64 | — | |
| 8.1 (debian) | amd64 | Debian 13 “Trixie” from recent releases. | |
| 8.2 (debian) | amd64 | Debian 13 “Trixie” from recent releases. | |
| 8.3 (debian) | amd64, arm64 | Debian 13 “Trixie” from recent releases. | |
| 8.4 (debian) | amd64, arm64 | Debian 13 “Trixie” from recent releases. | |
varnish |
entrypoint-wrapped | arm64 only | Entrypoint sizes memory to ~80% of host RAM. |
Releases
- Current: 2025.33
Registry
Obtain container images from the public ECR registry path:
public.ecr.aws/webscale/php-fpm
(Authoritative tags are visible on the ECR Public Gallery.)
PHP image tagging convention
Tags encode PHP version, base OS, optional architecture, and the release number.
php[-var][-YYYY.nn]
- php:
7.4,8.1,8.2,8.3,8.4 - var:
debfor amd64 Debian variant;arm64for arm64 Debian; Alpine omits this - YYYY.nn: release version (e.g.,
2025.33). Omit this to get latest release
Examples
public.ecr.aws/webscale/php-fpm:8.4-deb-2025.33
public.ecr.aws/webscale/php-fpm:8.3-2025.33
public.ecr.aws/webscale/php-fpm:8.3-arm64-2025.33
How to pull
Anonymous pulls work from anywhere:
docker pull public.ecr.aws/webscale/php-fpm:<tag>
docker pull public.ecr.aws/webscale/php-fpm:8.4-deb-2025.33
Optional authentication (to raise limits)
Authentication isn’t required to pull public images, but logging in to ECR Public can raise rate/bandwidth limits. Use the AWS CLI (always authenticate to us-east-1 for ECR Public):
aws ecr-public get-login-password --region us-east-1 \
| docker login --username AWS --password-stdin public.ecr.aws
Feedback
Was this page helpful?
Glad to hear it! Have any more feedback? Please share it here.
Sorry to hear that. Have any more feedback? Please share it here.
Last modified September 18, 2025