Update dockerhub-description.md (#37)

Signed-off-by: Roshan Khatri <[email protected]>

dockerhub-description.md

@@ -21,25 +21,29 @@ It supports a wide range of native structures and an extensible plugin system fo
 
 # Security
 
-For the ease of accessing Valkey from other containers via Docker networking, the "Protected mode" is turned off by default. This means that if you expose the port outside of your host (e.g., via `-p` on `docker run`), it will be open without a password to anyone. It is **highly** recommended to set a password (by supplying a config file) if you plan on exposing your Valkey instance to the internet. 
+For the ease of accessing Valkey from other containers via Docker networking, the "Protected mode" is turned off by default. This means that if you expose the port outside of your host (e.g., via `-p` on `docker run`), it will be open without a password to anyone. It is **highly** recommended to set a password (by supplying a config file) if you plan on exposing your Valkey instance to the internet. For further information, see the following links about Valkey security:
+
+-	[Valkey documentation on security](https://valkey.io/topics/security/)
+-	[Protected mode](https://valkey.io/topics/security/#protected-mode)
+-	[A few things about security by antirez](http://antirez.com/news/96)
 
 # How to use this image
 
-## start a valkey instance
+## Start a valkey instance
 
 ```console
 $ docker run --name some-valkey -d valkey/valkey
 ```
 
-## start with persistent storage
+## Start with persistent storage
 
 ```console
 $ docker run --name some-valkey -d valkey/valkey valkey-server --save 60 1 --loglevel warning
 ```
 
 There are several different persistence strategies to choose from. This one will save a snapshot of the DB every 60 seconds if at least 1 write operation was performed (it will also lead to more logs, so the `loglevel` option may be desirable). If persistence is enabled, data is stored in the `VOLUME /data`, which can be used with `--volumes-from some-volume-container` or `-v /docker/host/dir:/data` (see [docs.docker volumes](https://docs.docker.com/engine/tutorials/dockervolumes/)).
 
-## connecting via `valkey-cli`
+## Connecting via `valkey-cli`
 
 ```console
 $ docker run -it --network some-network --rm valkey/valkey valkey-cli -h some-valkey
@@ -65,10 +69,28 @@ Where `/myvalkey/conf/` is a local directory containing your `valkey.conf` file.
 
 The mapped directory should be writable, as depending on the configuration and mode of operation, Valkey may need to create additional configuration files or rewrite existing ones.
 
+# Image Variants
+
+The `valkey` images come in many flavors, each designed for a specific use case.
+
+## `valkey/valkey:<version>`
+
+This is the defacto image. If you are unsure about what your needs are, you probably want to use this one. It is designed to be used both as a throw away container (mount your source code and start the container to start your app), as well as the base to build other images off of.
+
+Some of these tags may have names like bookworm in them. These are the suite code names for releases of [Debian](https://wiki.debian.org/DebianReleases) and indicate which release the image is based on. If your image needs to install any additional packages beyond what comes with the image, you'll likely want to specify one of these explicitly to minimize breakage when there are new releases of Debian.
+
+## `valkey/valkey:<version>-alpine`
+
+This image is based on the popular [Alpine Linux project](https://alpinelinux.org), available in [the `alpine` official image](https://hub.docker.com/_/alpine). Alpine Linux is much smaller than most distribution base images (~5MB), and thus leads to much slimmer images in general.
+
+This variant is useful when final image size being as small as possible is your primary concern. The main caveat to note is that it does use [musl libc](https://musl.libc.org) instead of [glibc and friends](https://www.etalabs.net/compare_libcs.html), so software will often run into issues depending on the depth of their libc requirements/assumptions. See [this Hacker News comment thread](https://news.ycombinator.com/item?id=10782897) for more discussion of the issues that might arise and some pro/con comparisons of using Alpine-based images.
+
+To minimize image size, it's uncommon for additional related tools (such as `git` or `bash`) to be included in Alpine-based images. Using this image as a base, add the things you need in your own Dockerfile (see the [`alpine` image description](https://hub.docker.com/_/alpine/) for examples of how to install packages if you are unfamiliar).
+
 # License
 
 View [license information](https://github.com/valkey-io/valkey/blob/unstable/COPYING) for the software contained in this image.
 
 As with all Docker images, these likely also contain other software which may be under other licenses (such as Bash, etc from the base distribution, along with any direct or indirect dependencies of the primary software being contained).
 
-As for any pre-built image usage, it is the image user's responsibility to ensure that any use of this image complies with any relevant licenses for all software contained within.
+As for any pre-built image usage, it is the image user's responsibility to ensure that any use of this image complies with any relevant licenses for all software contained within.