Docker container explains in detail how to simplify the image and reduce the size

We can streamline the image from two aspects:

Reduce the number of image layers to reduce capacity

1. Reduce the number of image layers

1. Instruction merging

Each instruction in the Dockerfile will create a layer, but looking at the best practices in the official documentation, there is this sentence:

In older versions of Docker, it was important that you minimized the number of layers in your images to ensure they were performant. The following features were added to reduce this limitation:

• Only the instructions RUN, COPY, ADD create layers. Other instructions create temporary intermediate images, and do not increase the size of the build.

...

Reference address: Minimize the number of layers

This means that only the RUN, COPY, and ADD instructions will create layers, while other instructions will create an intermediate image and will not affect the image size. So the instruction merging we are talking about is mainly based on these three instructions.

Let's take the following Dockerfile as an example

FROM debian:stable

WORKDIR /var/www
LABEL version="v1"

RUN apt-get update
RUN apt-get -y --no-install-recommends install curl

RUN apt-get purge -y curl
RUN apt-get autoremove -y
RUN apt-get clean
RUN rm -rf /var/lib/apt/lists/*

Build the image

docker build -t curl:v1 .

View the build history through history

# docker history curl:v1

IMAGE CREATED CREATED BY SIZE COMMENT
29b721c09b67 18 seconds ago /bin/sh -c rm -rf /var/lib/apt/lists/* 0B        
aa28ae151e59 20 seconds ago /bin/sh -c apt-get clean 0B        
4f733781f557 22 seconds ago /bin/sh -c apt-get autoremove -y 989kB     
f66887372121 29 seconds ago /bin/sh -c apt-get purge -y curl 987kB     
d458ee0de463 34 seconds ago /bin/sh -c apt-get -y --no-install-recommend… 4.46MB    
43fdcf68018c 44 seconds ago /bin/sh -c apt-get update 17.6MB    
65631e8bb010 53 seconds ago /bin/sh -c #(nop) LABEL version="v1" 0B        
7ef7c53b019c 53 seconds ago /bin/sh -c #(nop) WORKDIR /var/www 0B        
8bfa93572e55 13 days ago /bin/sh -c #(nop) CMD ["bash"] 0B        
<missing> 13 days ago /bin/sh -c #(nop) ADD file:d78d93eff67b18592… 124MB 

Image size

[root@localhost dockerfiles]# docker images
REPOSITORY TAG IMAGE ID CREATED SIZE
curl v1 29b721c09b67 10 minutes ago 148MB

We merge the RUN instructions with the shell-like operation &&

RUN apt-get update && \
    apt-get -y --no-install-recommends install curl && \
    apt-get purge -y curl && \
    apt-get autoremove -y && \
    apt-get clean && \
    rm -rf /var/lib/apt/lists/*

View build history and image size

# docker history curl:v2
IMAGE CREATED CREATED BY SIZE COMMENT
928e12c2f57e About a minute ago /bin/sh -c apt-get update && apt-get -y … 989kB     
5a32372025fb About a minute ago /bin/sh -c #(nop) LABEL version="v2" 0B        
7ef7c53b019c 30 minutes ago /bin/sh -c #(nop) WORKDIR /var/www 0B        
8bfa93572e55 13 days ago /bin/sh -c #(nop) CMD ["bash"] 0B        
<missing> 13 days ago /bin/sh -c #(nop) ADD file:d78d93eff67b18592… 124MB

# docker images
REPOSITORY TAG IMAGE ID CREATED SIZE
curl v2 928e12c2f57e 3 minutes ago 125MB

It can be seen that just a simple curl application has freed up about 20MB of capacity by installing it through command merging. Also makes your Dockerfile more readable and concise.

2. Multi-stage build

Multi-stage builds were introduced in Docker 17.05. Multi-stage builds can greatly reduce build complexity and make it easier to reduce image size. Let's look at the Dockerfile for a multi-stage build

#Phase 1
FROM golang:1.16
WORKDIR /go/src
COPY app.go ./
RUN go build app.go -o myapp
#Phase 2
FROM scratch
WORKDIR /server
COPY --from=0 /go/src/myapp ./
CMD ["./myapp"]

Build the image

# docker build --no-cache -t server_app:v2 .

View the built image

# docker images
REPOSITORY TAG IMAGE ID CREATED SIZE
server_app v2 20225cb1ea6b 12 seconds ago 1.94MB

The above use cases come from the previous article "Dockerfile Multi-stage Build Practice". For more details about the multi-stage build of images, please go to the article. I will not go into details here.

3. Enable the squash feature

By enabling the squash feature (experimental feature) docker build --squash -t curl:v3 . the built image can be compressed into one layer. However, in order to give full play to the superior design of container image layer sharing, this method is not recommended.

2. Reduce capacity

1. Choose a small base image

The size of each Linux distribution image varies a lot, and even the same distribution image has differences. Let's take Debian as an example:

The difference between the stable version and the slim version is about 40MB

# docker images 
debian stable-slim 2aa48a485e3a 13 days ago 80.4MB
debian stable 8bfa93572e55 13 days ago 124MB

We changed the base image in Dockerfile to the slim version debian:stable-slim

FROM debian:stable-slim

The built image size is smaller

# docker images 
REPOSITORY TAG IMAGE ID CREATED SIZE
curl v4 1aab5c9bf8b3 17 seconds ago 81.4MB

The current image is based on Debian and includes many binaries. A Docker container should contain a single process and include the bare minimum required to run it. We don't actually need a whole operating system.

We can replace the Debian base image with an Alpine based image.

FROM alpine

WORKDIR /var/www
LABEL version="v5"
RUN echo -e 'https://mirrors.aliyun.com/alpine/v3.6/main/\nhttps://mirrors.aliyun.com/alpine/v3.6/community/' > /etc/apk/repositories && \
    apk update && \
    apk upgrade && \
    apk add --no-cache curl

Check the image size

# docker images
REPOSITORY TAG IMAGE ID CREATED SIZE
curl v5 7f735bb213be 11 seconds ago 10.1MB

At this point our image has reached 10MB. The package management tool used by alpine is apk, and some package names may be different. The biggest difference

2. Context Management

The COPY command we often use

COPY ./server/dir

COPY will copy the entire build context into the image and generate a new cache layer. In order to prevent unnecessary files such as logs, cache files, and Git history from being loaded into the build context, we'd better add .dockerignore to ignore non-essential files. This is also a key step in streamlining the image, and can better ensure the security of the image we build.

3. Clean up downloads in time

We have the following Dockerfile

..
WORKDIR /tmp
RUN curl -LO https://docker.com/download.zip && tar -xf download.zip -C /var/www 
RUN rm -f download.zip
...

Although we used rm to delete the download.zip package, due to the image layering problem, download.zip was deleted in a new layer, and the previous layer still existed.

We need to clean up the downloads in a timely manner in one layer

RUN curl -LO https://docker.com/download.zip && tar -xf 

download.zip -C /var/www && rm -f download.zip

In addition, when installing software, you should use the package management tool to clear the dependencies and cache of the software you downloaded in time. For example, use the apt package management tool to clean up in our dockerfile.

The related operations of streamlining images are introduced here. For more relevant docker container streamlined images, please search 123WORDPRESS.COM’s previous articles or continue to browse the following related articles. I hope everyone will support 123WORDPRESS.COM in the future!