geoserver-docker icon indicating copy to clipboard operation
geoserver-docker copied to clipboard
verified publisher icon GeoNode

Optimise docker build

Open lilatomic opened this issue 3 years ago • 6 comments

This MR restructures the dockerfiles so that it rebuilds fewer things when changing the scripts, resulting in performance improvements:

current optimised
fresh build 138.60 140.64
change pip requirements 70.39 16.82
change script 71.21 2.20

I started with this one because it's simpler than the geonode one.

lilatomic avatar May 04 '22 23:05 lilatomic

Note that COPY has a --chmod option to make the file executable, while if you copy the file and then change its attributes, the file is going to be stored twice.

Edit: this is valid only when BUILDKIT is enabled, which is not yet the default.

frafra avatar May 05 '22 07:05 frafra

oh neat, I didn't know about the (upcoming) --chmod, that's cool. We could also change the permission of the files outside the container. thoughts?

I can combine the COPY instructions to reduce the number of layers. It reduces the number of layers, which I think helps with size (although I'm not clear on how big an impact this has).

lilatomic avatar May 06 '22 01:05 lilatomic

We could also change the permission of the files outside the container. thoughts?

That would not have any effect on the resulting file inside the container actually, but it would make sense to mark executables as such, as a general rule.

I can combine the COPY instructions to reduce the number of layers. It reduces the number of layers, which I think helps with size (although I'm not clear on how big an impact this has).

It would not reduce the image size significantly. You spare some space if you avoid of saving intermediate files, that gets deleted or overridden/modified.

frafra avatar May 06 '22 07:05 frafra

We could also change the permission of the files outside the container. thoughts?

That would not have any effect on the resulting file inside the container actually, but it would make sense to mark executables as such, as a general rule.

Are you sure about that? I tried with a simple dockerfile:

FROM	bash
COPY	a.txt .
CMD	ls -la a.txt

Changing the permissions on a.txt seems to work fine

> sudo chmod 451 a.txt
> sudo docker run -it (docker build -q .)
-r--r-x--x    1 root     root             0 May  6 00:53 a.txt
> sudo chmod 770 a.txt
> sudo docker run -it (docker build -q .)
-rwxrwx---    1 root     root             0 May  6 00:53 a.txt

The docs have this to say, buried in the COPY reference, which isn't super clear to me:

If is any other kind of file, it is copied individually along with its metadata.

lilatomic avatar May 07 '22 17:05 lilatomic

I might be wrong or confusing with one of the various different build methods. If it works, great :)

frafra avatar May 08 '22 08:05 frafra

sorry folks, are we waiting on me for something on this?

lilatomic avatar Jun 12 '22 21:06 lilatomic