slim
slim copied to clipboard
slimtoolkit
Slim Images Sometimes Bigger than Regular Images
Sometimes the slim image ends up being bigger than the regular image but I'm not sure why. Here's what I'm doing:
Dockerfile
FROM alpine:3 AS build
RUN apk --no-cache add \
bc~=1 \
cargo~=1 \
gcc~=10 \
libffi-dev~=3 \
musl-dev~=1 \
openssl-dev~=1 \
python3~=3 \
python3-dev~=3 \
py3-pip~=20 \
rust~=1 \
&& pip3 install --no-cache-dir \
"ansible==3.*" \
&& pip3 install --no-cache-dir --no-compile \
"ansible-lint==5.*"
FROM alpine:3 AS codeclimate
ENV container docker
WORKDIR /work
COPY --from=build /usr/lib/python3.9/site-packages/ /usr/lib/python3.9/site-packages/
COPY --from=build /usr/bin/ansible-lint /usr/bin/ansible-lint
COPY --from=build /usr/bin/ansible /usr/bin/ansible
COPY --from=build /usr/bin/ansible-connection /usr/bin/ansible-connection
COPY local/engine.json ./engine.json
COPY local/codeclimate-ansible-lint local/codeclimate-format.py /usr/local/bin/
SHELL ["/bin/ash", "-eo", "pipefail", "-c"]
RUN adduser --uid 9000 --gecos "" --disabled-password app \
&& apk --no-cache add --virtual build-deps \
jq~=1 \
&& apk --no-cache add \
git~=2 \
python3~=3 \
&& ln -sf ansible /usr/bin/ansible-config \
&& ln -sf ansible /usr/bin/ansible-console \
&& ln -sf ansible /usr/bin/ansible-doc \
&& ln -sf ansible /usr/bin/ansible-galaxy \
&& ln -sf ansible /usr/bin/ansible-inventory \
&& ln -sf ansible /usr/bin/ansible-playbook \
&& ln -sf ansible /usr/bin/ansible-pull \
&& ln -sf ansible /usr/bin/ansible-test \
&& ln -sf ansible /usr/bin/ansible-vault \
&& find /usr/lib/ -name '__pycache__' -print0 | xargs -0 -n1 rm -rf \
&& find /usr/lib/ -name '*.pyc' -print0 | xargs -0 -n1 rm -rf \
&& VERSION="$(ansible-lint --version | sed 's/^[^ ]* //' | sed 's/ .*$//')" \
&& jq --arg version "$VERSION" '.version = $version' > /engine.json < ./engine.json \
&& rm ./engine.json \
&& apk del build-deps
USER app
VOLUME /code
WORKDIR /code
CMD ["codeclimate-ansible-lint"]
ARG BUILD_DATE
ARG REVISION
ARG VERSION
LABEL maintainer="Megabyte Labs <[email protected]>"
LABEL org.opencontainers.image.authors="Brian Zalewski <[email protected]>"
LABEL org.opencontainers.image.created=$BUILD_DATE
LABEL org.opencontainers.image.description="An Ansible Lint slim container and a CodeClimate engine container for GitLab CI"
LABEL org.opencontainers.image.documentation="https://github.com/ProfessorManhattan/codeclimate-ansible-lint/blob/master/README.md"
LABEL org.opencontainers.image.licenses="MIT"
LABEL org.opencontainers.image.revision=$REVISION
LABEL org.opencontainers.image.source="https://gitlab.com/megabyte-labs/docker/codeclimate/ansible-lint.git"
LABEL org.opencontainers.image.url="https://megabyte.space"
LABEL org.opencontainers.image.vendor="Megabyte Labs"
LABEL org.opencontainers.image.version=$VERSION
LABEL space.megabyte.type="codeclimate"
FROM codeclimate AS ansible-lint
WORKDIR /work
USER root
RUN rm /engine.json /usr/local/bin/codeclimate-ansible-lint /usr/local/bin/codeclimate-format.py
ENTRYPOINT ["ansible-lint"]
CMD ["--version"]
LABEL space.megabyte.type="linter"
Build Command
docker build --build-arg BUILD_DATE=2022-03-21T05:04:32-04:00 --build-arg REVISION=449fae9486c1865ac08320b9cd70f12a7908ab70 --build-arg VERSION=5.4.0 --tag megabytelabs/ansible-lint:latest --target ansible-lint .
Slim Command
docker-slim build --tag megabytelabs/ansible-lint:slim --http-probe=false --exec "ansible-lint --version" --preserve-path-file "local/paths.txt" megabytelabs/ansible-lint:latest
Logs
docker-slim: message='join the Gitter channel to ask questions or to share your feedback' info='https://gitter.im/docker-slim/community'
docker-slim: message='join the Discord server to ask questions or to share your feedback' info='https://discord.gg/9tDyxYS'
docker-slim: message='Github discussions' info='https://github.com/docker-slim/docker-slim/discussions'
cmd=build info=exec message='changing continue-after from probe to nothing because http-probe is disabled'
cmd=build info=exec message='updating continue-after mode to exec'
cmd=build state=started
cmd=build info=params continue.mode='exec' rt.as.user='true' keep.perms='true' tags='megabytelabs/ansible-lint:slim' target.type='image' target='megabytelabs/ansible-lint:latest'
cmd=build state=image.inspection.start
cmd=build info=image id='sha256:31efc3f2e48115837fba76f077684cefd1fb2c552db60b534b53cc1f14649a8c' size.bytes='379494236' size.human='380 MB'
cmd=build info=image.stack name='alpine:3' id='sha256:c059bfaa849c4d8e4aecaeb3a10c2d9b3d85f5165c66ad3a4d937758128c4d18' index='0'
cmd=build info=image.stack name='codeclimate/codeclimate-ansible-lint:latest' id='sha256:78dc182a27e7defbd1e4b889f235f90c2b72b31ae345ad8f8ca3ad861cf2bbbf' index='1'
cmd=build info=image.stack index='2' name='megabytelabs/ansible-lint:5-latest' id='sha256:31efc3f2e48115837fba76f077684cefd1fb2c552db60b534b53cc1f14649a8c'
cmd=build state=image.inspection.done
cmd=build state=container.inspection.start
cmd=build info=container status='created' name='dockerslimk_1024221_20220321105226' id='81e3473986369369629ac9a38c4ff6be65918c12870a23891c058dc40bac2e19'
cmd=build info=cmd.startmonitor status='sent'
cmd=build info=event.startmonitor.done status='received'
cmd=build info=container target.port.info='' message='YOU CAN USE THESE PORTS TO INTERACT WITH THE CONTAINER' name='dockerslimk_1024221_20220321105226' id='81e3473986369369629ac9a38c4ff6be65918c12870a23891c058dc40bac2e19' target.port.list=''
cmd=build info=continue.after mode='exec' message='provide the expected input to allow the container inspector to continue its execution'
cmd=build info=continue.after mode='exec' shell='ansible-lint --version'
docker-slim[build][exec]: output: ansible-lint 5.4.0 using ansible 2.10.17
cmd=build info=continue.after exitcode='0' mode='exec'
cmd=build state=container.inspection.finishing
cmd=build state=container.inspection.artifact.processing
cmd=build state=container.inspection.done
cmd=build state=building message=building optimized image
cmd=build state=completed
cmd=build info=results status='MINIFIED' by='0.89X' size.original='380 MB' size.optimized='428 MB'
cmd=build info=results image.name='megabytelabs/ansible-lint:slim' image.size='428 MB' has.data='true'
cmd=build info=results artifacts.location='/tmp/docker-slim-state/.docker-slim-state/images/31efc3f2e48115837fba76f077684cefd1fb2c552db60b534b53cc1f14649a8c/artifacts'
cmd=build info=results artifacts.report='creport.json'
cmd=build info=results artifacts.dockerfile.reversed='Dockerfile.fat'
cmd=build info=results artifacts.dockerfile.optimized='Dockerfile'
cmd=build info=results artifacts.seccomp='megabytelabs-ansible-lint-seccomp.json'
cmd=build info=results artifacts.apparmor='megabytelabs-ansible-lint-apparmor-profile'
cmd=build state=done
cmd=build info=commands message='use the xray command to learn more about the optimize image'
cmd=build info=version status='OUTDATED' local='1.37.2' current='1.37.5'
cmd=build message='Your version of DockerSlim is out of date! Use the "update" command or download the new version from https://dockersl.im/downloads.html'
cmd=build info=report file='slim.report.json'
docker-slim: message='join the Gitter channel to ask questions or to share your feedback' info='https://gitter.im/docker-slim/community'
docker-slim: message='join the Discord server to ask questions or to share your feedback' info='https://discord.gg/9tDyxYS'
docker-slim: message='Github discussions' info='https://github.com/docker-slim/docker-slim/discussions'
Is there something I am doing wrong? Or maybe we can have slim return the regular image if the slim image is bigger than the regular one?
我遇到了相似的问题,我用dockerslim处理了busybox镜像,镜像大小从1.24MB变成了460MB。我用到的命令是这个:build --target busybox:latest --http-probe-off
I ran into a similar problem with the BusyBox image with DockerSlim, which went from 1.24MB to 460MB. The command I used was this: build --target busybox:latest --http-probe-off
>>> build --target busybox:latest --http-probe-off
docker-slim: message='join the Gitter channel to ask questions or to share your feedback' info='https://gitter.im/docker-slim/community'
docker-slim: message='join the Discord server to ask questions or to share your feedback' info='https://discord.gg/9tDyxYS'
docker-slim: message='Github discussions' info='https://github.com/docker-slim/docker-slim/discussions'
cmd=build info=exec message='changing continue-after from probe to nothing because http-probe is disabled'
cmd=build info=exec message='changing continue-after to enter'
cmd=build state=started
cmd=build info=params keep.perms='true' tags='' target.type='image' target='busybox:latest' continue.mode='enter' rt.as.user='true'
cmd=build state=image.inspection.start
cmd=build info=image id='sha256:69593048aa3acfee0f75f20b77acb549de2472063053f6730c4091b53f2dfb02' size.bytes='1235821' size.human='1.2 MB'
cmd=build info=image.stack id='sha256:69593048aa3acfee0f75f20b77acb549de2472063053f6730c4091b53f2dfb02' index='0' name='busybox:latest'
cmd=build state=image.inspection.done
cmd=build state=container.inspection.start
cmd=build info=container id='39bba192377224511481374a79f43523ea084f6ddcc4956d4f81d1e51ebc00c8' status='created' name='dockerslimk_4183_20220321125052'
cmd=build info=container status='running' name='dockerslimk_4183_20220321125052' id='39bba192377224511481374a79f43523ea084f6ddcc4956d4f81d1e51ebc00c8'
cmd=build info=container ip='172.17.0.2' message='obtained IP address'
time="2022-03-21T20:50:53+08:00" level=error msg="channel.Client.Read: read error (read tcp 127.0.0.1:36844->127.0.0.1:49164: read: connection reset by peer), exiting..."
time="2022-03-21T20:50:53+08:00" level=error msg="channel.NewCommandClient: channel verify error = read tcp 127.0.0.1:36844->127.0.0.1:49164: read: connection reset by peer"
cmd=build info=cmd.startmonitor status='sent'
cmd=build info=event.startmonitor.done status='received'
cmd=build info=container target.port.info='' message='YOU CAN USE THESE PORTS TO INTERACT WITH THE CONTAINER' name='dockerslimk_4183_20220321125052' id='39bba192377224511481374a79f43523ea084f6ddcc4956d4f81d1e51ebc00c8' target.port.list=''
cmd=build info=continue.after mode='enter' message='provide the expected input to allow the container inspector to continue its execution'
cmd=build prompt='USER INPUT REQUIRED, PRESS <ENTER> WHEN YOU ARE DONE USING THE CONTAINER'
bash
cmd=build state=container.inspection.finishing
cmd=build state=container.inspection.artifact.processing
cmd=build state=container.inspection.done
cmd=build state=building message=building optimized image
cmd=build state=completed
cmd=build info=results status='MINIFIED' by='0.00X' size.original='1.2 MB' size.optimized='460 MB'
cmd=build info=results image.name='busybox.slim' image.size='460 MB' has.data='true'
cmd=build info=results artifacts.location='/tmp/docker-slim-state/.docker-slim-state/images/69593048aa3acfee0f75f20b77acb549de2472063053f6730c4091b53f2dfb02/artifacts'
cmd=build info=results artifacts.report='creport.json'
cmd=build info=results artifacts.dockerfile.reversed='Dockerfile.fat'
cmd=build info=results artifacts.dockerfile.optimized='Dockerfile'
cmd=build info=results artifacts.seccomp='busybox-seccomp.json'
cmd=build info=results artifacts.apparmor='busybox-apparmor-profile'
cmd=build state=done
cmd=build info=commands message='use the xray command to learn more about the optimize image'
cmd=build info=version status='OUTDATED' local='1.37.4' current='1.37.5'
cmd=build message='Your version of DockerSlim is out of date! Use the "update" command or download the new version from https://dockersl.im/downloads.html'
cmd=build info=report file='slim.report.json'
docker-slim: message='join the Gitter channel to ask questions or to share your feedback' info='https://gitter.im/docker-slim/community'
docker-slim: message='join the Discord server to ask questions or to share your feedback' info='https://discord.gg/9tDyxYS'
docker-slim: message='Github discussions' info='https://github.com/docker-slim/docker-slim/discussions'
$ sudo docker images
REPOSITORY TAG IMAGE ID CREATED SIZE
busybox.slim latest 9d8b69fd4752 10 seconds ago 460MB
ubuntu.slim latest 9c7bdb2539ca 2 minutes ago 3.67MB
ubuntu latest ff0fea8310f3 3 days ago 72.8MB
hello-world latest feb5d9fea6a5 5 months ago 13.3kB
ubuntu <none> 9873176a8ff5 9 months ago 72.7MB
busybox latest 69593048aa3a 9 months ago 1.24MB
@ProfessorManhattan need to investigate this a bit more... One possible reason for the size increase is the default behavior in docker-slim where it'll keep all need artifacts generated when the temporary container executes during minification. The --include-new=false build command flag setting disables this behavior.
