New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Squash build dependencies #6906
Comments
We could collapse instructions which only introduce metadata changes into single layers. Something like:
could be safely reduced to fewer layers:
We could also introduce automated squashing which would keep the original images around to make rebuilds faster. |
@unclejack collapsing layers in this way addresses a different problem: the limit in number of filesystem layers. It doesn't address the problem of disk space. I suggest we address it in a separate issue. |
Assumptions:
I've consider build artifact layer management to be a good candidate for image signing which would squash the new build layers into a single new image layer.
|
The caching is most useful for cases like package system commands that take a long time to run. However, even these commands you often want to explicitly re-run. What about a simple --no-cache flag for the build command? Alternatively, what about a FRESH command for Dockerfiles? Basically it would have the same affect as:
but wouldn't require the author to keep changing it. Tweaking @aweiteka's idea: since you only want to sign "finished" images anyway, what about making --sign (if and when implemented) implicitly also behave as a --no-cache ? |
A somewhat "emergent" pattern is to use a Only the I wonder how (and if) the docker CLI / API could bless and facilitate the pattern in a way that's compatible with the hub. A more importantly: would that fixes this issue or is it a separate discussion? |
-1 on that, or (at least) have --no-cache as a separate flag as well; if I don't need to sign my image, I still want to be able to disable caching layers or be able to squash. |
the example I have is a Dockerfile with
even if i want my build artifacts, right now, its not simple enough to get rid of the build tools. plus, it enforces a Dockerfile hygiene thing - it will encourage users to extract the
that they have copied and pasted into a few places into one common image that they then |
Wasn't there supposed to be work on "ghost" layers that would be present in the build process, but disappear from the final image? If such a feature would be technically possible, one could easily imagine the following Dockerfile:
Where all layers generated with lines that start with a "~" would actually not appear in the final image. |
I personally like the syntax @txomon mentioned in #332, which uses a For example
Will the resulting image have the On the other hand, if we re-use ideologies from database systems:
Seems very clear that |
I think that there is a miscommunication of what "squash" build dependencies means in the context of this ticket. I understand it like "remove", thus any changes to filesystem that are made by tilde commands will not show up at all in the final image. This means that you can install build dependencies, do the compiles and none of that will actually be included in the final image. Only the result of "RUN make install" in my example above (only the actual already compiled binaries in /usr/local/bin) and their runtime dependencies installed in the second line of the example would be present in the final image. As far as I am reading into it, half of the comments here confuse this with #332 which keeps all the changes to the filesystem in the final image, but just in fewer layers. |
Ahh, thank you. That makes a lot more sense. Perhaps we could call it "stripping" instead of "squashing". |
Any updates? |
What about just having a multi-line
This would give a lean image, but also make it easier to copy-paste in any existing install-scripts. Also - say you start with a traditional |
@stain As you mentioned, you can already accomplish the same thing with a simple |
But isn't there something wrong when most of the Dockerfile commands can't The tiny difference between ADD and COPY does not help. The COMMIT should be a better solution then my RUN-MANY, as it would allow In one project I have a github repository which somehow is 600 MB when Then I would just COPY . /src and do the build within the Docker image currently I need to have a massive && which in the end does all the cleanup Moving from Dockerfile style during development to mega-RUN-&& style takes During such a sequence not a single Dockerfile command can be used as it Flattening layers should be straight forward as its just set difference
|
Hello! Mainly:
Then from there, patches/features like this can be re-thought. Hope you can understand. |
The current implementation of “docker commit” and “docker build” makes it difficult to strip images of their build dependencies. This causes 2 problems:
The text was updated successfully, but these errors were encountered: