Any scope for basing container not on debian but on "zero"? #52
Comments
|
Thanks @mohawk2 ! We're basing on Per https://github.com/docker-library/official-images#repeatability we're a bit restricted on which official-image to base from, so if we're looking to build a @tianon @PeterMartini what do you think? |
|
I'm looking into a multi-stage build for Perl and one can probably do this pretty easy. I don't see any build script for the Dockerfiles so I'm not sure how this all gets build. I end up with an image that is 112MB big for 5.26.2 (compared to ~800MB). See #53 |
|
Sorry for not responding sooner, I'm always buried (as you can imagine). I think making a smaller Perl image is a great idea! Going all the way to I think Alpine is a really good compromise -- once you add Perl itself, the 4MB for the base becomes pretty insignificant, and then you get the benefit of a decent shell and a proper package manager for installing more dependencies (so the image can be useful without requiring multi-stage builds, too). The current images are based on In many other language stack official images (Python, Ruby, etc) we include For example:
|
|
Thanks @tianon! I think
|
|
Yeah, totally fair! I'd suggest avoiding the catch-all "build-essential"
package -- there's probably only three or four packages actually necessary
("gcc", "make", etc), and "build-essential" includes everything necessary
to build Debian packages (
https://packages.debian.org/stretch/build-essential).
We do have some default boilerplate Alpine-related text that gets added to
any image with an Alpine variant automatically (unless overridden for that
particular image):
https://github.com/docker-library/docs/blob/2f7d03f9603e34227c62eb262b81e1fc85fe1fcb/.template-helpers/variant-alpine.md
(which might either be enough by itself, or at least a decent start for
writing something specific to Perl)
|
|
Did a spike for I'll run a few more test builds against the other versions and build variants, and likely push a new PR this weekend:
|
|
I think 400MB still leaves some room for improvement 😄 I was able to get down to 113MB with the following fairly minimal patch: diff --git a/5.028.000-64bit/Dockerfile b/5.028.000-64bit/Dockerfile
index d009951..a537a64 100644
--- a/5.028.000-64bit/Dockerfile
+++ b/5.028.000-64bit/Dockerfile
@@ -1,10 +1,19 @@
-FROM buildpack-deps:stretch
+FROM debian:stretch-slim
LABEL maintainer="Peter Martini <[email protected]>, Zak B. Elep <[email protected]>"
+RUN apt-get update \
+ && apt-get install -y --no-install-recommends \
+# install "netbase" for "/etc/services" and "/etc/protocols"
+ netbase \
+ && rm -rf /var/lib/apt/lists/*
+
COPY *.patch /usr/src/perl/
WORKDIR /usr/src/perl
-RUN curl -SL https://www.cpan.org/src/5.0/perl-5.28.0.tar.xz -o perl-5.28.0.tar.xz \
+RUN savedAptMark="$(apt-mark showmanual)" \
+ && apt-get update \
+ && apt-get install -y --no-install-recommends ca-certificates curl dpkg-dev gcc libc6-dev make patch xz-utils \
+ && curl -fL https://www.cpan.org/src/5.0/perl-5.28.0.tar.xz -o perl-5.28.0.tar.xz \
&& echo '059b3cb69970d8c8c5964caced0335b4af34ac990c8e61f7e3f90cd1c2d11e49 *perl-5.28.0.tar.xz' | sha256sum -c - \
&& tar --strip-components=1 -xaf perl-5.28.0.tar.xz -C /usr/src/perl \
&& rm perl-5.28.0.tar.xz \
@@ -20,7 +29,12 @@ RUN curl -SL https://www.cpan.org/src/5.0/perl-5.28.0.tar.xz -o perl-5.28.0.tar.
&& curl -LO http://www.cpan.org/authors/id/M/MI/MIYAGAWA/App-cpanminus-1.7044.tar.gz \
&& echo '9b60767fe40752ef7a9d3f13f19060a63389a5c23acc3e9827e19b75500f81f3 *App-cpanminus-1.7044.tar.gz' | sha256sum -c - \
&& tar -xzf App-cpanminus-1.7044.tar.gz && cd App-cpanminus-1.7044 && perl bin/cpanm . && cd /root \
- && rm -fr ./cpanm /root/.cpanm /usr/src/perl /usr/src/App-cpanminus-1.7044* /tmp/*
+ && rm -fr ./cpanm /root/.cpanm /usr/src/perl /usr/src/App-cpanminus-1.7044* /tmp/* \
+ && apt-mark auto '.*' > /dev/null \
+ && apt-mark manual $savedAptMark \
+ && apt-get purge -y --auto-remove -o APT::AutoRemove::RecommendsImportant=false \
+ && rm -rf /var/lib/apt/lists/* \
+ && perl --version
WORKDIR /root
|
|
I've experimented with Alpine a bit, but I think it's going to require more love. There are a number of tests that don't pass, and https://git.alpinelinux.org/cgit/aports/tree/main/perl/APKBUILD?h=3.8-stable#n11 seems to imply that it's non-trivial to get them to (as in, muslc doesn't provide the necessary locale support for the tests to work at all), so they might have to be skipped in order to generate an Alpine build. Here's my current WIP (with the tests commented out so it generates a usable build): diff --git a/5.028.000-64bit/Dockerfile b/5.028.000-64bit/Dockerfile
index d009951..bb0d43b 100644
--- a/5.028.000-64bit/Dockerfile
+++ b/5.028.000-64bit/Dockerfile
@@ -1,12 +1,13 @@
-FROM buildpack-deps:stretch
+FROM alpine:3.8
LABEL maintainer="Peter Martini <[email protected]>, Zak B. Elep <[email protected]>"
COPY *.patch /usr/src/perl/
WORKDIR /usr/src/perl
-RUN curl -SL https://www.cpan.org/src/5.0/perl-5.28.0.tar.xz -o perl-5.28.0.tar.xz \
+RUN apk add --no-cache --virtual .build-deps dpkg dpkg-dev gcc libc-dev make \
+ && wget https://www.cpan.org/src/5.0/perl-5.28.0.tar.xz -O perl-5.28.0.tar.xz \
&& echo '059b3cb69970d8c8c5964caced0335b4af34ac990c8e61f7e3f90cd1c2d11e49 *perl-5.28.0.tar.xz' | sha256sum -c - \
- && tar --strip-components=1 -xaf perl-5.28.0.tar.xz -C /usr/src/perl \
+ && tar --strip-components=1 -xJf perl-5.28.0.tar.xz -C /usr/src/perl \
&& rm perl-5.28.0.tar.xz \
&& cat *.patch | patch -p1 \
&& gnuArch="$(dpkg-architecture --query DEB_BUILD_GNU_TYPE)" \
@@ -14,13 +15,15 @@ RUN curl -SL https://www.cpan.org/src/5.0/perl-5.28.0.tar.xz -o perl-5.28.0.tar.
&& archFlag="$([ "$archBits" = '64' ] && echo '-Duse64bitall' || echo '-Duse64bitint')" \
&& ./Configure -Darchname="$gnuArch" "$archFlag" -Duseshrplib -Dvendorprefix=/usr/local -des \
&& make -j$(nproc) \
- && TEST_JOBS=$(nproc) make test_harness \
+# && TEST_JOBS=$(nproc) make test_harness \
&& make install \
&& cd /usr/src \
- && curl -LO http://www.cpan.org/authors/id/M/MI/MIYAGAWA/App-cpanminus-1.7044.tar.gz \
+ && wget http://www.cpan.org/authors/id/M/MI/MIYAGAWA/App-cpanminus-1.7044.tar.gz \
&& echo '9b60767fe40752ef7a9d3f13f19060a63389a5c23acc3e9827e19b75500f81f3 *App-cpanminus-1.7044.tar.gz' | sha256sum -c - \
&& tar -xzf App-cpanminus-1.7044.tar.gz && cd App-cpanminus-1.7044 && perl bin/cpanm . && cd /root \
- && rm -fr ./cpanm /root/.cpanm /usr/src/perl /usr/src/App-cpanminus-1.7044* /tmp/*
+ && rm -fr ./cpanm /root/.cpanm /usr/src/perl /usr/src/App-cpanminus-1.7044* /tmp/* \
+ && apk del .build-deps \
+ && perl --version
WORKDIR /root
However, the end result is 60.5MB, so perhaps it's a worthy effort? 😄 |
|
@tianon nice work, for that 400MB I still had some build-deps based on Debian's For alpine, indeed musl locales support was my main concern, but looks like as long as we can be very clear about that, most people won't miss it; I just don't want issues here about not being able to install Locale::* or other i18n CPAN modules. My old WIP also got somewhere between 50-60MB, so definitely good work here, thanks a lot 👍 |
|
I've made some builds of #54 for I've retained |
|
As a first test with $company project with 5.26-slim. I'm just going to list what is/was needed. In order to install HTML::Entities (uses XS) I needed to add both gcc and libc6-dev. HTML::Entities is used by libwww-perl and Catalyst-Runtime (and ~360 others). In order to install Net::SSLeay I needed to install gcc, libc6-dev, libssl-dev, openssl and zlib1g-dev. openssl suggests ca-certificates. In order to use cpanm with git repos ( XML::Parser (dep of XML:Twig) needs libexpat1-dev |
|
With other language images, that's expected for the slim variants; we're
trading convenience for image size, so some additional package installs are
inevitable.
|
|
I know, I'm just listing them so a decision can be made if a trade off can be made. I do think it is a good idea to have a build-box image for perl and a run-time image. But since multi-stage builds aren't supported (yet), well, listing what is needed. |
|
@waterkip yep, I'm testing a local |
|
@waterkip how's your testing? On my side, I ran this on both MetaCPAN services (frontend web and backend api) via https://github.com/metacpan/metacpan-docker, no issues so far. I'll merge #54 tonight and cut a release on the Hub right after if there are no further issues or todos, thanks! |
|
My testing has stalled a bit due to work and life. And I cannot test it this week as I'm heading to Glasgow for the YAPC. |
|
Our build seems to work, I'll have a tester do a full regression test to see if everything works. Expect results before Tuesday. |
|
@waterkip cool, enjoy the YAPC! I think we can release Thanks again everyone for participating! 🎉 |
Provide Perl images built against "debian:slim" variants for a big reduction in image size (from 800MB down to ~100MB in most cases,) with no loss to language functionality. - Perl/docker-perl#52 - Perl/docker-perl#54
Provide Perl images built against "debian:slim" variants for a big reduction in image size (from 800MB down to ~100MB in most cases,) with no loss to language functionality. - Perl/docker-perl#52 - Perl/docker-perl#54
|
Cool! My tester just confirmed that there are no issues as well. So it should be good to go ;) Thanks for making a smaller base image, much appreciated!! |
|
|
|
Love those new slim variants! I've just packaged an app with a slim variant, and all has been very smooth 🎉 |
As in this article: https://blog.kintoandar.com/2018/01/Building-healthier-containers.html - it would make for smaller containers, faster builds, etc.
I see that the current
Dockerfiledoes all the building inside itself, and wondered whether there is scope to slim down the output image.The text was updated successfully, but these errors were encountered: