Use as few layers as required
apt get update && apt-get installso that a dependent command is always executed with the latest version of the parent command and so that any cleanup from a command is done within the same layer.
Clean up right away
RUN wget http://mysite.com/app && tar -xzf app.tar.gz && rm app.tar.gz
RUN wget http://mysite.com/app RUN tar -xzf app.tar.gz RUN rm app.tar.gz
Use a stripped-down base image
Use the right image for the right service
- Use an existing similar image or a more complex image when
- that image is being built anyway;
- and the extra time to wait for the required image does not slow down the overall build process.
- Use a service with the simplest base image in all other cases.
- Use a more complex image as a build artifact.
tmpfolders at a minimum (although in some cases
.gitmay need to be included). You can also update other parts of your pipeline to avoid dumping large binaries into directories that are not required in the build context. This will help keep your images from ballooning as an unintended result of build artifacts being erroneously added into the build environment.
$ docker build -t myapp ./ $ docker run --entrypoint /bin/bash -it myapp root # ls mycode tmp logs ^D $ echo “tmp” >> .dockerignore $ echo “logs” >> .dockerignore
Build versus bootstrap
- from https://blog.codeship.com/reduce-image-size