I have a Dockerfile that has grown to a pretty large file now, although the image itself is roughly 6GB (not terrible for what we're using it for). The problem though is that the Dockerfile is becoming hard to read with lots of comments and && \ everywhere.
For example:
FROM image
RUN apt update && \
apt install tool 1 && \
tool 2 && \
tool 30 && \
# Comment here
git clone <repo> && \
git clone <repo2> && \
# Comment here
go install XYZ && \
python3 setup.py install && \
...
It started off very small and eventually grew out of control, hence why I'm looking for recommendations.
I've looked into the multistage docker containers but I'm not quite sure it fits my use case. The multistage docker documentation just simply shows multiple FROM XYZ and copying things from the previous containers, but I don't see how this is supposed to simplify reading a large Dockerfile.
Is there a way to, say, create files such as apt_install_tools.sh, git_clone_repositories.sh and then call them into the Dockerfile with something like:
COPY . ./
CMD ["./apt_install_tools.sh", "./git_clone_repositories.sh"]
I tried something very similar, but no luck. In my current directory, I have a file called apt_install_tools.sh with the following:
apt update && apt install -y awscli
And a Dockerfile that looks like this:
FROM kalilinux/kali-rolling
COPY . ./
RUN chmod x ./apt_install_tools.sh
# Run basic commands to update the image and install basic stuff.
CMD ['./apt_install_tools.sh']
Docker build runs perfectly fine, but when I run the container and exec into it, I get the following:
┌──(root㉿5c33ec27558b)-[/]
└─# aws
bash: aws: command not found
but running the script ./apt_install_tools.sh from within the running container works perfectly fine.
CodePudding user response:
For the script to be executed during build time, a RUN statement should be included:
FROM kalilinux/kali-rolling
COPY . ./
RUN chmod x ./apt_install_tools.sh
RUN ./apt_install_tools.sh
There are several things to have in mind that could affect performance:
The
COPY . ./will almost certainly invalidate the build cache, making the whole image to be re-built everytime (instead of re-using cached layers). That said, better will be to useCOPY apt_install_tools.sh ./apt_install_tools.shRegarding image size, usually is a good practice to remove any cache files after installing (Execute
rm -rf /var/lib/apt/lists/,apt clean,apt autocleanor in generalrm -rf ~/.cache). Also some commands can be optimized to reduce downloaded data (e.g:pip install --no-cache-dir, `git clone --single-branch)