Docker and the OCI container ecosystem
Docker and the OCI container ecosystem
Posted Jul 27, 2022 18:21 UTC (Wed) by rjones (subscriber, #159862)In reply to: Docker and the OCI container ecosystem by Cyberax
Parent article: Docker and the OCI container ecosystem
The big one I do is to simply have a shell script that does all the work of setting up the docker image. The dockerfile only copies in the script and required assets and the script does all the work of actually setting it up. Of course you can do the same thing with makefiles or scons or whatever build tool you like using. This reduces things to a single COPY and single RUN command.
Along with that it's useful to do multistage builds.
https://docs.docker.com/develop/develop-images/multistage...
This is especially nice if you want to do statically compiled binaries. You end up with a build container and a runtime container. You only then need to distribute the runtime container. This results in a very clean OCI image with all the build-time and setup portions stripped out. It is usually very easy to keep things down well under a 100MB in size.
As far as getting rid of dockerfile itself... It is probably not worth it at this stage. Everybody and their mom supports it and thus it makes it easy to integrate containers into CI/CD workflows, among other things. Sefl-hosting build farms in kubernetes is extremely easy with kaniko. You can use buildah and other associated tools related to podman. Gitlab, github, and most everything else supports building and testing against OCI images.
Posted Jul 27, 2022 20:07 UTC (Wed)
by mathstuf (subscriber, #69389)
[Link]
Other than that, I've found `buildah` to be useful for building minimal images where I can do some logic outside of the container and tell it afterwards. Much better than manual flattening after the fact IMO.
Docker and the OCI container ecosystem