Smaller Debian Docker tips - apt lists
One of the hidden gems of GitHub is
Jess Frazelle’s Dockerfiles Repo, a
collection of Dockerfiles
for applications she runs in containers to keep
her desktop clean and minimal. While reading the
NMap
Dockerfile
I noticed a little bit of shell I’d not seen before.
I’ve included the file itself below. The line in question is && rm -rf /var/lib/apt/lists/*
, a tiny bit of shell that does some additional cleanup
once apt has installed the required packages.
FROM debian:stretch
LABEL maintainer "Jessie Frazelle <jess@linux.com>"
RUN apt-get update && apt-get install -y \
nmap \
--no-install-recommends \
&& rm -rf /var/lib/apt/lists/*
ENTRYPOINT [ "nmap" ]
Curiosity got the best of me and I decided to see how much of a saving that line provides. First I built the Docker image as Jess intended:
sudo docker build -t nmap-rm-lists -f Dockerfile-rm-lists .
> sudo docker images
REPOSITORY TAG IMAGE ID CREATED SIZE
nmap-rm-lists latest 9a4a697649f9 10 seconds ago 131.1 MB
As you can see in the output this creates an image 131.1 MB in size. If we
remove the rm
line (and the \
continuation character from the line above)
and rebuild the image we should see a larger image.
sudo docker build -t nmap-with-apt-lists -f Dockerfile-with-apt-lists .
...
> sudo docker images
REPOSITORY TAG IMAGE ID CREATED SIZE
nmap-with-apt-lists latest d8459f6f2b93 About a minute ago 146.6 MB
And indeed we do, the image is just over 10% larger without that little
optimisation. That’s going to be quite a nice saving over a few dozen
container images. While looking through some of the other code in that repo
I saw mention of a debian:stretch-slim
image so I thought it was worth
running an additional experiment with it as the base. Making the small
change from FROM debian:stretch
to FROM debian:stretch-slim
in our
Dockerfile, with the rm -rf /var/lib/apt/lists/*
command also present,
results in a much smaller image at just 86 MB
> sudo docker images
REPOSITORY TAG IMAGE ID CREATED SIZE
nmap-rm-lists-slim latest 8fa72fad3929 About a minute ago 86.78 MB
For completeness (Hi Wes!) if we leave the lists in and use the debian:stretch- slim
image we have a significantly larger image at 102 MB. This helps
show that even with smaller base image the removal of the apt list
files is still well worth it.
REPOSITORY TAG IMAGE ID CREATED SIZE
nmap-with-lists-slim latest 26e65d974ae6 8 seconds ago 102.2 MB
While an Alpine image would be even smaller it’s nice to see this kind of size saving on Debian based images that look a lot closer to what I’d normally run in my VMs.