Improve Docker Image by BuildKit

Transcript

1. ৬৔ͷDockerϏϧυ Λվળͨ͠࿩ 1

2. ࣗݾ঺հ ໊લ: ү ݡେ(@go_vargo) ॴଐ: גࣜձࣾίϩϓϥ ɹɹ Πϯϑϥάϧʔϓ ୈ2νʔϜ झຯ:

   Ϋϥ΢υωΠςΟϒܥͷMeetup΁ͷࢀՃ ࠷ۙͷ೰Έ͸ɺίϯςφϫʔΫϩʔυͷҋ΁ͷ ཱͪ޲͔͍ํ 2

3. ࠓ೔ͷςʔϚ ৬৔ͷDockerΠϝʔδɾϏϧυΛվળͨ͠࿩ γνϡΤʔγϣϯ: ɾνʔϜʹ͸͢ͰʹDockerfile͕͋Δ (؀ڥຖʹDockerfile͕ଘࡏ͢Δ) ɾΠϝʔδαΠζ͸νϡʔχϯάͷ༨஍ͳ͠ ɾݴޠ͸PHP(Laravel) ɾCI/CDΛ࢖ͬͯϏϧυˠσϓϩΠ͍ͯ͠Δ ɾϩʔΧϧ։ൃ͸Docker Compose

   ϦϞʔτ͸Kubernetes(GKE) 3

4. ςʔϚʹࢸͬͨϞνϕʔγϣϯ ࠷ߴͷDockerfileΛ࡞Γ͍ͨ… ɾDockerfileͷϕετϓϥΫςΟεɾΞϯνύλʔϯ͸ ݻ·Γͭͭ͋Δ…͕࣍ͷهࣄΛಡΜͰɺࠓΑΓ΋ ΋ͬͱDockerϏϧυΛվળͰ͖ͦ͏ͩͱࢥͬͨ ʮDockerfileΛվળ͢ΔͨΊͷBest Practice 2019೥൛ʯ https://www.slideshare.net/zembutsu/dockerfile-bestpractices-19-and-advice ɾ؀ڥ͝ͱʹෳ਺͋ΔDockerfileʹΑͬͯ

   Infrastructure as Codeͱͯ͠ͷՄಡੑ͕མ͍ͪͯͨɻ ू໿ͯ͠ɺগ͠Ͱ΋ίϯςφͷҋΛ੖Β͍ͨ͠ 4

5. 5 ؀ڥུ֓ 3FHJTUSZ ,VCFSOFUFT 4QJOOBLFS (JU-BC
   
   3VOOFS *NBHF
   #VJME 1VTI *NBHF
   #BLF

   %FQMPZ

6. 6 ࠓ೔࿩͢ͱ͜Ζ 3FHJTUSZ ,VCFSOFUFT 4QJOOBLFS (JU-BC
   
   3VOOFS *NBHF
   #VJME 1VTI *NBHF
   #BLF

   %FQMPZ

7. ᶃ BuildKitΛ༗ޮԽ ᶄ ؀ڥ(ϩʔΧϧ, ։ൃ؀ڥ,etc…)͝ͱͷDockerfileΛ ҰͭͷDockerfileʹ·ͱΊͯɺεςʔδͰ ؀ڥ͝ͱͷࠩ෼Λఆٛ ᶅ ηΩϡϦςΟੑͷ޲্ͱͯ͠ɺίϯςφ͔Β ෆཁͳSecretϑΝΠϧͷআڈ(ࠓճ͸লུ)

   7 վળͨ͜͠ͱ

8. ͷલʹɺ؀ڥม਺Λ༗ޮԽ͢Δ͚ͩ 8 ᶃ BuildKitͷ༗ޮԽ docker build DOCKER_BUILDKIT=1 docker build …

9. 9 ᶄ ؀ڥࠩ෼ΛεςʔδԽ मਖ਼લ मਖ਼ޙ Dockerfile.local Debugger Git Vim …

   Dockerfile.k8s FROM image AS local …. FROM image AS local debug …. FROM image AS k8s …. FROM image AS k8s-XXXX …. ҰͭͷϑΝΠϧʹू໿͢Δ͜ͱͰɺ ίʔυͷڞ௨ԽͱՄಡੑΛߴΊΔ Dockerfile.xxxx …

10. ޮೳᶃ: ༨ܭͳϨΠϠʔΛؚΊͳ͍ͨΊΠϝʔδαΠζݮগ‑ ※ BuildKitҎલ͔Βͷޮೳ ޮೳᶄ: Ϗϧυ࣌ؒͷ୹ॖ 10 Ϛϧνεςʔδ × BuildKit

    Dockerfile ্͔ΒԼʹϏϧυ Dockerfile Stage1 Stage2 ฒྻϏϧυ BuildKitͳ͠ BuildKit͋Γ

11. 11 मਖ਼લ FROM php:7.2.18-alpine COPY docker/files / COPY composer.json composer.lock

    /app/ RUN cd /app \ && apk add --no-cache --virtual .build-deps zip unzip git \ && curl -sS https://getcomposer.org/installer | php -- --install-dir=/usr/local/bin/ --filename=composer \ && composer global require hirak/prestissimo \ && composer install --prefer-dist --no-interaction --no-scripts --no-autoloader --no-dev \ && chown -R www-data:www-data vendor \ && find vendor/ -type d -name ‘.git’ -print0 | xargs -0 rm -rf \ && apk del .build-deps \ && composer global remove hirak/prestissimo \ && rm -rf /root/.composer/ COPY --chown=www-data:www-data . /app WORKDIR /app CMD [“run”] ᶄ ؀ڥࠩ෼ΛεςʔδԽ ىಈεΫϦϓτΛίϐʔ ύοέʔδ؅ཧͷϑΝΠϧΛίϐʔ ϥΠϒϥϦ΍ύοέʔδ؅ཧπʔϧΛΠϯετʔϧ ιʔείʔυΛίϐʔ

12. 12 ##### ComposerΠϯετʔϧ༻ ##### FROM php:7.2.18-alpine AS builder COPY composer.json

    composer.lock /app/ WORKDIR /app RUN cd /app \ && apk add --no-cache --virtual .build-deps zip unzip git \ && curl -sS https://getcomposer.org/installer | php -- --install-dir=/usr/local/bin/ --filename=composer \ && composer global require hirak/prestissimo \ && composer install --prefer-dist --no-interaction --no-scripts --no-autoloader —no-dev ##### Kubernetes༻Πϝʔδ ##### FROM php:7.2.18-alpine AS k8s COPY docker/files / WORKDIR /app COPY --chown=www-data:www-data . /app/ COPY --from= builder /usr/local/bin/composer /usr/local/bin/composer RUN apk add —no-cache zip unzip COPY --from=builder --chown=www-data:www-data /app/vendor /app/vendor CMD [“run”] मਖ਼ޙ - v1 ىಈεΫϦϓτΛίϐʔ ύοέʔδ؅ཧͷϑΝΠϧΛίϐʔ ύοέʔδΛΠϯετʔϧ ੒Ռ෺Λίϐʔ ύοέʔδϚωʔδϟΛίϐʔ

13. 13 ##### ComposerΠϯετʔϧ༻ ##### FROM php:7.2.18-alpine AS builder COPY composer.json

    composer.lock /app/ WORKDIR /app RUN cd /app \ && apk add --no-cache --virtual .build-deps zip unzip git \ && curl -sS https://getcomposer.org/installer | php -- --install-dir=/usr/local/bin/ --filename=composer \ && composer global require hirak/prestissimo \ && composer install --prefer-dist --no-interaction --no-scripts --no-autoloader —no-dev ##### Kubernetes༻Πϝʔδ ##### FROM php:7.2.18-alpine AS k8s COPY docker/files / WORKDIR /app COPY --chown=www-data:www-data . /app/ COPY --from= builder /usr/local/bin/composer /usr/local/bin/composer RUN apk add —no-cache zip unzip COPY --from=builder --chown=www-data:www-data /app/vendor /app/vendor CMD [“run”] मਖ਼ޙ - v1 ‑ύοέʔδϚωʔδϟͷΠϯετʔϧ͸ຖճ࣮ߦ͢Δඞཁͳ͠

14. 14 ##### ComposerΠϯετʔϧ༻ ##### FROM composer:1.8.6 AS builder COPY composer.json

    composer.lock /app/ WORKDIR /app RUN composer global require hirak/prestissimo \ && curl -sS https://getcomposer.org/installer | php -- --install-dir=/usr/local/bin/ --filename=composer \ && composer install --prefer-dist --no-interaction --no-scripts --no-autoloader --no-dev \ && chown -R www-data:www-data vendor \ && find vendor/ -type d -name ‘.git’ -print0 | xargs -0 rm -rf ##### Kubernetes༻Πϝʔδ ##### FROM php:7.2.18-alpine AS k8s COPY docker/files / WORKDIR /app COPY --chown=www-data:www-data . /app/ COPY --from=builder /usr/local/bin/composer /usr/local/bin/composer RUN apk add —no-cache zip unzip COPY --from=builder --chown=www-data:www-data /app/vendor /app/vendor CMD [“run”] मਖ਼ޙ - v2 ผͷΠϝʔδͱͯ͠੾Γग़͢ Πϯετʔϧ෦෼͸࡟আ

15. 15 ##### ComposerΠϯετʔϧ༻ ##### FROM composer:1.8.6 AS builder COPY composer.json

    composer.lock /app/ WORKDIR /app RUN composer global require hirak/prestissimo \ && composer install --prefer-dist --no-interaction --no-scripts --no-autoloader --no-dev \ && chown -R www-data:www-data vendor \ && find vendor/ -type d -name ‘.git’ -print0 | xargs -0 rm -rf ##### Kubernetes༻Πϝʔδ ##### FROM php:7.2.18-alpine AS k8s COPY docker/files / WORKDIR /app COPY --chown=www-data:www-data . /app/ COPY --from=builder /usr/local/bin/composer /usr/local/bin/composer RUN apk add —no-cache zip unzip COPY --from=builder --chown=www-data:www-data /app/vendor /app/vendor CMD [“run”] मਖ਼ޙ - v2 ‏builderͷ଴ͪ߹Θ͕ͤൃੜ

16. 16 ##### Composerίϐʔ༻ ##### FROM composer:1.8.6 AS copy ##### ComposerΠϯετʔϧ༻

    ##### FROM composer:1.8.6 AS builder COPY composer.json composer.lock /app/ WORKDIR /app RUN composer global require hirak/prestissimo \ && composer install --prefer-dist --no-interaction --no-scripts --no-autoloader --no-dev \ && chown -R www-data:www-data vendor \ && find vendor/ -type d -name ‘.git’ -print0 | xargs -0 rm -rf ##### Kubernetes༻Πϝʔδ ##### FROM php:7.2.18-alpine AS k8s COPY docker/files / WORKDIR /app COPY --chown=www-data:www-data . /app/ COPY --from=copy /usr/local/bin/composer /usr/local/bin/composer RUN apk add —no-cache zip unzip COPY --from=builder --chown=www-data:www-data /app/vendor /app/vendor मਖ਼ޙ - v3 ‏଴ͪ߹ΘͤΛճආ ‏͜͜͸଴ͪ߹Θͤ

17. 17 BuildKitʹΑΔฒྻϏϧυ 0 1 2 3 Stage0, 1͸ฒྻ࣮ߦ Stage2͸0,1ͷ׬ྃ଴ͪ Stage3͸2ͷ׬ྃ଴ͪ

18. 18 BuildKitʹΑΔฒྻϏϧυ 0 1 2 3 εςʔδؒͷґଘؔ܎͕ͳ͍ ࣮ߦ࣌ؒΛ୹ॖ͢Δʹ͸… ཧ૝ 0

    1 2 3 εςʔδؒͷґଘؔ܎͕গͳ͍ ࣍ળ

19. 19 BuildKitʹΑΔฒྻϏϧυ ͍͔ʹαΠζΛখ͘͢͞Δ͔… ͍͔ʹϨΠϠʔΛগͳ͘͢Δ͔… BuildKitΛಋೖ͢Δͱ೰Έ΋มԽ͢Δ ͍͔ʹґଘؔ܎͕ͳ͍ΠϝʔδΛઃܭ͢Δ͔… ಋೖޙ ಋೖલ ͍͔ʹεςʔδΛ෼ׂ͢Δ͔…

20. 20 վળ݁Ռ ϩʔΧϧ༻Πϝʔδ मਖ਼લ मਖ਼ޙ αΠζ 357MB 355MB Ϗϧυ࣌ؒ(1ճ) 88s

    41s Ϗϧυ࣌ؒ(2ճ໨Ҏ߱) 12s 2s K8s༻Πϝʔδ मਖ਼લ मਖ਼ޙ αΠζ 209MB 209MB Ϗϧυ࣌ؒ(1ճ) 78s 41s Ϗϧυ࣌ؒ(2ճ໨Ҏ߱) 16s 2s

21. 21 • BuildKit × ϚϧνεςʔδͰDockerfile؀ڥΛ੔උͰ͖ͨ • BuildKitΛ࢖͏͜ͱͷϝϦοτΛײ͡Δ͕ɺ σϝϦοτ͸ײ͡ͳ͍(͋͘·Ͱݸਓతʹ͸) • ڧ͍ͯݴ͑͹ɺͨͩͰ͑͞৬ਓܳʹ͍ۙDockerϏϧυ͕

    ɹΑΓ೉͘͠ͳ͍ͬͯΔ(޻ܳ඼ʹͳ͍ͬͯΔ)͔΋͠Εͳ͍ • ࠷ߴͷDockerfileΛٻΊΔཱྀ͸ଓ͘… ·ͱΊ