Options Galore: From Source Code to Container Image

Dockerfiles, Buildpacks, Jib and more ... what's the best way
to run your Java code in Containers? Matthias Haeussler, Chief Technologist @maeddes

@maeddes | 3 What we really do

@maeddes | What I do/ What we do 7

@maeddes | Situation 8

@maeddes | Options 9

@maeddes | Options 10

@maeddes | Situation 11

@maeddes | Lab Repo 12

@maeddes | „What is the best Java base container image?“
13

@maeddes | 14

@maeddes | 15

@maeddes | „What is the best Java base container image?“
16

@maeddes | Container Images as Templates 17

@maeddes | Container, Images & Layers 18

@maeddes | Docker History 19 [1]

@maeddes | 20 FROM ubuntu:24.04 RUN apt update && apt
install openjdk-21-jre-headless -y COPY target/simplecode-0.0.1-SNAPSHOT.jar /opt/app.jar CMD ["java","-jar","/opt/app.jar"] Dockerfile (simple)

@maeddes | Java today 21

@maeddes | Alternative Dockerfile 22 FROM eclipse-temurin:21-jre COPY target/simplecode-0.0.1-SNAPSHOT.jar /opt/app.jar
CMD ["java", "-jar", "/opt/app.jar"]

@maeddes | Alternative Dockerfile 23 FROM ibm-semeru-runtimes:open-21-jre COPY target/simplecode-0.0.1-SNAPSHOT.jar /opt/app.jar
CMD ["java", "-jar", "/opt/app.jar"]

@maeddes | JVM Landscape Talk - Gerrit Grunwald 24 https://www.youtube.com/watch?v=9_9L3pqGFcQ

@maeddes | Beware! 25

@maeddes | Be careful - This will still “work”! 26
FROM adoptopenjdk:11-jre-hotspot COPY target/simplecode-0.0.1-SNAPSHOT.jar /opt/app.jar CMD ["java", "-jar", "/opt/app.jar"]

@maeddes | Multi-Stage 27 [1]

@maeddes | Multi-Stage Dockerfile 28 FROM maven:3-eclipse-temurin-21 AS build RUN
mkdir -p /opt/app/src COPY src /opt/app/src COPY pom.xml /opt/app RUN mvn -f /opt/app/pom.xml package FROM eclipse-temurin:21-jre COPY --from=build /opt/app/target/simplecode-0.0.1-SNAPSHOT.jar /opt/app.jar ENTRYPOINT ["java","-jar","/opt/app.jar"]

@maeddes | Buildkit 31 [1]

@maeddes | 32

@maeddes | 33

@maeddes | Mount Cache 34 FROM maven:3-eclipse-temurin-21 AS build RUN
mkdir -p /opt/app/src COPY src /opt/app/src COPY pom.xml /opt/app RUN --mount=type=cache,target=/root/.m2 mvn -f /opt/app/pom.xml package FROM eclipse-temurin:21-jre COPY --from=build /opt/app/target/simplecode-0.0.1-SNAPSHOT.jar /opt/app.jar ENTRYPOINT ["java","-jar","/opt/app.jar"]

@maeddes | „What makes a (Java) container image good?“ 35

@maeddes | • Speed • Size • Structure • Standardization
• Simplicity • Security Criteria 36

@maeddes | • Speed • Size • Structure • Standardization
• Simplicity • Security • JVM configuration Criteria 37

@maeddes | The reality … 38

@maeddes | Considerations for structure and size 39

@maeddes | Considerations for Java 40

@maeddes | Layered Jar 41 FROM eclipse-temurin:21-jre AS builder COPY
--from=maven /opt/app/target/simplecode-0.0.1-SNAPSHOT.jar application.jar RUN java -Djarmode=layertools -jar application.jar extract FROM eclipse-temurin:21-jre COPY --from=builder application/dependencies/ ./ COPY --from=builder application/spring-boot-loader/ ./ COPY --from=builder application/snapshot-dependencies/ ./ COPY --from=builder application/application/ ./ ENTRYPOINT ["java","org.springframework.boot.loader.JarLauncher"]

@maeddes | Entire file 42 FROM maven:3-eclipse-temurin-21 AS maven RUN
mkdir -p /opt/app/src COPY src /opt/app/src COPY pom.xml /opt/app RUN --mount=type=cache,target=/root/.m2 mvn -f /opt/app/pom.xml package FROM eclipse-temurin:21-jre AS builder WORKDIR application COPY --from=maven /opt/app/target/simplecode-0.0.1-SNAPSHOT.jar application.jar RUN java -Djarmode=layertools -jar application.jar extract FROM eclipse-temurin:21-jre WORKDIR application COPY --from=builder application/dependencies/ ./ COPY --from=builder application/spring-boot-loader/ ./ COPY --from=builder application/snapshot-dependencies/ ./ COPY --from=builder application/application/ ./ ENTRYPOINT ["java","-XX:+UseParallelGC","-XX:MaxRAMPercentage=75","org.springframework.boot.loader.JarLauncher"]

@maeddes | Dockerfile and jlink (and jdeps) 43 https://snyk.io/blog/jlink-create-docker-images-spring-boot-java/

@maeddes | jlink and jdeps 45 FROM maven:3-eclipse-temurin-21 AS build
RUN --mount=type=cache,target=/root/.m2 mvn package RUN jdeps --ignore-missing-deps -q \ --recursive \ --multi-release 21 \ --print-module-deps \ --class-path 'BOOT-INF/lib/*' \ target/simplecode-0.0.1-SNAPSHOT.jar > deps.info RUN jlink \ --add-modules $(cat deps.info) \ --strip-debug \ --compress 2 \ --no-header-files \ --no-man-pages \ --output /myjre FROM debian:bookworm-slim COPY --from=build /myjre $JAVA_HOME COPY --from=build /usr/src/project/target/simplecode-0.0.1-SNAPSHOT.jar /project/

46 FROM maven:3-eclipse-temurin-21 AS build RUN mkdir /opt/app COPY src
/opt/app/src COPY pom.xml /opt/app WORKDIR /opt/app RUN --mount=type=cache,target=/root/.m2 mvn package -DskipTests RUN jar xf target/simplecode-0.0.1-SNAPSHOT.jar RUN jdeps --ignore-missing-deps -q \ --recursive \ --multi-release 21 \ --print-module-deps \ --class-path 'BOOT-INF/lib/*' \ target/simplecode-0.0.1-SNAPSHOT.jar > deps.info RUN jlink \ --add-modules $(cat deps.info) \ --strip-debug \ --compress 2 \ --no-header-files \ --no-man-pages \ --output /myjre FROM eclipse-temurin:21-jre AS extractor RUN mkdir /opt/app WORKDIR /opt/app COPY --from=build /opt/app/target/simplecode-0.0.1-SNAPSHOT.jar application.jar RUN java -Djarmode=layertools -jar application.jar extract FROM ubuntu:jammy ENV JAVA_HOME /opt/java/jdk21 ENV PATH $JAVA_HOME/bin:$PATH COPY --from=build /myjre $JAVA_HOME RUN mkdir /opt/app WORKDIR /opt/app COPY --from=extractor /opt/app/dependencies/ ./ COPY --from=extractor /opt/app/spring-boot-loader/ ./ COPY --from=extractor /opt/app/snapshot-dependencies/ ./ COPY --from=extractor /opt/app/application/ ./ ENTRYPOINT ["java","-XX:+UseParallelGC","-XX:MaxRAMPercentage=75","org.springframework.boot.loader.JarLauncher"]

@maeddes | 47 Dockerfile Learnings

48 & more …?

@maeddes | 49 [2]

@maeddes | 50 [2]

@maeddes | Jib 52

@maeddes | Jib 53

@maeddes | Jib 54

@maeddes | Considerations - Recap 55

@maeddes | Continued strategy 56

@maeddes | Jib 57

58 Cloud-Native Buildpacks buildpacks.io

@maeddes | Buildpacks idea 59

@maeddes | History 60

@maeddes | Flow 61

@maeddes | Rebase 62

63 paketo.io

@maeddes | Multi Runtime/Language Support 64 [3]

@maeddes | Rebase 65

@maeddes | 66 Flow

@maeddes | Java settings 67

@maeddes | 68

@maeddes | Summary 69 • Be aware of options and
possibilities • Be aware of the possibilities of your options • Keep your base images and layers as consistent as possible throughout your landscape • Avoid “wild growth” through dockerfiles • Automate and standardize as much as possible • Give jib and buildpacks a try

@maeddes | 70 Dockerfile (simple) Dockerfile (multistage) Dockerfile (jlink/jdeps) Jib
Buildpacks/ Paketo Speed 🤩 Size 🤩 Structure 🙂 🙂 🤩 🤩 Standardization 🙂 🙂 🙂 🤩 Simplicity 🙂 🤩 🙂 Security 🙂 🤩 🙂

@maeddes | Lab Repo 71

Novatec Consulting GmbH Bertha-Benz-Platz 1 D-70771 Leinfelden-Echterdingen T. +49 711
22040-700 [email protected] www.novatec-gmbh.de 72 Chief Technologist Matthias Haeussler Mobil: +49 175 222 5949 E-Mail: [email protected] Twitter: @maeddes

Sources @maeddes | ▪ https://www.excalidraw.com ▪ [1] https://docs.docker.com/engine/release-notes/prior-releases/ ▪ [2]
https://blog.codecentric.de/en/2020/11/buildpacks-spring-boot/ ▪ [3] https://paketo.io/ ▪ https://buildpacks.io/features/ ▪ https://github.com/GoogleContainerTools/jib ▪ https://www.baeldung.com/docker-layers-spring-boot ▪ https://spring.io/blog/2020/01/27/creating-docker-images-with- spring-boot-2-3-0-m1 ▪ https://github.com/openshift/source-to-image 73

Options Galore: From Source Code to Container I...

Options Galore: From Source Code to Container Image

More Decks by Matthias Haeussler

Other Decks in Technology

Featured

Transcript