Upgrade to Pro — share decks privately, control downloads, hide ads and more …

Better docker image+

orisano
December 05, 2018
Technology
6
6k

Better docker image+

orisano

December 05, 2018
Tweet

More Decks by orisano

See All by orisano
OSS Performance Tuning Tips
orisano
8
5.7k
Docker-Compose & BuildKit
orisano
4
980
Container Build Talk
orisano
3
2.5k
dockerignore talk
orisano
2
7k
Socket.IO Introduction
orisano
0
3.1k
Profiling Go Application
orisano
11
7.7k
Multi-stage Builds Patterns & Practice
orisano
6
5.1k
better docker image
orisano
22
30k
the world of characters
orisano
8
1.4k

Other Decks in Technology

See All in Technology
DevinでAI AWSエンジニア製造計画 序章 〜CDKを添えて〜/devin-load-to-aws-engineer
tomoki10
0
210
プロダクト開発者目線での Entra ID 活用
sansantech
PRO
0
100
ABWG2024採択者が語るエンジニアとしての自分自身の見つけ方〜発信して、つながって、世界を広げていく〜
maimyyym
1
210
Platform Engineeringで クラウドの「楽しくない」を解消しよう
jacopen
4
190
LayerXにおけるAI活用事例とその裏側(2025年2月) バクラクの目指す “業務の自動運転” の例 / layerx-ai-deim2025
yuya4
1
350
プルリクエストレビューを終わらせるためのチーム体制 / The Team for Completing Pull Request Reviews
nekonenene
3
1k
E2Eテスト自動化入門
devops_vtj
1
120
Two Blades, One Journey: Engineering While Managing
ohbarye
4
2.5k
事業モメンタムを生み出すプロダクト開発
macchiitaka
0
100
【5分でわかる】セーフィー エンジニア向け会社紹介
safie_recruit
0
19k
AWSではじめる Web APIテスト実践ガイド / A practical guide to testing Web APIs on AWS
yokawasa
8
770
フォーイット_エンジニア向け会社紹介資料_Forit_Company_Profile.pdf
forit_tech
1
1.7k

Featured

See All Featured
Making the Leap to Tech Lead
cromwellryan
133
9.1k
JavaScript: Past, Present, and Future - NDC Porto 2020
reverentgeek
47
5.2k
Dealing with People You Can't Stand - Big Design 2015
cassininazir
366
25k
How to train your dragon (web standard)
notwaldorf
91
5.9k
Templates, Plugins, & Blocks: Oh My! Creating the theme that thinks of everything
marktimemedia
30
2.2k
Six Lessons from altMBA
skipperchong
27
3.6k
Visualizing Your Data: Incorporating Mongo into Loggly Infrastructure
mongodb
45
9.4k
CSS Pre-Processors: Stylus, Less & Sass
bermonpainter
356
29k
Building Applications with DynamoDB
mza
93
6.2k
[RailsConf 2023 Opening Keynote] The Magic of Rails
eileencodes
28
9.3k
"I'm Feeling Lucky" - Building Great Search Experiences for Today's Users (#IAC19)
danielanewman
227
22k
Designing for humans not robots
tammielis
250
25k

Transcript

  1. Better Docker Image+ Bonfire Backend #2 #yjbonfire @orisano

  2. ྑ͍Docker Imageͱ͸Կ͔

  3. ݟͯΘ͔Γ΍͍͢ खݩͰߴ଎ʹbuild͞ΕΔ CI্Ͱߴ଎ʹbuild͞ΕΔ ߴ଎ʹdeploy͞ΕΔ

  4. ࠓ೔࿩͍ͨ͜͠ͱ

  5. ͲͷΑ͏ʹ଎͘͢Δ͔ ͲͷΑ͏ʹখ͘͢͞Δ͔

  6. ͲͷΑ͏ʹ଎͘͢Δ͔ ͲͷΑ͏ʹখ͘͢͞Δ͔

  7. ͲͷΑ͏ʹ଎͘͢Δ͔ • ΠϝʔδΛখ͘͢͞Δ • ίϚϯυͦͷ΋ͷΛ଎͘͢Δ • cacheΛޮ͔ͤΔ • ґଘͷͳ͍εςʔδΛฒྻͰ࣮ߦ͢Δ •

    ඞཁͳ͍εςʔδΛbuild͠ͳ͍

  8. ͲͷΑ͏ʹ଎͘͢Δ͔ • ΠϝʔδΛখ͘͢͞Δ • ίϚϯυͦͷ΋ͷΛ଎͘͢Δ • cacheΛޮ͔ͤΔ • ґଘͷͳ͍εςʔδΛฒྻͰ࣮ߦ͢Δ •

    ඞཁͳ͍εςʔδΛbuild͠ͳ͍

  9. imageΛখ͘͢͞Δͷ͸ docker push͢Δͱ͖ͷ଎౓ docker pull͢Δͱ͖ͷ଎౓ ͷߴ଎Խʹͭͳ͕Δ

  10. Ͳͷ༷ʹখ͘͢͞Δ͔͸ ͋ͱͰ

  11. ͲͷΑ͏ʹ଎͘͢Δ͔ • ΠϝʔδΛখ͘͢͞Δ • ίϚϯυͦͷ΋ͷΛ଎͘͢Δ • cacheΛޮ͔ͤΔ • ґଘͷͳ͍εςʔδΛฒྻͰ࣮ߦ͢Δ •

    ඞཁͳ͍εςʔδΛbuild͠ͳ͍

  12. ίϚϯυͦͷ΋ͷΛ଎͘͢Δ

  13. URLʹର͢ΔADDΛ࢖Θͳ͍

  14. URLʹର͢ΔADD͸ جຊతʹμ΢ϯϩʔυ͢Δ

  15. ஗͍

  16. ΞΫηε͍ͯ͠Δઌͷ ίϯςϯπ͕ႈ౳ͳΒ wget + gzip + tarͰे෼

  17. `RUN wget`ʹ͢Δ͜ͱͰ cache͕ޮ͘

  18. ႈ౳Ͱͳ͍Ϧιʔεʹ ґଘ͢ΔͷΛۃྗ΍ΊΔ

  19. build context ͷసૹྔΛߟ͑Δ

  20. ϞϊϨϙʹ͢Δͱ build contextେ͖͘ͳΓ͕ͪ

  21. ϞϊϨϙͷ৔߹͸ .dockerignore Λࣗಈੜ੒͠Α͏

  22. github.com/orisano/dignore • ࢦఆ͞ΕͨdirectoryҎ֎ͷdirectoryΛignore • ࢦఆ͞Εͨdirectoryʹdockerignore͕͋Ε͹ ల։ • ͜Ε͚ͩʂ

  23. buildͷલ޻ఔͰ buildʹඞཁͳ͍αʔϏε͸ Ignore͠Α͏

  24. buildkitΛ࢖͍ͬͯΔͱ ࠩ෼సૹͯ͘͠ΕͨΓ͢Δ

  25. COPYΛҙࣝͨ͠ directoryߏ଄

  26. COPYͷҾ਺͕ directoryͷ৔߹͸ ର৅ͷdirectoryʹ த਎Λશ෦ίϐʔͯ͠͠·͏

  27. ಛఆͷσΟϨΫτϦ͚ͩ ίϐʔͨ͘͠ͳ͍ ͱ͍͏͕೉͍͠

  28. dockerignore Ͱআ֎͢Ε͹ྑ͘ͳ͍ʁ

  29. ͍͍͑

  30. vendorͳͲΛ௚઀؅ཧͯ͠ build࣌ʹdownload͠ͳ͍ ৔߹ʹຊ౰ʹਏ͍

  31. 2ճҎ্ॏ͍directoryΛ COPYͨ͘͠ͳ͍

  32. ͦ͏ͳΒͳ͍ͨΊͷ directoryߏ଄ʹ͓ͯ͜͠͏

  33. ਓ͕ؒॻ͍ͨ΋ͷ͕ ೖ͍ͬͯΔdirectory ֎෦ʹґଘ͍ͯ͠Δ΋ͷ ࣗಈੜ੒෺͕ೖ͍ͬͯΔ directoryΛ෼཭͠Α͏

  34. buildkitͩͱࠩ෼సૹ

  35. ͍ͣΕʹͤΑ ෼཭͓͍ͯͨ͠ํ͕ cacheʹ༏͍͠

  36. RUNͷத਎Λ଎͘͢Δ

  37. GitHub͔Β࣮ߦϑΝΠϧΛ curl or wgetͰऔಘ͢Δ ͕஗͍

  38. Ͳ͏ʹ͔଎͘Ͱ͖ͳ͍͔ curl -vvvΛ͏ͬͯΈͨ

  39. GitHub Release͸S3Ͱ͋Δ S3͸Accept-Ranges: bytes ͱ͍͏͜ͱ͕Θ͔ͬͨ

  40. Accept-Ranges: bytes ͬͯͳΜͩΖ͏

  41. RFC7233, Range Requests ൣғΛࢦఆͯ͠ downloadͰ͖Δ

  42. ͭ·Γ ฒྻμ΢ϯϩʔυ͕Մೳ

  43. github.com/orisano/rget

  44. None

  45. ؀ڥʹΑΓ·͕͢ 5min -> 2min

  46. Dockerfileͷ޻෉Ҏ֎ʹ΋ ଎͘͢ΔΞϓϩʔν͸͋Δ

  47. ͲͷΑ͏ʹ଎͘͢Δ͔ • ΠϝʔδΛখ͘͢͞Δ • ίϚϯυͦͷ΋ͷΛ଎͘͢Δ • cacheΛޮ͔ͤΔ • ґଘͷͳ͍εςʔδΛฒྻͰ࣮ߦ͢Δ •

    ඞཁͳ͍εςʔδΛbuild͠ͳ͍

  48. cacheΛޮ͔ͤΔ

  49. docker build͢ΔϚγϯ͕ ಉҰͷ৔߹ ಉҰͰͳ͍৔߹

  50. docker build͢ΔϚγϯ͕ ಉҰͷ৔߹ ಉҰͰͳ͍৔߹

  51. cacheͷ࢓૊ΈΛཧղ͢Δ

  52. RUN͸ จࣈྻ͕มΘΒͳ͍ݶΓ جຊతʹcache͞ΕΔ

  53. COPY, ADD͢ΔϑΝΠϧͷ ಺༰͕มΘͬͨ৔߹ Ҏ߱ͷRUNͷcache͕ഁغ

  54. ͳͷͰ lockfileͳͲΛઌʹίϐʔͯ͠ install͚ͩͯ͠cacheͤ͞Δ

  55. None
  56. None

  57. docker build͢ΔϚγϯ͕ ಉҰͷ৔߹ ಉҰͰͳ͍৔߹

  58. CI্Ͱbuild͢Δͱ͖ͳͲ cache͕ͳ͍͜ͱ͕ଟ͍

  59. docker save & load or docker pull docker build —cache-from

    Λ࢖͏

  60. image͕େ͖͍/layer͕ଟ͍ ৔߹ buildͷ΄͏͕ૣ͍͜ͱ΋͋Δ

  61. image͕େ͖͍/layer͕ଟ͍ ৔߹ buildͷ΄͏͕ૣ͍͜ͱ΋͋Δ ܭଌܾͯ͠ΊΔ

  62. ͲͷΑ͏ʹ଎͘͢Δ͔ • ΠϝʔδΛখ͘͢͞Δ • ίϚϯυͦͷ΋ͷΛ଎͘͢Δ • cacheΛޮ͔ͤΔ • ґଘͷͳ͍εςʔδΛฒྻͰ࣮ߦ͢Δ •

    ඞཁͳ͍εςʔδΛbuild͠ͳ͍

  63. ґଘͷͳ͍εςʔδΛ ฒྻͰ࣮ߦ͢Δ

  64. buildkitΛ࢖͍ͬͯͩ͘͞ʂ github.com/moby/buildkit export DOCKER_BUILDKIT=1

  65. ͲͷΑ͏ʹ଎͘͢Δ͔ • ΠϝʔδΛখ͘͢͞Δ • ίϚϯυͦͷ΋ͷΛ଎͘͢Δ • cacheΛޮ͔ͤΔ • ґଘͷͳ͍εςʔδΛฒྻͰ࣮ߦ͢Δ •

    ඞཁͳ͍εςʔδΛbuild͠ͳ͍

  66. ඞཁͳ͍εςʔδΛ build͠ͳ͍

  67. —targetΛ࢖͑͹Α͍ͷͰ͸ʁ

  68. —target͸ ࢦఆͨ͠εςʔδҎલΛ શ෦build͢Δ

  69. multi stage buildΛ ౿ΈࠐΜͩ࢖͍ํ͍ͯ͠Δͱ ૺ۰͕ͪ͠

  70. multi stage buildͷ ౿ΈࠐΜͩ࢖͍ํʹ͍ͭͯ͸

  71. https://speakerdeck.com/orisano/multi-stage-builds-patterns-and-practice

  72. ͓ͦΒ͘buildkitͰͰ͖Δ͕ buildkit͕࢖͑ͳ͍৔߹ʹ

  73. github.com/orisano/targd • DockerfileͷASTΛऔಘ • ࢦఆ͞ΕͨεςʔδͷґଘεςʔδΛநग़ • ґଘεςʔδ͚ͩͷDockerfileΛग़ྗ

  74. github.com/orisano/targd

  75. ͲͷΑ͏ʹ଎͘͢Δ͔ ͲͷΑ͏ʹখ͘͢͞Δ͔

  76. ͲͷΑ͏ʹখ͘͢͞Δ͔ • multi stage buildΛ࢖͏ • RUNΛ·ͱΊΔ(?) • ͳͥେ͖͍͔Λ஌Δ

  77. ͲͷΑ͏ʹখ͘͢͞Δ͔ • multi stage buildΛ࢖͏ • RUNΛ·ͱΊΔ(?) • ͳͥେ͖͍͔Λ஌Δ

  78. multi stage buildΛ࢖͏

  79. multi stage buildͰ ͋Γ͕ͪͳٙ໰

  80. ࠷ऴతͳΠϝʔδ͕ খ͘͞ͳΔ͔Β ͦΕ·Ͱͷεςʔδ͸ ࠷దԽ͠ͳͯ͘ྑ͍ʁ

  81. None

  82. ݸਓతʹ͸No

  83. moby/issues/34715 —cache-formͩͱ multi stage buildͷ લஈͷεςʔδͷcache͕ ޮ͔ͳ͍

  84. ࠷ऴεςʔδ͔͠ pushͯ͠ͳ͍͔Β౰ͨΓલ

  85. CI্Ͱͷbuild͸ —cache-fromΛ࢖͏ ࠷ऴεςʔδ͚ͩcache͢Δ ҙຯ͸ͳ͍

  86. multi stage build࣌ʹ cacheΛޮ͔͍ͤͨ৔߹͸ લͷεςʔδ΋ ໌ࣔతʹpush͢Δ͔͠ͳ͍

  87. ͜ΕΛखಈͰ΍Δͱ cache-from஍ࠈʹͳΔ

  88. github.com/orisano/castage • DockerfileͷASTΛऔಘ • εςʔδҰཡΛऔಘ • docker pullΛੜ੒ • docker

    buildΛcache-from෇͖Ͱੜ੒

  89. ݁ہpush͢ΔͷͰ push/pullͷίετ͕͔͔Δ ͢΂ͯͷεςʔδΛฏ౳ʹ খ͘͢͞΂͖ (ݸਓͷݟղͰ͢)

  90. ͲͷΑ͏ʹখ͘͢͞Δ͔ • multi stage buildΛ࢖͏ • RUNΛ·ͱΊΔ(?) • ͳͥେ͖͍͔Λ஌Δ

  91. RUNΛ·ͱΊΔ(?)

  92. Ͳ͔ͬʔ;͍͊Δ͸ 1ͭͷRUNʹ શ෦ॻ͘ͱྑ͍Β͍͠(?)

  93. github.com/orisano/minid • DockerfileͷASTΛऔಘ • ࿈ଓ͢ΔRUN, COPY, ADDΛ࿈݁͢Δ • ݁ՌͷDockerfileΛग़ྗ

  94. github.com/orisano/minid

  95. αΠζ͕খ͘͞ͳͬͨ

  96. Ͱ΋ͳΜͰʁ

  97. ϨΠϠʔͷΦʔόʔϔου͕ ݮΔ͔Βখ͘͞ͳΔʁ

  98. ͍͍͑

  99. ·ͣ Ͳ͏͍͏ܗͰอଘ͞ΕͯΔ͔ Λ஌Δ

  100. moby/image/spec/v1.md

  101. AUFS

  102. http://docs.docker.jp/engine/userguide/storagedriver/aufs-driver.html

  103. ࡟আ͸ whiteoutϑΝΠϧͷ௥Ճ Ҡಈ͸ opaqueϑΝΠϧͷ௥Ճ ʴ ҠಈઌͷϑΝΠϧࠩ෼

  104. Ұ౓Ͱ΋ RUN,COPY,ADDΛލ͙ͱ imageʹ͸࢒ͬͯ͠·͏

  105. ػցతʹͰ΋ ҰͭͷRUNʹ·ͱΊΔ͜ͱͰ ༨ܭͳ΋ͷΛ࡟ݮͰ͖Δ

  106. 1ͭͷϨΠϠʔʹ ·ͱΊΔ͜ͱ͸ ຊ౰ʹਖ਼͍͠ͷ͔

  107. ϨΠϠʔΛผ͚Δ͜ͱʹΑΓ ฒྻμ΢ϯϩʔυͷԸܙ cacheͷ༗ޮ׆༻

  108. ϨΠϠʔΛผ͚Δ͜ͱʹΑΓ ฒྻμ΢ϯϩʔυͷԸܙ cacheͷ༗ޮ׆༻ ܭଌܾͯ͠ΊΔ

  109. ͲͷΑ͏ʹখ͘͢͞Δ͔ • multi stage buildΛ࢖͏ • RUNΛ·ͱΊΔ(?) • ͳͥେ͖͍͔Λ஌Δ

  110. ͳͥେ͖͍͔Λ஌Δ

  111. ͍͔ͳΔνϡʔχϯάͰ΋ ܭଌͤͣʹ΍ͬͯ͸͍͚ͳ͍

  112. docker history

  113. docker history

  114. ͲͷϨΠϠʔ͕ େ͖͍͔͸Θ͔Δ͚Ͳ ͳͥେ͖͍͔͸෼͔ΓͮΒ͍

  115. ҙ֎ʹίϚϯυ͕ Ͳ͏͍͏ϑΝΠϧΛ࡞Δͷ͔ ஌Βͳ͍

  116. github.com/orisano/dlayer • docker saveͰಘΒΕͨtarΛղੳ • layerͱcmdͷରԠΛͱΔ • layerͷࠩ෼ΛϑΝΠϧαΠζ͕େ͖͍ॱʹද ࣔ

  117. github.com/orisano/dlayer

  118. ࣮ࡍʹdlayerΛ࢖ͬͯ golangެࣜalpineΠϝʔδͷ αΠζΛݮΒͯ͠Έͨ

  119. docker-library/golang/pull/232

  120. None

  121. golang:1.11͔Βtoolchainͷ αΠζ͕Ͱ͔͘ͳͬͨ SSAͰͷ࠷దԽ͕૿͔͑ͨΒʁ

  122. 253MB

  123. 305MB

  124. github.com/wagoodman/dive

  125. ࡞ͬͨπʔϧ • github.com/orisano/rget • github.com/orisano/targd • github.com/orisano/minid • github.com/orisano/dlayer •

    ྑ͍ͱࢥͬͨΒελʔ͍͚ͯͨͩ͠ΔͱྭΈʹͳΓ·͢

  126. ࡞ͬͨπʔϧ • github.com/orisano/dignore • github.com/orisano/castage • ྑ͍ͱࢥͬͨΒελʔ͍͚ͯͨͩ͠ΔͱྭΈʹͳΓ·͢

  127. ·ͱΊ • ίϚϯυΛ଎͘Ͱ͖ͳ͍͔ߟ͑Δ • cacheΛཧղͯ͠༗ޮʹ׆͔͢ (CI or ϩʔΧϧ) • multi

    stage buildΛ࢖͏ (ॏ͍stageΛcache͢Δ) • layerΛখ͘͢͞ΔͨΊʹ෼ੳ͢Δ • buildkitΛ࢖͏!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!

  128. rget͜΅Ε࿩

  129. github.com/orisano/rget

  130. Ͱ΋ ͜ΕͰຊ౰ʹ͍͍ΜͩΖ͏͔

  131. rgetͷbinaryΛdownload ͢ΔͷͰ͸ෛ͚ͨؾ͕͢Δ()

  132. shell͚ͩͰ ࣮ݱͰ͖ͳ͍ͩΖ͏͔

  133. ϙʔλϒϧੑ͸͍Βͳ͍ͷͰ ओઓ৔ͷalpineʹߜΔ

  134. alpine(busybox)͸ xargs͕ೖ͍ͬͯΔʂʂʂ

  135. xargsΛ࢖͏͜ͱͰ ฒྻԽ ಉ࣌઀ଓ਺੍ݶ ͕࣮ݱͰ͖Δ

  136. GitHub Release͸ ؆୯ʹHEAD͕Ͱ͖ͳ͍ͷͰ GETͰbodyΛແࢹͯ͠ Content-LengthΛऔಘͰ͖Δ

  137. seqͰ chunkͷrangeΛੜ੒Ͱ͖Δ

  138. wget͸206 Partial Content ͕͏·͘ѻ͑ͳ͍ͷͰμϝ

  139. ࢓ํͳ͍ͷͰ curl -RͰdownload

  140. ࠷ޙʹcatͯ͠chunkΛ݁߹

  141. shellͰ΋࣮ݱͰ͖Δʂ

  142. ͔͠͠ curl͸alpineඪ४Ͱ͸ͳ͍

  143. apk add —no-cache curl ͸ෛ͚ͨؾ͕͢Δ()

  144. ͔͠͠ wget͸206͕ॲཧͰ͖ͳ͍

  145. ఘΊΒΕͳ͍ͷͰ busyboxͷwgetͷ ιʔείʔυΛಡΉ

  146. busybox/networking/wget.c

  147. busybox/networking/wget.c

  148. -OͰࢦఆͨ͠ϑΝΠϧ͕ଘࡏ (ϑΝΠϧαΠζ͕1Ҏ্) -cΛࢦఆ͍ͯ͠Δ ্هͷ৚݅Λຬͨ͢ͱ͖ 206Λॲཧͯ͘͠ΕΔ

  149. ͭ·Γ ద౰ͳ1byteͷϑΝΠϧʹ -cͰࢦఆ͢Δ͜ͱͰճආՄೳ

  150. ઌ಄ͷ1byteΛऔΓআ͚Ε͹ alpineඪ४ͷΈͰ࣮ݱՄೳ

  151. tailͰ΋Մೳ͕ͩ஗͍ dd skip=1 iflag=skip_bytes ͕ߴ଎

  152. alpineඪ४ͷΈͰ࣮ݱ

  153. https://github.com/orisano/rget/blob/master/rget.sh