Where communities thrive

  • Join over 1.5M+ people
  • Join over 100K+ communities
  • Free without limits
  • Create your own community
    Kyle Quest
    @btalberg thank you for sharing! need to investigate this a bit more. Ideally you shouldn't need those includes. We'll figure out what's going on :)
    1 reply
    Hi everyone, I am facing an issue related to the docker-slim image. When running a python application with normal docker images, the application is running on Flask and the API URL is also working. When running this application with docker-slim image, the application is running but none of the APIs are working.
    Get the following error "home:1 Access to XMLHttpRequest at 'http://localhost:7002/PATH' from origin 'http://localhost:8080' has been blocked by CORS policy: Response to preflight request doesn't pass access control check: No 'Access-Control-Allow-Origin' header is present on the requested resource."
    Steve Simpson

    Hi Everyone :wave:

    Loving docker-slim! Having some issues getting it to run as part of our gitlab pipelines though. I can build the docker image as normal but then get an image.not.found status when running docker-slim build. I'm using docker dind here. Sanitised gitlab-ci.yml if anyone can offer any advice

      image: docker:latest
      stage: build
        - docker:dind
        ECR: 'xxx.dkr.ecr.xxx.amazonaws.com'
        NAMESPACE: 'xxx'
        IMG_NAME: 'my-img'
        TAG: 'test'
        - wget -O /usr/local/bin/docker-credential-ecr-login https://amazon-ecr-credential-helper-releases.s3.us-east-2.amazonaws.com/0.5.0/linux-amd64/docker-credential-ecr-login
        - chmod +x /usr/local/bin/docker-credential-ecr-login
        - mkdir ~/.docker
        - echo "{\"credsStore\":\"ecr-login\",\"credHelpers\":{\"$ECR\":\"ecr-login\"}}" > ~/.docker/config.json
        - cat ~/.docker/config.json
        - docker info
        # Build image
        - docker build -t "${FULL_PATH}:${TAG}" .
        # Build docker-slim image
        - docker run -v $(pwd):/mnt -e DOCKER_HOST=tcp://$(grep docker /etc/hosts | cut -f1):2375 dslim/docker-slim --in-container build --http-probe=false --exec-file mnt/files/slim/slim.sh --include-path-file mnt/files/slim/includes.txt --tag "${FULL_PATH}:${TAG}-slim" "${FULL_PATH}:${TAG}"
        # Push both versions to ECR
        - docker push "${FULL_PATH}:${TAG}"
        - docker push "${FULL_PATH}:${TAG}-slim"
        - master
    Sanitised pipeline error:
    cmd=build info=params target.type='image' target='xxx.dkr.ecr.xxx.amazonaws.com/xxx/my-img:test' continue.mode='exec' rt.as.user='true' keep.perms='true' tags='xxx.dkr.ecr.xxx.amazonaws.com/xxx/my-img:test-slim' 
    cmd=build info=target.image.error status='image.not.found' image='xxx.dkr.ecr.xxx.amazonaws.com/xxx/my-img:test' message='make sure the target image already exists locally (use --pull flag to auto-download it from registry)'
    Kyle Quest
    @stevesimpson418 which version of docker-slim did you use (when did you run it the last time)? dslim/docker-slim will pull the latest, but wanted to double check what specific version it maps too. There’ve been a couple of similar problems in the past.


    I am trying to minify a spring boot (java11) image. when running build with docker-slim it starts the http-probe but it seems to timeout everytime. The application itself is defnitely working and the ports are exposed. When I try to minify it without the http-probe, build finishes but when I try to run the image I get a java stacktrace, saying it is missing it's main class. Can somebody tell me what is going wrong here?

    1 reply
    there is an error when i run docker-slim
    ockerslimk_2908191_20220123091918' id='dc9550659102daf969790ccb30494a035441c12e98977f05222813648ef628df' target.port.list='' target.port.info=''
    cmd=build state=http.probe.error message=expose your service port with --expose or disable HTTP probing with --http-probe=false if your containerized application doesnt expose any network services error=no exposed ports
    cmd=build state=exited code=33554435
    cmd=build state=container.target.shutdown.start
    cmd=build state=container.target.shutdown.done
    docker-slim: message='join the Gitter channel to ask questions or to share your feedback' info='https://gitter.im/docker-slim/community'
    docker-slim: message='join the Discord server to ask questions or to share your feedback' info='https://discord.gg/9tDyxYS'
    docker-slim: message='Github discussions' info='https://github.com/docker-slim/docker-slim/discussions'
    1 reply
    i have tried many version
    Hi, sorry for a stupid question, I would love to use docker-slim,
    but my problem is that I switched from docker to podman,
    Is there anything like podman-slim? Basically a similar tool which wouldn't require a docker daemon?
    3 replies
    Marton Kodok
    I wrote about integrating DockerSlim to Cloud Build, we have leaner, smaller, more secure containers at @Reea_Romania for our #googlecloud clients. #cloudrun #cloudbuild #cloud #docker @GoogleDevExpert collaboration with docker-slim team https://medium.com/p/64da29fd58d1
    Hi all, new to docker-slim,
    how do i pass my docker run command args to the docker-slim build commands
    2 replies
    Hi All, I have a golang app that listens on port 8080 but it opens the port only once it gets the configuration from a configuration server. I am trying to use docker-slim build on container image running the app. http probe is not successful as app does not open port 8080. If I set the http-probe to false, the slim image is made but the container is not able to do http communication. Please suggest how to resolve this issue
    1 reply
    Katleho Madisa
    Hi. I came across docker-slim and wanted to used it to reduce one of my image's size. I just wanted to find out if it can be used for a c++ app? I have managed to run docker-slim on my image and tried to include some of the paths to the compiled executables. However when I try to run them, I get /bin/sh: ./bin/app: not found. Anybody knows what could be causing that. Any help will be appreciated. Thanks.
    karan singh
    Dear docker-slim maintainers, whenever you have time, can you guys check out this issue that i am facing
    Niaz Hussain
    hi , Is there any method to run docker-slim in https://github.com/GoogleContainerTools/kaniko
    Kyle Quest
    Kaniko is a specialized image build tool and the best bet is to integrate docker-slim as a post-build step. This integration is not supported natively yet, but it is on the roadmap to use non-docker build and runtime engines

    Hi! Hope you all good.
    I have recently started using docker-slim and I have spent almost all day trying to slim an image, but at the end I get the same error message:

    level=error msg="dockerutil.CopyFromContainer: dclient.DownloadFromContainer() error = inactivity time exceeded timeout"
    level=fatal msg="docker-slim: failure" error="inactivity time exceeded timeout" stack="goroutine 1 [running]:\nruntime/debug .................

    All my probes are succefull, and the slim report returns:
    "version": "1.0",
    "engine": "linux|Transformer|1.37.6|26a36c88a94c677efd734e874ba081dabb84a224|2022-04-23_06:03:56AM",
    "containerized": false,
    "host_distro": {
    "name": "Ubuntu",
    "version": "22.04",
    "display_name": "Ubuntu 22.04 LTS"
    "type": "build",
    "state": "error",
    "target_reference": "my_api",
    "system": {
    "type": "",
    "release": "",
    "distro": {
    "name": "",
    "version": "",
    "display_name": ""
    "source_image": {
    "identity": {
    "id": ""
    "size": 0,
    "size_human": "",
    "create_time": "",
    "docker_version": "",
    "architecture": "",
    "container_entry": {
    "exe_path": ""
    "minified_image_size": 0,
    "minified_image_size_human": "",
    "minified_image": "",
    "minified_image_has_data": false,
    "minified_by": 0,
    "artifact_location": "",
    "container_report_name": "",
    "seccomp_profile_name": "",
    "apparmor_profile_name": "",
    "image_stack": [...]

    I hope you can help me. Thanks!

    1 reply
    Saddam ZEMMALI
    nginx: [emerg] mkdir() "/var/lib/nginx/tmp/client_body" failed (2: No such file or directory)
    1 reply
    David Grayson

    hi folks. I'm new to docker-slim and trying to minify a python app, but I can't seem to get the necessary dependencies included just to execute the main entrypoint. i've tried using the entrypoint itself with the --exec flag, but still no luck. here's my command and output

    docker-slim build --target model:local --http-probe-off --exec "seldon-core-microservice"
    cmd=build info=continue.after mode='exec' message='provide the expected input to allow the container inspector to continue its execution'
    cmd=build info=continue.after mode='exec' shell='seldon-core-microservice'
    docker-slim[build][exec]: output: Traceback (most recent call last):
    docker-slim[build][exec]: output:   File "/app/.local/bin/seldon-core-microservice", line 5, in <module>
    docker-slim[build][exec]: output:     from seldon_core.microservice import main
    docker-slim[build][exec]: output: ModuleNotFoundError: No module named 'seldon_core'

    what am I missing here?

    Menelaos Kotsollaris
    hey! Is it possible to run docker-slim within a container?
    My strategy is to have a multi-stage container and call docker-slim in the last stage to minify content. I was wondering if there are any examples of this strategy!
    1 reply
    Jakub Miazek
    Hi, Im not sure if there is any other channel to ask tech q: i have below slim command on my python app using python:3.9.12-slim-bullseye >>>
    docker-slim build --compose-env-file service.env --compose-file docker-compose.slim.yml --target-compose-svc data-api --dep-include-target-compose-svc-deps true --include-shell --include-bin /usr/bin/curl --http-probe-exec data-api box/test-data-api:latest
    curl is not available after slim is done 😦 and have no errors
    not sure if there is any mistake in above cmd
    2 replies
    1 reply
    hello guys who has the same issue?
    it seems that docker-slim can't find out docker info
    Gürkan İndibay
    I have a docker image which could be run with parameters
    docker run -d --name citus -p 5500:5432 -e POSTGRES_PASSWORD=mypassword citusdata/citus
    I'm trying to make it slim using the command below
    docker-slim build --dockerfile Dockerfile --dockerfile-context .
    Since docker-slim is trying to run the image without parameters, it gets an error and when I check the local docker images I can see a docker image named "docker-slim-tmp-fat-image.45563.20220707100131"
    How could I pass the run parameters and make docker-slim execute "docker run" successfully?
    Kyle Quest
    @gurkanindibay you can pass most docker run parameters to docker-slim. For example, you can pass the environment variables using the --env docker-slim param
    Arsalan Khan

    Hi Team, I am trying to slim one of the docker images built on linux/amd64. I am using mac m1 and got the following error

    cmd=build info=build.error status='optimized.image.build.error' error='failed to get destination image "sha256:11f111d5f1e19203639fb5d0089231c00d2f1c4f618adc9c5981b13d7195f504": image with reference sha256:11f111d5f1e19203639fb5d0089231c00d2f1c4f618adc9c5981b13d7195f504 was found but does not match the specified platform: wanted linux/amd64, actual: linux/arm64'
    cmd=build state=exited code=33554435 version=darwin|Transformer|1.37.6|26a36c88a94c677efd734e874ba081dabb84a224|2022-04-23_06:07:44AM location=/usr/local/bin

    can anyone help here ? Thanks

    1 reply
    Hey fellas , is there any way to build docker-slim image directly without building it first via docker then slimming it ?
    1 reply
    Hi guys, just started using docker-slim
    How can I know which packages actually has been deleted from the image?
    1 reply

    Hi, has anyone success on a rootless docker installation? I get this error from docker-slim build:

    cmd=build info=event.error status='received' data='SensorError{Op:sensor.fanotify.Run/fanapi.Initialize,Kind:call.error,Wrapped:{Type=syscall.Errno,Info=operation not permitted,Line:47,File:github.com/docker-slim/docker-slim/pkg/app/sensor/monitors/fanotify/monitor.go}}'

    Or is it another cause?

    1 reply
    Matija Tudan
    Hi guys, is it possible to run docker-slim on a "different architecture" target image? For example, run it on RPi4 but trying to slim the image for armv7 architecture?
    1 reply
    Harshvardhan Karn
    I have a docker-compose file which has bunch of svc and also a docker network. When I run this
    docker-slim build --http-probe=false --show-clogs --compose-file docker-compose.yml --compose-net deepfence_net --entrypoint /usr/bin/start_fetcher.sh --target myimage --tag myimage:slim
    It throws an error
    "docker-slim: failure" error="API error (400): network-scoped alias is supported only for containers in user defined networks"
    2 replies
    Ngoc Pham

    Hi! I'm trying to slim down this very simple container I have to run a tiny PHP script periodically with cron, but I keep getting the error /var/run/crond.pid Not found
    This is the docker-compose.yml piece

      image: script-to-run-on-cron
      container_name: cron-script
        context: script-to-run-on-cron
          - TZ=${TZ}
      entrypoint: [ "bash", "-c", "cron -f" ]
        - /var/data/script-to-run-on-cron:/usr/src/script
      restart: unless-stopped

    And this is the Dockerfile

    FROM php:8.1-cli
    ARG TZ
    # Installing cron package
    RUN apt-get update && apt-get -y install cron nano
    # Set timezone for the image
    RUN ln -sf /usr/share/zoneinfo/$TZ /etc/localtime
    RUN printf '[PHP]\ndate.timezone = "%s"\n' "$TZ" > $PHP_INI_DIR/conf.d/tzone.ini
    # Copy the crontab in a location where it will be parsed by the system
    COPY crontab /etc/cron.d/crontab
    # Owner can read and write into the crontab, group and others can read it
    RUN chmod 0644 /etc/cron.d/crontab
    # Running our crontab using the binary from the package we installed
    RUN /usr/bin/crontab /etc/cron.d/crontab

    Can anyone help me figuring this out?

    2 replies

    Hi! I'm trying to slim down a chunky python3.10.4 image using docker-slim locally.

    Here is the Dockerfile:

    FROM <local private artifactory>/py-selenium:2
    USER root
    # root is required for appropriately setting path
    # Setup path
    ENV PATH="${PATH}:/home/tester/.local/bin:/home/tester/sys-test-driver"
    # Install git
    RUN dnf install git -y \
    RUN dnf clean all
    USER tester
    # Create .kube directory
    RUN mkdir /home/tester/.kube
    # Install dependencies:
    # poetry export -f requirements.txt -o requirements.txt
    WORKDIR /home/tester/sys-test-driver
    COPY requirements.txt .
    # Poetry has already resolved the deps, and there is no reason to do that twice.
    RUN pip install -r requirements.txt --no-deps
    # Note: We seperate the dependency copy and code copy for build caching optimization
    COPY . ../sys-test-driver
    EXPOSE 8888
    CMD ["python3", "-m", "rest_server.rest_server"]

    Here are the commands I execute locally, and the error message I encounter:

    docker-slim build --target sys-test-driver:latest
    app='docker-slim' message='Join the Gitter channel to ask questions or to share your feedback' info='https://gitter.im/docker-slim/community'
    app='docker-slim' message='Join the Discord server to ask questions or to share your feedback' info='https://discord.gg/9tDyxYS'
    app='docker-slim' message='GitHub Discussions' info='https://github.com/docker-slim/docker-slim/discussions'
    cmd=build info=param.http.probe message='using default probe' 
    cmd=build state=started
    cmd=build info=params keep.perms='true' tags='' target.type='image' target='sys-test-driver:latest' continue.mode='probe' rt.as.user='true' 
    cmd=build state=image.inspection.start
    cmd=build info=image id='sha256:c57062be36c7cb3051529bea7203ac05dc22aeb8d6613ab86a363124d0f2ff26' size.bytes='2349506244' size.human='2.3 GB' architecture='amd64' 
    app='docker-slim' message='Join the Gitter channel to ask questions or to share your feedback' info='https://gitter.im/docker-slim/community'
    app='docker-slim' message='Join the Discord server to ask questions or to share your feedback' info='https://discord.gg/9tDyxYS'
    app='docker-slim' message='GitHub Discussions' info='https://github.com/docker-slim/docker-slim/discussions'
    panic: runtime error: index out of range [1] with length 1
    goroutine 1 [running]:
    github.com/docker-slim/docker-slim/pkg/docker/dockerfile/reverse.deserialiseHealtheckInstruction(0xc000272072, 0x10, 0xf6c1d6, 0x1, 0x0, 0x1, 0xc00000c900)
        github.com/docker-slim/docker-slim/pkg/docker/dockerfile/reverse/reverse.go:564 +0x18e5
    github.com/docker-slim/docker-slim/pkg/docker/dockerfile/reverse.DockerfileFromHistory(0xc0004f25a0, 0x7fff1b2d9351, 0x16, 0xffffffffffffffff, 0x1, 0xc0005173c8)
        github.com/docker-slim/docker-slim/pkg/docker/dockerfile/reverse/reverse.go:382 +0x1525
    github.com/docker-slim/docker-slim/pkg/app/master/inspectors/image.(*Inspector).ProcessCollectedData(0xc0004cc0e0, 0x4, 0xc0007d5f30)
        github.com/docker-slim/docker-slim/pkg/app/master/inspectors/image/image_inspector.go:303 +0x55
    github.com/docker-slim/docker-slim/pkg/app/master/commands/build.OnCommand(0xc00039f760, 0xc0004f2480, 0x7fff1b2d9351, 0x16, 0x0, 0x0, 0x1753c98, 0x0, 0x0, 0x0, ...)
        github.com/docker-slim/docker-slim/pkg/app/master/commands/build/handler.go:740 +0x1fab
    github.com/docker-slim/docker-slim/pkg/app/master/commands/build.glob..func1(0xc000031bc0, 0x86, 0x130)
        github.com/docker-slim/docker-slim/pkg/app/master/commands/build/cli.go:694 +0x38e5
    github.com/urfave/cli/v2.(*Command).Run(0x16e9ee0, 0xc0004d3680, 0x0, 0x0)
        github.com/urfave/cli/v2@v2.3.0/command.go:163 +0x4ed
    github.com/urfave/cli/v2.(*App).RunContext(0xc0003ec000, 0x10ec8a0, 0xc0000340a8, 0xc0000300c0, 0x4, 0x4, 0x0, 0x0)
        github.com/urfave/cli/v2@v2.3.0/app.go:313 +0x81f
        github.com/docker-slim/docker-slim/pkg/app/master/app.go:15 +0x6c
    2 replies
    How do I get docker-slim to build linux/amd64 images on a Mac M1? I have a linux/amd64 image but there's no option to select the platform. I end up getting the following in my error message: was found but does not match the specified platform: wanted linux/amd64, actual: linux/arm64
    1 reply
    Oscar Pindaro
    Hi guys, I just discovered docker-slim, so I'm a total noob :D I'm building a python container, which uses a sklearn regressor to perform some prediction. The container works just fine before slimming. The slim image however launches ImportErrors or ModuleNotFoundError. My guess is that docker-slim is being too aggressive.
    The docker-slim commnd is docker-slim --http-probe=false build extra, it creates the image extra.slim, and i run it with docker run extra.slim
    The exact error is:
    ModuleNotFoundError: No module named 'pandas.core.describe'
    2 replies
    Can anyone provide an example of the usage of metadata and data that docker slim uses for debloating. Also, can someone explain what kind of graph it generates? I am trying to understand docker-slim's working mechanism from a theoretical point of view.
    Şeyda Aybar
    @toothedsword hi, did you find a solution for your problem about "target.image.error status=not.found image", I have been struggling with that
    Mohit Kumar
    Hi Everyone - how to pass .env file in docker-slim build command?
    Agung Dwi Saputro
    I ran docker-slim to reduce the size of my application image which I created on the vue.js platform. but when I run image-slim the application can't run normally. what's the solution?
    Eli Julian
    I am running docker-slim against an alpine image with a java application and getting the following error:
    time="2023-01-22T09:57:16+02:00" level=fatal msg="docker-slim: failure" error="API error (400):
    failed to create shim task: OCI runtime create failed: runc create failed: unable to start container process:
    exec: \"/opt/dockerslim/bin/docker-slim-sensor\": stat /opt/dockerslim/bin/docker-slim-sensor: no such file or directory: unknown" stack="goroutine 1 [running]:
        runtime/debug/stack.go:24 +0x64
    github.com/docker-slim/docker-slim/pkg/util/errutil.FailOn({0x101ebe580, 0x14000135a88})
        github.com/docker-slim/docker-slim/pkg/util/errutil/errutil.go:28 +0x38
    github.com/docker-slim/docker-slim/pkg/app.(*ExecutionContext).FailOn(0x1400022adc0?, {0x101ebe580?, 0x14000135a88?})
        github.com/docker-slim/docker-slim/pkg/app/execontext.go:56 +0x44
    github.com/docker-slim/docker-slim/pkg/app/master/commands/build.OnCommand(_, _, {_, _}, _, {_, _}, {_, _}, {_, ...}, ...)
        github.com/docker-slim/docker-slim/pkg/app/master/commands/build/handler.go:876 +0x3960
        github.com/docker-slim/docker-slim/pkg/app/master/commands/build/cli.go:607 +0x3800
    github.com/urfave/cli/v2.(*Command).Run(0x102c54380, 0x14000640700)
        github.com/urfave/cli/v2@v2.3.0/command.go:163 +0x4fc
    github.com/urfave/cli/v2.(*App).RunContext(0x140001029c0, {0x101ed7390?, 0x1400019e008}, {0x14000194090, 0x3, 0x3})
        github.com/urfave/cli/v2@v2.3.0/app.go:313 +0x860
        github.com/docker-slim/docker-slim/pkg/app/master/app.go:15 +0x4c
        github.com/docker-slim/docker-slim/cmd/docker-slim/main.go:15 +0x1c4
    " version="darwin|Transformer|1.39.0|latest|lates
    2 replies
    Ercin Dedeoglu

    @gurkanindibay you can pass most docker run parameters to docker-slim. For example, you can pass the environment variables using the --env docker-slim param

    docker run --rm -v /var/run/docker.sock:/var/run/docker.sock -e POSTGRES_PASSWORD=test1234 dslim/slim build postgres:15.1-bullseye
    docker run --rm -v /var/run/docker.sock:/var/run/docker.sock --env POSTGRES_PASSWORD=test1234 dslim/slim build postgres:15.1-bullseye

    both not working. how can I pass -e value?

    Ercin Dedeoglu
    Hassan Aleem

    I am trying to generate a slim image and seccomp profile for MySQL image from DockerHub (https://hub.docker.com/_/mysql). I am getting the following error:


    Can someone please help