docker-slim/community

Kyle Quest

@kcq

you can also specify a custom network to use with the "--network" flag

or a custom link with "--link"

you can set the working directory with the "--workdir" flag

you can also expose ports (in case you don't have the EXPOSE instructions in your Dockerfile) with the "--expose" flag

"--hostname" can be used to set the hostname for the temporary container

if you want to add records to /etc/hosts you can use the "--etc-hosts-map" flag

there's also "--container-dns" and "--container-dns-search" for the dns related configurations

Nischal

@nischalhp

Okay, wonderful, thank you @kcq . Will keep posted here the findings from using dockerslim.

David Delabassée

@delabassee_twitter

docker-slim build always fails with any of the Go samples untouched. Fwiw, it also fails with my own container ;-)

info=container status=created name=dockerslimk_51426_20191211150105 id=585c79c09a5481a7967948391876a49f67e251f6ee19e618f72ab0fa6e649f01
docker-slim[build]: info=container status=crashed id=585c79c09a5481a7967948391876a49f67e251f6ee19e618f72ab0fa6e649f01
docker-slim: container stdout:
docker-slim: container stderr:
standard_init_linux.go:211: exec user process caused "exec format error"

I'm on OSX (10.13.6 (17G10021)) with Docker 19.03.5.
Any idea?

Xiang Zhou

@ZhouBox

#- docker build --add-host registry.weihong.com.cn:172.16.11.19 --pull -t $COMMIT_IMAGE .
- docker-slim build --show-blogs=true --etc-hosts-map registry.weihong.com.cn:172.16.11.19 --from-dockerfile Dockerfile --tag $CI_COMMIT_SHA.slim .

when i use docker build ,it is ok

but i use docker-slim,request to http://registry.weihong.com.cn/minimist failed, reason: getaddrinfo ENOTFOUND registry.weihong.com.cn registry.weihong.com.cn:80

no found registry.weihong.com.cn

what i can do?

Xiang Zhou

@ZhouBox

when my app in image use /tmp, docker-slim rm the '/tmp' path,so what I can do it？

I use --include-path, but it no work

Mr Docker

@mr.docker_gitlab

i'm using java, mvn, gradle, node and python beneath oracle linux as a base image, all built in into a one docker image that has around 2 gb of size.. no http-probes and no port exports..
tried to fire docker-slim into that image but it gave around 3 mb image that has a nothing inside.
@jasperamorgan_gitlab has similar issue of the one I have..
my point is how to get the 2gb image smaller and faster with docker-slim.

otaconix

@otaconix

Hey everyone. I'm trying to run docker-slim from within docker (using the image from docker hub, dslim/docker-slim), but I'm running into issues: docker-slim can't seem to perform its HTTP probes because the connections are being refused. When running the exact same docker-slim build command on the host, everything works fine. Am I overlooking some crucial flag I should be using when running docker-slim from within docker?

otaconix

@otaconix

https://gist.github.com/otaconix/397ff08558c098631b73499472bd7391 This gist should contain all that's necessary to reproduce my issue

otaconix

@otaconix

Never mind, I'm a little dumb... I didn't realize it's still the docker daemon on my host doing the mounting of bind volumes, so there's no need to first bind-mount into the docker-slim container, to then forward that mount into the container for the fat image!

Kyle Quest

@kcq

@delabassee_twitter sorry for the headaches! I wonder where you installed docker-slim on your Mac... What's the directory name? Can you also run file docker-slim-sensor in that directory to see the system architecture for the sensor executable. Can you also share the output when you run docker-slim version?

Kyle Quest

@kcq

@ZhouBox I assume registry.weihong.com.cn is referenced in your Dockerfile somehow, right? If this is the case it's a gap in functionality right now... The --etc-hosts-map value is only applied at runtime when the image is minified (it's not used when the image is build like it would happen with docker build --add-host. I'll open a Github issue to track this enhancement. Thank you for sharing your use case!

@ZhouBox Can you share the full docker-slim command line when you are trying to use the --include-path parameter? It'll help reproducing the condition.

Kyle Quest

@kcq

@mr.docker_gitlab are you trying to minify a base image or do you have your application (or a set of applications) in that image? What's the purpose/function of that image? Minifying base images with docker-slim is technically possible, but it requires extra effort and you need to use the --include-* params like --include-path, --include-bin and --include-exe parameters for docker-slim to specify explicitly what you want to keep. There's a future enhancement that will help with minifying base images (ability to minify images specifying multiple command line applications you want to keep). I'll be happy to ping you when it's available and it'll be super if you have cycles to work on this feature if you'd like to see it sooner :)

Nicola Benaglia

@nbenaglia

Hi,
I just downloaded 1.27.0, put binaries (linux) in /usr/bin/ and tried this command and receiving an error:

--> docker-slim build hello_golang

docker-slim[build]: info=http.probe message='using default probe'
docker-slim[build]: state=started
docker-slim[build]: info=params target=hello_golang continue.mode=probe rt.as.user=true keep.perms=true
docker-slim[build]: state=image.inspection.start
time="2020-03-01T19:06:25+01:00" level=fatal msg="docker-slim: failure" error="open /tmp/docker-slim-state/docker-slim-sensor: no such file or directory" stack="goroutine 1 [running]:\nruntime/debug.Stack(0x415436, 0x7f65e1e39b00, 0x100)\n\truntime/debug/stack.go:24 +0x9d\ngithub.com/docker-slim/docker-slim/pkg/util/errutil.FailOn(0xb5b4a0, 0xc00001f050)\n\tgithub.com/docker-slim/docker-slim/pkg/util/errutil/errutil.go:14 +0x54\ngithub.com/docker-slim/docker-slim/pkg/util/fsutil.PrepareImageStateDirs(0x0, 0x0, 0xc0000d0050, 0x47, 0x1, 0x2, 0x2, 0x31, 0x0, 0x0, ...)\n\tgithub.com/docker-slim/docker-slim/pkg/util/fsutil/fsutil.go:730 +0x9df\ngithub.com/docker-slim/docker-slim/internal/app/master/commands.OnBuild(0x9bd501, 0xa74064, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0xc0000a0000, 0xc0000b9050, ...)\n\tgithub.com/docker-slim/docker-slim/internal/app/master/commands/build.go:199 +0xa83\ngithub.com/docker-slim/docker-slim/internal/app/master.init.0.func6(0xc0000c2160, 0x0, 0xc0000c82f0)\n\tgithub.com/docker-slim/docker-slim/internal/app/master/cli.go:862 +0x1936\ngithub.com/urfave/cli.HandleAction(0x99d1a0, 0xa99000, 0xc0000c2160, 0xc0000c2160, 0x0)\n\tgithub.com/urfave/cli@v1.22.1/app.go:523 +0x11a\ngithub.com/urfave/cli.Command.Run(0xa6ad11, 0x5, 0x0, 0x0, 0xc0001ec560, 0x1, 0x1, 0xa8d5c0, 0x3e, 0x0, ...)\n\tgithub.com/urfave/cli@v1.22.1/command.go:174 +0x56e\ngithub.com/urfave/cli.(*App).Run(0xc000210000, 0xc000106150, 0x3, 0x3, 0x0, 0x0)\n\tgithub.com/urfave/cli@v1.22.1/app.go:276 +0x7ae\ngithub.com/docker-slim/docker-slim/internal/app/master.runCli()\n\tgithub.com/docker-slim/docker-slim/internal/app/master/cli.go:1274 +0x55\ngithub.com/docker-slim/docker-slim/internal/app/master.Run()\n\tgithub.com/docker-slim/docker-slim/internal/app/master/app.go:6 +0x25\nmain.main()\n\tgithub.com/docker-slim/docker-slim/cmd/docker-slim/main.go:8 +0x20\n" version="linux|Transformer|1.27.0|bbc8c5364169f10f69a87dc09968b1b719c4e2bd|2020-02-29_06:51:21AM"

Any suggestions, please?

Kyle Quest

@kcq

@nbenaglia looks like the main docker-slim process can't find the sensor executable in the /tmp/docker-slim-state/ directory where it was supposed to copy it (because you put the binaries in the /usr/bin directory)

there's a couple of options... one option is to put the binaries in a different non-system bin directory where the main docker-slim app will be able to save its state

another option is to use the global --state-path parameter (e.g., docker-slim --state-path /some/path/where/ds/will/be/allowed/to/write build your_target_image_name )

Kyle Quest

@kcq

either way, it'll also try to repro it to see if it can be addressed without these workarounds

Nicola Benaglia

@nbenaglia

another option is to use the global --state-path parameter (e.g., docker-slim --state-path /some/path/where/ds/will/be/allowed/to/write build your_target_image_name )

Hi, thx for your answer, with state-path parameter I got it working.

Kyle Quest

@kcq

@nbenaglia next release will include the official fix for it too

iliefa

@iliefa

Hello guys. congrats for the project .it's really cool. i've reduced my imagesize from 200 MB to 36.9 MB. is there any way to integrate docker-slim into the gitlab-ci, so it does not use the docker daemon? Until now i have experimented with gitlab+ kaniko running on kubernetes runners.Thanks.

Eele

@eele94

Hello does anyone know a alternative for Windows?

Kyle Quest

@kcq

@iliefa It is possible to use it in Gitlab CI thought it does rely on Docker… Here’s a sample GitlabCI config file: https://gitlab.com/k.q/sandbox/-/blob/master/.gitlab-ci.yml

Dockerless is an interesting option to consider… I have looked at a number of container build tools like Kaniko… Definitely something that will happen in the future

Kyle Quest

@kcq

@eele94 are you looking for a way to run it on Windows (with WSL2, for example) or are you looking for something that would work with the actual Windows containers?

M Luy

@mayanneluyun_gitlab

in relation to @iliefa, I'm also using Kaniko in our GitLab CI and I am finding ways how to use docker-slim and kaniko. Hope both can be integrated soon! All the best!

Kyle Quest

@kcq

@mayanneluyun_gitlab interesting… is it an open source project? curious to see your setup with kaniko

iliefa

@iliefa

@kcq hello. i want to exclude some files from a specific folder. how can i achieve this? i've tried with the includefiles option but not working. for example ,from php:7.3-alpine image, i want to exclude the files php-cgi, php-config from the /usr/local/bin

iliefa

@iliefa

docker-slim build --include-path-file=/usr/local/bin/docker-php-source php:7.3-alpine --http-probe=false
docker-slim[build]: could not read include path file (ignoring): stat /usr/local/bin/docker-php-source: no such file or directory
even if the file exists in the image

Kyle Quest

@kcq

@iliefa the —include-path-file parameter is a way to specify multiple include paths loaded from a local file…

@iliefa your example should looks like this instead: docker-slim build --http-probe=false --include-path=/usr/local/bin/docker-php-source php:7.3-alpine

@iliefa if you want to exclude a file or a set of files you should use the --exclude-pattern build command parameters

Kyle Quest

@kcq

the --exclude-pattern flag supports the Glob/Match syntax ( https://golang.org/pkg/path/filepath/#Match ) in Go plus the ** pattern

Andrew Skelton

@AndrewSkelton

Hi, currently trying to narrow down the cause of this error:
s6-mkfifo: fatal: unable to mkfifo /var/run/s6/services/s6-fdholderd/supervise/control: No such file or directory
Reproducible example on this issue, any suggestions or insight welcome! - docker-slim/docker-slim#161

Kyle Quest

@kcq

thanks for sharing the repro @AndrewSkelton ! let me check the docker image to see where it’s coming from

Yash

@yashbhutwala

Hi guys, is there any guidance on how to figure out base image and add that to xray?

https://github.com/docker-slim/docker-slim/blob/1.32.0/pkg/docker/dockerfile/reverse/reverse.go#L381

Carmelo Sammarco

@carmelosammarco

Hello everybody. I am trying to docker-slim one my image created. when i do it and run the container i receive the following error: standard_init_linux.go:211: exec user process caused "no such file or directory"... i run the image like that: "docker run -d -v "/${PWD}/Notebook:/SRC/Notebook" --name "container" -p 8888:8888 --restart always --shm-size 2g user/container.slim" and it works for the not slimmed one. Thank you in advance for your help

Carmelo Sammarco

@carmelosammarco

I forget to say that the command used to create the slim image is : "docker-slim build --http-probe user/container" I need to add more or modify it in some way?

Where communities thrive

People

Repo info

Activity