Where communities thrive


  • Join over 1.5M+ people
  • Join over 100K+ communities
  • Free without limits
  • Create your own community
People
Activity
    Kyle Quest
    @kcq
    @nischalhp "--mount" is similar to the "-v" option in docker run
    "--env" is similar to the "-e" option
    you can also specify a custom network to use with the "--network" flag
    or a custom link with "--link"
    you can set the working directory with the "--workdir" flag
    you can also expose ports (in case you don't have the EXPOSE instructions in your Dockerfile) with the "--expose" flag
    "--hostname" can be used to set the hostname for the temporary container
    if you want to add records to /etc/hosts you can use the "--etc-hosts-map" flag
    there's also "--container-dns" and "--container-dns-search" for the dns related configurations
    Nischal
    @nischalhp
    Okay, wonderful, thank you @kcq . Will keep posted here the findings from using dockerslim.
    David Delabassée
    @delabassee_twitter

    docker-slim build always fails with any of the Go samples untouched. Fwiw, it also fails with my own container ;-)

    info=container status=created name=dockerslimk_51426_20191211150105 id=585c79c09a5481a7967948391876a49f67e251f6ee19e618f72ab0fa6e649f01
docker-slim[build]: info=container status=crashed id=585c79c09a5481a7967948391876a49f67e251f6ee19e618f72ab0fa6e649f01
docker-slim: container stdout:
docker-slim: container stderr:
standard_init_linux.go:211: exec user process caused "exec format error"

    I'm on OSX (10.13.6 (17G10021)) with Docker 19.03.5.
    Any idea?

    Xiang Zhou
    @ZhouBox
    #- docker build --add-host registry.weihong.com.cn:172.16.11.19 --pull -t $COMMIT_IMAGE .
- docker-slim build --show-blogs=true --etc-hosts-map registry.weihong.com.cn:172.16.11.19 --from-dockerfile Dockerfile --tag $CI_COMMIT_SHA.slim .
    when i use docker build ,it is ok
    but i use docker-slim,request to http://registry.weihong.com.cn/minimist failed, reason: getaddrinfo ENOTFOUND registry.weihong.com.cn registry.weihong.com.cn:80
    no found registry.weihong.com.cn
    what i can do?
    Xiang Zhou
    @ZhouBox
    when my app in image use /tmp, docker-slim rm the '/tmp' path,so what I can do it?
    I use --include-path, but it no work
    Mr Docker
    @mr.docker_gitlab
    i'm using java, mvn, gradle, node and python beneath oracle linux as a base image, all built in into a one docker image that has around 2 gb of size.. no http-probes and no port exports..
    tried to fire docker-slim into that image but it gave around 3 mb image that has a nothing inside.
    @jasperamorgan_gitlab has similar issue of the one I have..
    my point is how to get the 2gb image smaller and faster with docker-slim.
    otaconix
    @otaconix
    Hey everyone. I'm trying to run docker-slim from within docker (using the image from docker hub, dslim/docker-slim), but I'm running into issues: docker-slim can't seem to perform its HTTP probes because the connections are being refused. When running the exact same docker-slim build command on the host, everything works fine. Am I overlooking some crucial flag I should be using when running docker-slim from within docker?
    otaconix
    @otaconix
    https://gist.github.com/otaconix/397ff08558c098631b73499472bd7391 This gist should contain all that's necessary to reproduce my issue
    otaconix
    @otaconix
    Never mind, I'm a little dumb... I didn't realize it's still the docker daemon on my host doing the mounting of bind volumes, so there's no need to first bind-mount into the docker-slim container, to then forward that mount into the container for the fat image!
    Kyle Quest
    @kcq
    @delabassee_twitter sorry for the headaches! I wonder where you installed docker-slim on your Mac... What's the directory name? Can you also run file docker-slim-sensor in that directory to see the system architecture for the sensor executable. Can you also share the output when you run docker-slim version?
    Kyle Quest
    @kcq
    @ZhouBox I assume registry.weihong.com.cn is referenced in your Dockerfile somehow, right? If this is the case it's a gap in functionality right now... The --etc-hosts-map value is only applied at runtime when the image is minified (it's not used when the image is build like it would happen with docker build --add-host. I'll open a Github issue to track this enhancement. Thank you for sharing your use case!
    @ZhouBox Can you share the full docker-slim command line when you are trying to use the --include-path parameter? It'll help reproducing the condition.
    Kyle Quest
    @kcq
    @mr.docker_gitlab are you trying to minify a base image or do you have your application (or a set of applications) in that image? What's the purpose/function of that image? Minifying base images with docker-slim is technically possible, but it requires extra effort and you need to use the --include-* params like --include-path, --include-bin and --include-exe parameters for docker-slim to specify explicitly what you want to keep. There's a future enhancement that will help with minifying base images (ability to minify images specifying multiple command line applications you want to keep). I'll be happy to ping you when it's available and it'll be super if you have cycles to work on this feature if you'd like to see it sooner :)
    Nicola Benaglia
    @nbenaglia

    Hi,
    I just downloaded 1.27.0, put binaries (linux) in /usr/bin/ and tried this command and receiving an error:

    --> docker-slim build hello_golang

    docker-slim[build]: info=http.probe message='using default probe'
docker-slim[build]: state=started
docker-slim[build]: info=params target=hello_golang continue.mode=probe rt.as.user=true keep.perms=true
docker-slim[build]: state=image.inspection.start
time="2020-03-01T19:06:25+01:00" level=fatal msg="docker-slim: failure" error="open /tmp/docker-slim-state/docker-slim-sensor: no such file or directory" stack="goroutine 1 [running]:\nruntime/debug.Stack(0x415436, 0x7f65e1e39b00, 0x100)\n\truntime/debug/stack.go:24 +0x9d\ngithub.com/docker-slim/docker-slim/pkg/util/errutil.FailOn(0xb5b4a0, 0xc00001f050)\n\tgithub.com/docker-slim/docker-slim/pkg/util/errutil/errutil.go:14 +0x54\ngithub.com/docker-slim/docker-slim/pkg/util/fsutil.PrepareImageStateDirs(0x0, 0x0, 0xc0000d0050, 0x47, 0x1, 0x2, 0x2, 0x31, 0x0, 0x0, ...)\n\tgithub.com/docker-slim/docker-slim/pkg/util/fsutil/fsutil.go:730 +0x9df\ngithub.com/docker-slim/docker-slim/internal/app/master/commands.OnBuild(0x9bd501, 0xa74064, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0xc0000a0000, 0xc0000b9050, ...)\n\tgithub.com/docker-slim/docker-slim/internal/app/master/commands/build.go:199 +0xa83\ngithub.com/docker-slim/docker-slim/internal/app/master.init.0.func6(0xc0000c2160, 0x0, 0xc0000c82f0)\n\tgithub.com/docker-slim/docker-slim/internal/app/master/cli.go:862 +0x1936\ngithub.com/urfave/cli.HandleAction(0x99d1a0, 0xa99000, 0xc0000c2160, 0xc0000c2160, 0x0)\n\tgithub.com/urfave/cli@v1.22.1/app.go:523 +0x11a\ngithub.com/urfave/cli.Command.Run(0xa6ad11, 0x5, 0x0, 0x0, 0xc0001ec560, 0x1, 0x1, 0xa8d5c0, 0x3e, 0x0, ...)\n\tgithub.com/urfave/cli@v1.22.1/command.go:174 +0x56e\ngithub.com/urfave/cli.(*App).Run(0xc000210000, 0xc000106150, 0x3, 0x3, 0x0, 0x0)\n\tgithub.com/urfave/cli@v1.22.1/app.go:276 +0x7ae\ngithub.com/docker-slim/docker-slim/internal/app/master.runCli()\n\tgithub.com/docker-slim/docker-slim/internal/app/master/cli.go:1274 +0x55\ngithub.com/docker-slim/docker-slim/internal/app/master.Run()\n\tgithub.com/docker-slim/docker-slim/internal/app/master/app.go:6 +0x25\nmain.main()\n\tgithub.com/docker-slim/docker-slim/cmd/docker-slim/main.go:8 +0x20\n" version="linux|Transformer|1.27.0|bbc8c5364169f10f69a87dc09968b1b719c4e2bd|2020-02-29_06:51:21AM"

    Any suggestions, please?

    Kyle Quest
    @kcq
    @nbenaglia looks like the main docker-slim process can't find the sensor executable in the /tmp/docker-slim-state/ directory where it was supposed to copy it (because you put the binaries in the /usr/bin directory)
    there's a couple of options... one option is to put the binaries in a different non-system bin directory where the main docker-slim app will be able to save its state
    another option is to use the global --state-path parameter (e.g., docker-slim --state-path /some/path/where/ds/will/be/allowed/to/write build your_target_image_name )
    Kyle Quest
    @kcq
    either way, it'll also try to repro it to see if it can be addressed without these workarounds
    Nicola Benaglia
    @nbenaglia

    another option is to use the global --state-path parameter (e.g., docker-slim --state-path /some/path/where/ds/will/be/allowed/to/write build your_target_image_name )

    Hi, thx for your answer, with state-path parameter I got it working.

    Kyle Quest
    @kcq
    @nbenaglia next release will include the official fix for it too
    iliefa
    @iliefa
    Hello guys. congrats for the project .it's really cool. i've reduced my imagesize from 200 MB to 36.9 MB. is there any way to integrate docker-slim into the gitlab-ci, so it does not use the docker daemon? Until now i have experimented with gitlab+ kaniko running on kubernetes runners.Thanks.
    Eele
    @eele94
    Hello does anyone know a alternative for Windows?
    Kyle Quest
    @kcq
    @iliefa It is possible to use it in Gitlab CI thought it does rely on Docker… Here’s a sample GitlabCI config file: https://gitlab.com/k.q/sandbox/-/blob/master/.gitlab-ci.yml
    Dockerless is an interesting option to consider… I have looked at a number of container build tools like Kaniko… Definitely something that will happen in the future
    Kyle Quest
    @kcq
    @eele94 are you looking for a way to run it on Windows (with WSL2, for example) or are you looking for something that would work with the actual Windows containers?
    M Luy
    @mayanneluyun_gitlab
    in relation to @iliefa, I'm also using Kaniko in our GitLab CI and I am finding ways how to use docker-slim and kaniko. Hope both can be integrated soon! All the best!
    Kyle Quest
    @kcq
    @mayanneluyun_gitlab interesting… is it an open source project? curious to see your setup with kaniko
    iliefa
    @iliefa
    @kcq hello. i want to exclude some files from a specific folder. how can i achieve this? i've tried with the includefiles option but not working. for example ,from php:7.3-alpine image, i want to exclude the files php-cgi, php-config from the /usr/local/bin
    iliefa
    @iliefa
    docker-slim build --include-path-file=/usr/local/bin/docker-php-source php:7.3-alpine --http-probe=false
    docker-slim[build]: could not read include path file (ignoring): stat /usr/local/bin/docker-php-source: no such file or directory
    even if the file exists in the image
    Kyle Quest
    @kcq
    @iliefa the —include-path-file parameter is a way to specify multiple include paths loaded from a local file…
    @iliefa your example should looks like this instead: docker-slim build --http-probe=false --include-path=/usr/local/bin/docker-php-source php:7.3-alpine
    @iliefa if you want to exclude a file or a set of files you should use the --exclude-pattern build command parameters
    Kyle Quest
    @kcq
    the --exclude-pattern flag supports the Glob/Match syntax ( https://golang.org/pkg/path/filepath/#Match ) in Go plus the ** pattern
    Andrew Skelton
    @AndrewSkelton
    Hi, currently trying to narrow down the cause of this error:
    s6-mkfifo: fatal: unable to mkfifo /var/run/s6/services/s6-fdholderd/supervise/control: No such file or directory
    Reproducible example on this issue, any suggestions or insight welcome! - docker-slim/docker-slim#161
    Kyle Quest
    @kcq
    thanks for sharing the repro @AndrewSkelton ! let me check the docker image to see where it’s coming from
    Yash
    @yashbhutwala
    Hi guys, is there any guidance on how to figure out base image and add that to xray?
    https://github.com/docker-slim/docker-slim/blob/1.32.0/pkg/docker/dockerfile/reverse/reverse.go#L381