Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Reduce Docker image size by only copying pip installed dependencies #127

Merged
merged 1 commit into from
Oct 12, 2023
Merged

Reduce Docker image size by only copying pip installed dependencies #127

merged 1 commit into from
Oct 12, 2023

Conversation

adamantike
Copy link
Contributor

@adamantike adamantike commented Feb 22, 2023
edited
Loading

Currently, the multi-stage Docker build makes the release stage inherit from dependencies, which will include any files created by the pip install process in the final image.

By using pip install --user to make dependencies be installed in ~/.local, we can only copy those files into the final image, reducing the image size:

cloudflare-ddns-fix-applied     latest            68427bd7c88d   3 minutes ago   54.6MB
cloudflare-ddns-master          latest            2675320b651d   8 minutes ago   65.9MB

A good resource to go deeper on how this approach works can be found at https://pythonspeed.com/articles/multi-stage-docker-python/, solution 1.

@adamantike
Reduce Docker image size by only copying pip installed dependencies
0ca6233 
Currently, the multi-stage Docker build makes the `release` stage
inherit from `dependencies`, which will include any files created by the
`pip install` process in the final image.

By using `pip install --user` to make dependencies be installed in
`~/.local`, we can only copy those files into the final image, reducing
the image size:

```
cloudflare-ddns-fix-applied     latest            68427bd7c88d   3 minutes ago   54.6MB
cloudflare-ddns-master          latest            2675320b651d   8 minutes ago   65.9MB
```

A good resource going deeper on how this approach works can be found at
https://pythonspeed.com/articles/multi-stage-docker-python/, solution 1.
@timothymiller
Copy link
Owner

I'll re-open this if it causes issues

@timothymiller timothymiller merged commit 9a295bb into timothymiller:master Oct 12, 2023
@adamantike adamantike deleted the fix/copy-dependencies-from-stage branch October 12, 2023 10:09
@bobdoah
Copy link

bobdoah commented Nov 26, 2023

This breaks running as non-root user in Kubernetes. The image fails with:

Traceback (most recent call last):                                                                                                                                                                       
  File "/cloudflare-ddns.py", line 17, in <module>                                                                                                                                                         
    import requests                                                                                                                                                                                   
ModuleNotFoundError: No module named 'requests'

because the directory being copied to (/root/.local) is not the non-root users home directory, nor is it accessible. The runAsNonRoot is generally considered best practice. The runAsUser configuration is a fallback when the image does not specify a USER.

@bobdoah bobdoah mentioned this pull request Nov 26, 2023
Open
@douglasparker
Copy link

Can we revert this until #162 is resolved? This has broken running as non-root for over 2 months; which is kind of a big deal.

@adamantike
Copy link
Contributor Author

@bobdoah, thanks for working on the fix! I didn't test these changes with non-root users, but should have. Having #162 merged would be great, and #150 would also be a good addition, for people to be able to use previous versions when latest is broken.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
4 participants
@adamantike @timothymiller @bobdoah @douglasparker