dive
buildkit
Our great sponsors
dive | buildkit | |
---|---|---|
88 | 52 | |
43,083 | 7,606 | |
- | 2.1% | |
7.0 | 9.8 | |
9 days ago | about 10 hours ago | |
Go | Go | |
MIT License | Apache License 2.0 |
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.
dive
-
I reduced the size of my Docker image by 40% – Dockerizing shell scripts
Dive is a great tool for debugging this. I like image reduction work just because it gives me a chance to play with Dive: https://github.com/wagoodman/dive
One easy low hanging fruit I see a LOT for ballooning image sizes is people including the kitchen sink SDK/CLI for their cloud provider (like AWS or GCP), when they really only need 1/100 of that. The full versions of both of these tools are several hundred mb each
- Dive: A tool for exploring a Docker image, layer contents and more
- FLaNK Stack Weekly for 12 September 2023
-
Top 10 CLI Tools for DevOps Teams
Whether you work with Docker regularly or even create your own Docker containers, Dive is a great tool for streamlining image sizes, potentially helping you save storage costs and speed up deployments.
-
Any Way To See The Dockerfile Used To Make An Image On Dockerhub?
If you’re happy to pull the image, then sort of yes. You can either use docker inspect or a tool like dive (https://github.com/wagoodman/dive) to see how each layer was created. This will give you an idea of the Dockerfile.
-
Issues reducing Docker image size when using Gdal and Pycurl with a multistage build?
Also, check out dive. It is an amazing tool for examining containers and find your size issues.
Did you try using dive ? It allows you to see each layer, so you can see the files that are added
-
Tips for reducing Docker image size
I like this tool: https://github.com/wagoodman/dive
-
Nix Service - Using the shipyard private crate registry with Docker
Also do I get shiny flair for https://github.com/wagoodman/dive/pull/443? Perhaps "Void shouter"?
-
Docker image size problems. This is driving me insane.
This tool is really useful for showing the size of each layer, making it obvious which layer is blowing up your image size: https://github.com/wagoodman/dive
buildkit
-
The worst thing about Jenkins is that it works
> We are uding docker-in-docker at the moment
You can also run a "less privileged" container with all the features of Docker by using rootless buildkit in Kubernetes. Here are some examples:
https://github.com/moby/buildkit/tree/master/examples/kubern...
https://github.com/moby/buildkit/blob/master/examples/kubern...
It's also possible to run dedicated buildkitd workers and connect to them remotely.
- macOS Containers v0.0.1
-
Jenkins Agents On Kubernetes
Now since Kubernetes works off of containerd I'll be taking a different approach on handling container builds by using nerdctl and the buildkit that comes bundled with it. I'll do this on the amd64 control plane node since it's beefier than my Raspberry Pi workers for handling builds and build related services. Go ahead and download and unpack the latest nerdctl release as of writing (make sure to check the release page in case there's a new one):
-
Cicada - CI/CD platform written with Rust
Yeah, only Linux containers at the moment, BuildKit is the way we are constructing pipelines and doing caching. Split on if we will support non-linux hosts, but definitely want to find a good solution to not doing Docker-in-Docker.
-
Better support of Docker layer caching in Cargo
Relevant issues are https://github.com/moby/buildkit/issues/3011 and https://github.com/moby/buildkit/issues/1512.
-
DockerHub replacement stratagy and options
If you notice, the same thing I noticed in this list is that most of these are workarounds to support the web2 api on IPFS. There is a pull in draft for BuildKit that may make native IPFS image support better on the image build side. With the work on the nerdctl side being the most direct support for images for pushing and pulling images with IPFS hashes.
-
Why I joined Dagger
Last year I joined Dagger after realizing we were trying to solve all of the same problems (escaping YAML hell, unifying CI and dev workflows, minimizing CI overhead – more on all that later). We were even using the same underlying technology (Buildkit) and running into all of the same challenges.
-
Rails on Docker · Fly
How would you do this in a generic, reusable way company-wide? Given that you don't know the targets beforehand, the names, or even the number of stages.
It is of course possible to do for a single project with a bit of effort: build each stage with a remote OCI cache source, push the cash there after. But... that sucks.
What you want is the `max` cache type in buildkit[1]. Except... not much supports that yet. The native S3 cache would also be good once it stabalizes.
I know those questions are probably rhetorical, but to answer them anyway:
> > Nice syntax
> Is it though?
The most common alternative is to use a backslash at the end of each line, to create a line continuation. This swallows the newline, so you also need a semicolon. Forgetting the semicolon leads to weird errors. Also, while Docker supports comments interspersed with line continuations, sh doesn't, so if such a command contains comments it can't be copied into sh.
There heredoc syntax doesn't have any of these issues; I think it is infinitely better.
(There is also JSON-style syntax, but it requires all backslashes to be doubled and is less popular.)
*In practice "&&" is normally used rather than ";" in order to stop the build if any command fails (otherwise sh only propagates the exit status of the last command). This is actually a small footgun with the heredoc syntax, because it is tempting to just use a newline (equivalent to a semicolon). The programmer must remember to type "&&" after each command, or use `set -e` at the start of the RUN command, or use `SHELL ["/bin/sh", "-e", "-c"]` at the top of the Dockerfile. Sigh...
> Are the line breaks semantic, or is it all a multiline string?
The line breaks are preserved ("what you see is what you get").
> Is EOF a special end-of-file token
You can choose which token to use (EOF is a common convention, but any token can be used). The text right after the "<<" indicates which token you've chosen, and the heredoc is terminated by the first line that contains just that token.
This allows you to easily create a heredoc containing other heredocs. Can you think of any other quoting syntax that allows that? (Lisp's quote form comes to mind.)
> Where is it documented?
The introduction blog post has already been linked. The reference documentation (https://github.com/moby/buildkit/blob/master/frontend/docker...) mentions but doesn't have a formal specification (unfortunately this is a wider problem for Dockerfiles, see https://supercontainers.github.io/containers-wg/ideas/docker... instead it links to the sh syntax (https://pubs.opengroup.org/onlinepubs/9699919799/utilities/V...), on which the Dockerfile heredoc syntax is based.
(Good luck looking up this syntax if you don't know what it's called. But that's the same for most punctuation-based syntax.)
Unfortunately this syntax is not generally supported yet - it's only supported with the buildkit backend and only landed in the 1.3 "labs" release. It was moved to stable in early 2022 (see https://github.com/moby/buildkit/issues/2574), so that seems to be better, but I think may still require a syntax directive to enable.
Many other dockerfile build tools still don't support it, e.g. buildah (see https://github.com/containers/buildah/issues/3474)
Useful now if you have control over the environment your images are being built in, but I'm excited to the future where it's commonplace!
What are some alternatives?
buildah - A tool that facilitates building OCI images.
kaniko - Build Container Images In Kubernetes
jib - 🏗 Build container images for your Java applications.
buildx - Docker CLI plugin for extended build capabilities with BuildKit
podman - Podman: A tool for managing OCI containers and pods.
nerdctl - contaiNERD CTL - Docker-compatible CLI for containerd, with support for Compose, Rootless, eStargz, OCIcrypt, IPFS, ...
amazon-ecr-login - Logs into Amazon ECR with the local Docker client.
skopeo - Work with remote images registries - retrieving information, images, signing content
Lean and Mean Docker containers - Slim(toolkit): Don't change anything in your container image and minify it by up to 30x (and for compiled languages even more) making it secure too! (free and open source)
setup-buildx-action - GitHub Action to set up Docker Buildx
source-to-image - A tool for building artifacts from source and injecting into container images
lnav - Log file navigator