3

I wanted to know about the disadvantages of docker --squash in a production environment. The reason why I am using this command is: I needed dependencies(gcc,make,autoconf, etc) to build my PHP-react project. Also, I have created my own PHP base image which gives me these packages. Now, the problem is I want to uninstall these dependencies once my project is built. I tried adding a RUN apt-get remove gcc make command at the end of Dockerfile but as this will be a separate layer from where these dependencies were installed, the overall size of the docker image remains the same. I found about the docker --squash which will merge all layers into 1 layer and I have achieved ~33% space reduction. But the problem is I can't use the docker squash command with docker-compose and also I don't understand if there are any performance issues or other disadvantages of using docker --squash in production.

I got to know about multi stage build but this is not same as I don't know which files I should not be copying in order to remove those dependencies. And also there will be lot of directories to be copied if I use multi-stage build

Thanks!

1nfern0
  • 131
  • 4

1 Answers1

2

I think they've provided the pros and the cons in its own document clearly.

Pro:

  • Squashing layers can be beneficial if your Dockerfile produces multiple layers modifying the same files, for example, files that are created in one step, and removed in another step.

Con:

  • The --squash option is an experimental feature, and should not be considered stable.

  • Squashing images may actually have a negative impact on performance; when pulling an image consisting of multiple layers, layers can be pulled in parallel, and allows sharing layers between images (saving space).

Alternatively

  • For most use cases, multi-stage builds are a better alternative, as they give more fine-grained control over your build, and can take advantage of future optimizations in the builder. Refer to the use multi-stage builds section in the userguide for more information.

See the documentation

COvayurt
  • 827
  • 2
  • 11
  • 36
  • 1
    The sharing of common layers between builds deserves more stress. With squash you always send every file change from the base image, without any sharing from previous builds, which can result in a significant network and storage impact over a well designed image. – BMitch Jan 20 '23 at 18:53