What is Docker? Docker is a famous platform for building, shipping, and running container applications. What are containers? Containers are a way to package software in a portable and isolated environment, this allows developers to package their application with all the dependencies it needs to run together, regardless of the host operating system.
Using Docker, developers can create container images containing everything needed to run an application, including the operating system, libraries, and runtime environment. These container images can be easily shared and deployed across different environments with docker software installed without requiring any modification.
There are cases whereby developers end up using big images which can be very harmful and contains vulnerabilities. Using containers makes things very easier, we can simply get an OS and install all the dependencies required.
There are several ways to ensure that the docker images developers are using are as small as possible. There is a big advantage, imagine running an application serving billions of users and the size is in kilobytes or megabytes.
The following are suggestions while writing a docker file
- Implement docker layering and docker multi-build stage
- Use alpine or distroless or any other smaller OS as your base image or build your own OS
- Use .dockerignorewhich is similar to `.gitignore` you can use a .dockerignore file to exclude files and directories from being included in the Docker build context. This can significantly reduce the size of the build context and the resulting image.
In conclusion, in my next article, I will show an example of a Dockerfile in golang with the above suggestion. We will be able to compare the size of the docker image with and without optimizing the Dockerfile. We will also use tools like trivy or synk to check if there is a vulnerability or exploit in the docker image with or without optimization of the Dockerfile.