From 0765c3d155d883b20f8f161a1f94a732f0c3a904 Mon Sep 17 00:00:00 2001 From: Richard van der Hoff Date: Thu, 27 Sep 2018 18:04:05 +0100 Subject: [PATCH 1/4] Further reduce the size of the docker image * get rid of the pip wheel cache * get rid of /synapse (everything we need ends up in /usr/local/lib/python2.7/site-packages --- docker/Dockerfile | 20 +++++++++----------- 1 file changed, 9 insertions(+), 11 deletions(-) diff --git a/docker/Dockerfile b/docker/Dockerfile index 1d00defc2dcd..3d914a79fd78 100644 --- a/docker/Dockerfile +++ b/docker/Dockerfile @@ -14,13 +14,13 @@ RUN apk add --no-cache --virtual .build_deps \ zlib-dev \ && cd /synapse \ && apk add --no-cache --virtual .runtime_deps \ - libffi \ + libffi \ libjpeg-turbo \ - libressl \ - libxslt \ - libpq \ - zlib \ - su-exec \ + libressl \ + libxslt \ + libpq \ + zlib \ + su-exec \ && pip install --upgrade \ lxml \ pip \ @@ -29,12 +29,10 @@ RUN apk add --no-cache --virtual .build_deps \ && mkdir -p /synapse/cache \ && pip install -f /synapse/cache --upgrade --process-dependency-links . \ && mv /synapse/docker/start.py /synapse/docker/conf / \ - && rm -rf \ - setup.cfg \ - setup.py \ - synapse \ + && rm -rf /synapse \ + && rm -rf /root/.cache \ && apk del .build_deps - + VOLUME ["/data"] EXPOSE 8008/tcp 8448/tcp From e39844dcd9694dbf0efd4c1f8d856f8fa105b7ad Mon Sep 17 00:00:00 2001 From: Richard van der Hoff Date: Thu, 27 Sep 2018 18:08:11 +0100 Subject: [PATCH 2/4] changelog --- changelog.d/3972.misc | 1 + 1 file changed, 1 insertion(+) create mode 100644 changelog.d/3972.misc diff --git a/changelog.d/3972.misc b/changelog.d/3972.misc new file mode 100644 index 000000000000..e56299ee78b1 --- /dev/null +++ b/changelog.d/3972.misc @@ -0,0 +1 @@ +Further reduce the docker image size From fb34224bb7c13e4e1b7ee3d22f1ed9bb533ee7dd Mon Sep 17 00:00:00 2001 From: Richard van der Hoff Date: Fri, 28 Sep 2018 00:09:35 +0100 Subject: [PATCH 3/4] Rewrite the dockerfile as a multistage build This means we can get rid of a whole load of cruft which we don't need. --- docker/Dockerfile | 64 ++++++++++++++++++++++++++++++++++------------- 1 file changed, 47 insertions(+), 17 deletions(-) diff --git a/docker/Dockerfile b/docker/Dockerfile index 3d914a79fd78..61532df908d8 100644 --- a/docker/Dockerfile +++ b/docker/Dockerfile @@ -1,7 +1,24 @@ ARG PYTHON_VERSION=2 -FROM docker.io/python:${PYTHON_VERSION}-alpine3.8 -COPY . /synapse +### +### Stage 0: builder +### +FROM docker.io/python:${PYTHON_VERSION}-alpine3.8 as builder + +# first of all, install the runtime deps; this layer can then be used in the +# final stage as well. + +RUN apk add --no-cache --virtual .runtime_deps \ + libffi \ + libjpeg-turbo \ + libressl \ + libxslt \ + libpq \ + zlib \ + su-exec + +# install the OS build deps, and build wheels for the python libs which have +# slow build steps, as more layers which can be cached independently RUN apk add --no-cache --virtual .build_deps \ build-base \ @@ -11,27 +28,40 @@ RUN apk add --no-cache --virtual .build_deps \ libxslt-dev \ linux-headers \ postgresql-dev \ - zlib-dev \ - && cd /synapse \ - && apk add --no-cache --virtual .runtime_deps \ + zlib-dev + +RUN pip install --prefix="/install" --no-warn-script-location \ + cryptography \ + lxml \ + msgpack-python \ + pillow \ + psycopg2 \ + pynacl + +# now install synapse and all of the python deps to /install. + +COPY . /synapse +RUN pip install --prefix="/install" --no-warn-script-location \ + /synapse + +### +### Stage 1: runtime +### + +FROM docker.io/python:${PYTHON_VERSION}-alpine3.8 + +RUN apk add --no-cache --virtual .runtime_deps \ libffi \ libjpeg-turbo \ libressl \ libxslt \ libpq \ zlib \ - su-exec \ - && pip install --upgrade \ - lxml \ - pip \ - psycopg2 \ - setuptools \ - && mkdir -p /synapse/cache \ - && pip install -f /synapse/cache --upgrade --process-dependency-links . \ - && mv /synapse/docker/start.py /synapse/docker/conf / \ - && rm -rf /synapse \ - && rm -rf /root/.cache \ - && apk del .build_deps + su-exec + +COPY --from=builder /install /usr/local +COPY ./docker/start.py /start.py +COPY ./docker/conf /conf VOLUME ["/data"] From 768ad3c414d93f4716ba9c54bf784a3136178d90 Mon Sep 17 00:00:00 2001 From: Richard van der Hoff Date: Fri, 28 Sep 2018 11:37:38 +0100 Subject: [PATCH 4/4] more cleanups --- docker/Dockerfile | 27 ++++++++++----------------- 1 file changed, 10 insertions(+), 17 deletions(-) diff --git a/docker/Dockerfile b/docker/Dockerfile index 61532df908d8..db44c02a9234 100644 --- a/docker/Dockerfile +++ b/docker/Dockerfile @@ -5,22 +5,9 @@ ARG PYTHON_VERSION=2 ### FROM docker.io/python:${PYTHON_VERSION}-alpine3.8 as builder -# first of all, install the runtime deps; this layer can then be used in the -# final stage as well. +# install the OS build deps -RUN apk add --no-cache --virtual .runtime_deps \ - libffi \ - libjpeg-turbo \ - libressl \ - libxslt \ - libpq \ - zlib \ - su-exec - -# install the OS build deps, and build wheels for the python libs which have -# slow build steps, as more layers which can be cached independently - -RUN apk add --no-cache --virtual .build_deps \ +RUN apk add \ build-base \ libffi-dev \ libjpeg-turbo-dev \ @@ -30,18 +17,24 @@ RUN apk add --no-cache --virtual .build_deps \ postgresql-dev \ zlib-dev +# build things which have slow build steps, before we copy synapse, so that +# the layer can be cached. +# +# (we really just care about caching a wheel here, as the "pip install" below +# will install them again.) + RUN pip install --prefix="/install" --no-warn-script-location \ cryptography \ - lxml \ msgpack-python \ pillow \ - psycopg2 \ pynacl # now install synapse and all of the python deps to /install. COPY . /synapse RUN pip install --prefix="/install" --no-warn-script-location \ + lxml \ + psycopg2 \ /synapse ###