New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

reduce docker image size #10743

Merged
merged 1 commit into from Oct 5, 2018

Conversation

Projects
None yet
2 participants
@FireFart
Contributor

FireFart commented Oct 4, 2018

This PR reduces the size of the built docker image.

The added chown build step created an additional layer with all gems included.

The fix moved the permission change step into the build image so the layer is omitted from the final image. This saves around 150 MB.

Image size compare

metasploit                                              dev                 89ffebea037f        5 minutes ago       400MB
metasploitframework/metasploit-framework                latest              25ef38d5eec0        2 hours ago         548MB

Layers before

note the double 153MB layer

[firefart@fedora metasploit-framework]$ docker history metasploitframework/metasploit-framework
IMAGE               CREATED             CREATED BY                                      SIZE                COMMENT
25ef38d5eec0        2 hours ago         /bin/sh -c #(nop)  CMD ["./msfconsole" "-r" …   0B                  
<missing>           2 hours ago         /bin/sh -c #(nop)  ENTRYPOINT ["docker/entry…   0B                  
<missing>           2 hours ago         /bin/sh -c /usr/sbin/setcap cap_net_raw,cap_…   2.96MB              
<missing>           2 hours ago         /bin/sh -c /usr/sbin/setcap cap_net_raw,cap_…   113kB               
<missing>           2 hours ago         /bin/sh -c #(nop) WORKDIR /usr/src/metasploi…   0B                  
<missing>           2 hours ago         /bin/sh -c apk add --no-cache bash sqlite-li…   112MB               
<missing>           2 hours ago         /bin/sh -c chmod -R a+r /usr/local/bundle       153MB               
<missing>           2 hours ago         /bin/sh -c #(nop) COPY dir:b9232ba627de276bc…   80.7MB              
<missing>           2 hours ago         /bin/sh -c #(nop) COPY dir:02983983bcf771c1e…   153MB               
<missing>           2 hours ago         /bin/sh -c #(nop)  ENV NMAP_PRIVILEGED=         0B                  
<missing>           2 hours ago         /bin/sh -c #(nop)  ENV APP_HOME=/usr/src/met…   0B                  
<missing>           2 hours ago         /bin/sh -c #(nop)  LABEL maintainer=Rapid7      0B                  
<missing>           44 hours ago        /bin/sh -c #(nop)  CMD ["irb"]                  0B                  
<missing>           44 hours ago        /bin/sh -c mkdir -p "$GEM_HOME" && chmod 777…   0B                  
<missing>           44 hours ago        /bin/sh -c #(nop)  ENV PATH=/usr/local/bundl…   0B                  
<missing>           44 hours ago        /bin/sh -c #(nop)  ENV BUNDLE_PATH=/usr/loca…   0B                  
<missing>           44 hours ago        /bin/sh -c #(nop)  ENV GEM_HOME=/usr/local/b…   0B                  
<missing>           44 hours ago        /bin/sh -c set -ex   && apk add --no-cache -…   41.1MB              
<missing>           13 days ago         /bin/sh -c #(nop)  ENV BUNDLER_VERSION=1.16.5   0B                  
<missing>           3 weeks ago         /bin/sh -c #(nop)  ENV RUBYGEMS_VERSION=2.7.7   0B                  
<missing>           3 weeks ago         /bin/sh -c #(nop)  ENV RUBY_DOWNLOAD_SHA256=…   0B                  
<missing>           3 weeks ago         /bin/sh -c #(nop)  ENV RUBY_VERSION=2.5.1       0B                  
<missing>           3 weeks ago         /bin/sh -c #(nop)  ENV RUBY_MAJOR=2.5           0B                  
<missing>           3 weeks ago         /bin/sh -c mkdir -p /usr/local/etc  && {   e…   45B                 
<missing>           3 weeks ago         /bin/sh -c #(nop)  CMD ["/bin/sh"]              0B                  
<missing>           3 weeks ago         /bin/sh -c #(nop) ADD file:49f9e47e678d868d5…   4.21MB   

Layers after

[firefart@fedora metasploit-framework]$ docker history metasploit:dev
IMAGE               CREATED              CREATED BY                                      SIZE                COMMENT
89ffebea037f        About a minute ago   /bin/sh -c #(nop)  CMD ["./msfconsole" "-r" …   0B                  
08d8098b9f3b        About a minute ago   /bin/sh -c #(nop)  ENTRYPOINT ["docker/entry…   0B                  
dcfeb66dfdf3        About a minute ago   /bin/sh -c #(nop) WORKDIR /usr/src/metasploi…   0B                  
5c6833e021d5        About a minute ago   /bin/sh -c /usr/sbin/setcap cap_net_raw,cap_…   2.96MB              
25cb57b8f2b6        About a minute ago   /bin/sh -c /usr/sbin/setcap cap_net_raw,cap_…   113kB               
455bc67dc720        About a minute ago   /bin/sh -c apk add --no-cache bash sqlite-li…   112MB               
39347bb84d1b        About a minute ago   /bin/sh -c #(nop) COPY dir:beb5fb14d2c31a203…   80.6MB              
665d267939ed        About a minute ago   /bin/sh -c #(nop) COPY dir:42578ebf5704fd493…   159MB               
0cc13939fd58        4 hours ago          /bin/sh -c #(nop)  ENV NMAP_PRIVILEGED=         0B                  
ef77dfd81d35        4 hours ago          /bin/sh -c #(nop)  ENV APP_HOME=/usr/src/met…   0B                  
f31afa5646d4        4 hours ago          /bin/sh -c #(nop)  LABEL maintainer=Rapid7      0B                  
5e8ccf287c4d        44 hours ago         /bin/sh -c #(nop)  CMD ["irb"]                  0B                  
<missing>           44 hours ago         /bin/sh -c mkdir -p "$GEM_HOME" && chmod 777…   0B                  
<missing>           44 hours ago         /bin/sh -c #(nop)  ENV PATH=/usr/local/bundl…   0B                  
<missing>           44 hours ago         /bin/sh -c #(nop)  ENV BUNDLE_PATH=/usr/loca…   0B                  
<missing>           44 hours ago         /bin/sh -c #(nop)  ENV GEM_HOME=/usr/local/b…   0B                  
<missing>           44 hours ago         /bin/sh -c set -ex   && apk add --no-cache -…   41.1MB              
<missing>           13 days ago          /bin/sh -c #(nop)  ENV BUNDLER_VERSION=1.16.5   0B                  
<missing>           3 weeks ago          /bin/sh -c #(nop)  ENV RUBYGEMS_VERSION=2.7.7   0B                  
<missing>           3 weeks ago          /bin/sh -c #(nop)  ENV RUBY_DOWNLOAD_SHA256=…   0B                  
<missing>           3 weeks ago          /bin/sh -c #(nop)  ENV RUBY_VERSION=2.5.1       0B                  
<missing>           3 weeks ago          /bin/sh -c #(nop)  ENV RUBY_MAJOR=2.5           0B                  
<missing>           3 weeks ago          /bin/sh -c mkdir -p /usr/local/etc  && {   e…   45B                 
<missing>           3 weeks ago          /bin/sh -c #(nop)  CMD ["/bin/sh"]              0B                  
<missing>           3 weeks ago          /bin/sh -c #(nop) ADD file:49f9e47e678d868d5…   4.21MB  
@busterb

This comment has been minimized.

Show comment
Hide comment
@busterb

busterb Oct 5, 2018

Contributor

Nice improvement, thanks!

Contributor

busterb commented Oct 5, 2018

Nice improvement, thanks!

@busterb busterb merged commit 30423b3 into rapid7:master Oct 5, 2018

3 checks passed

Metasploit Automation - Sanity Test Execution Successfully completed all tests.
Details
Metasploit Automation - Test Execution Successfully completed all tests.
Details
continuous-integration/travis-ci/pr The Travis CI build passed
Details

busterb added a commit that referenced this pull request Oct 5, 2018

@busterb

This comment has been minimized.

Show comment
Hide comment
@busterb

busterb Oct 5, 2018

Contributor

Release Notes

The official Metasploit docker image is now 150MB smaller than before.

Contributor

busterb commented Oct 5, 2018

Release Notes

The official Metasploit docker image is now 150MB smaller than before.

msjenkins-r7 added a commit that referenced this pull request Oct 5, 2018

@FireFart FireFart deleted the FireFart:docker branch Oct 5, 2018

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment