Skip to content

Commit e1abc3c

Browse files
author
Christos KK Loverdos
committed
[CGKIELE-166] Optimize image across space and time
We cut the final mantis image build time by an order of magnitude and image size 30% by carefully crafting "parent" images and by using a multi-stage build technique.
1 parent 66a23d4 commit e1abc3c

11 files changed

+156
-54
lines changed

docker/Dockerfile

Lines changed: 16 additions & 16 deletions
Original file line numberDiff line numberDiff line change
@@ -1,4 +1,4 @@
1-
FROM mantis-dev:2018-04-25.3e3a3eb
1+
FROM mantis-dev:latest as CURRENTBUILD
22

33
ARG MANTIS_TAG
44
ENV MANTIS_TAG ${MANTIS_TAG:-phase/iele_testnet}
@@ -14,20 +14,20 @@ ENV MANTIS_TAG ${MANTIS_TAG:-phase/iele_testnet}
1414
ARG MANTIS_DIST_ZIP_NAME
1515
ENV MANTIS_DIST_ZIP_NAME ${MANTIS_DIST_ZIP_NAME:-mantis-*}
1616

17-
# TODO: Could just use a nix-shell and garbage collect (e.g. git, unzip, sbt) after the installations ...
18-
RUN . ~/.nix-profile/etc/profile.d/nix.sh \
19-
&& cd repos \
20-
&& git clone https://github.com/input-output-hk/mantis.git \
21-
&& cd mantis \
22-
&& git checkout $MANTIS_TAG \
23-
&& git submodule update --init \
24-
&& sbt 'set test in Test := {}' dist \
25-
&& mkdir -p ~/mantis-dist/app \
26-
&& unzip -d ~/mantis-dist/app target/universal/${MANTIS_DIST_ZIP_NAME}.zip \
27-
&& mv ~/mantis-dist/app/*/* ~/mantis-dist/app \
28-
&& rmdir ~/mantis-dist/app/$MANTIS_DIST_ZIP_NAME \
29-
&& cd ~ \
30-
&& rm -rf ~/repos ~/.ivy2 ~/.sbt
31-
17+
# Grab latest mantis, build the distribution and install it
18+
RUN ~/install-mantis.sh $MANTIS_TAG $MANTIS_DIST_ZIP_NAME
3219
# Now mantis is in /home/mantis/mantis-dist/app
3320
# or just /app
21+
22+
# Start over and keep what is needed.
23+
# Now the size optimization comes from `mantis-base`:
24+
# smaller `mantis-base` means smaller `mantis` image (this image).
25+
FROM mantis-base:latest
26+
27+
USER root
28+
COPY --from=CURRENTBUILD /home/mantis/mantis-dist /home/mantis/mantis-dist
29+
RUN chown -R mantis:mantis /home/mantis/mantis-dist
30+
31+
USER mantis
32+
WORKDIR /app
33+
VOLUME /app/conf

docker/Dockerfile-base

Lines changed: 20 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,20 @@
1+
FROM ubuntu:xenial
2+
3+
# This "base" image contains the base OS along with some extra programs.
4+
5+
# See the accompanying `build-base.sh` script for tagging details.
6+
7+
ENV DEBIAN_FRONTEND noninteractive
8+
9+
ADD scripts/install-base-system.sh /root/
10+
RUN /root/install-base-system.sh
11+
12+
ADD scripts/install-nix-common.sh /home/mantis/
13+
ADD scripts/install-nix-apps-base.sh /home/mantis/
14+
RUN chown mantis:mantis /home/mantis/install-*.sh
15+
16+
USER mantis
17+
WORKDIR /home/mantis
18+
ENV USER mantis
19+
20+
RUN ~/install-nix-apps-base.sh

docker/Dockerfile-dev

Lines changed: 11 additions & 37 deletions
Original file line numberDiff line numberDiff line change
@@ -1,57 +1,31 @@
1-
FROM ubuntu:xenial
1+
FROM mantis-base:latest
22

33
# This "dev" image creates enough of a Mantis build environment,
44
# so that the actual Mantis images can be built in less time.
55
# We are particularly interested in caching the dependencies needed
66
# during the build process. This means that whenever those change,
77
# the "dev" image must be recreated.
88

9+
# See the `Dockerfile-base` for the parent image details.
910
# See the accompanying `build-dev.sh` script for tagging details.
1011

11-
ENV DEBIAN_FRONTEND noninteractive
12-
1312
ARG SBT_VERIFY_TAG
1413
ENV SBT_VERIFY_TAG ${SBT_VERIFY_TAG:-v0.4.1}
1514

1615
ARG MANTIS_TAG
1716
ENV MANTIS_TAG ${MANTIS_TAG:-phase/iele_testnet}
1817

19-
# Just install enough to get nix up and running
20-
RUN apt-get update \
21-
&& apt-get dist-upgrade -y \
22-
&& apt-get install -y curl bzip2 locales \
23-
&& locale-gen en_US.UTF-8 \
24-
&& update-locale LC_ALL=en_US.UTF-8 LANG=en_US.UTF-8 \
25-
&& adduser --disabled-password --gecos '' mantis \
26-
&& mkdir /nix \
27-
&& chown mantis:mantis /nix \
28-
&& su mantis -c 'curl https://nixos.org/nix/install | sh && . ~/.nix-profile/etc/profile.d/nix.sh && nix-channel --update && tail -n 1 ~/.profile >> ~/.bashrc' \
29-
&& ln -s /home/mantis/mantis-dist/app /app \
30-
&& apt-get purge -y curl bzip2 \
31-
&& apt-get clean -y \
32-
&& rm -rf /var/cache/debconf/* /var/lib/apt/lists/* /var/log/* /tmp/* /var/tmp/*
18+
USER root
19+
20+
ADD scripts/install-nix-apps-dev.sh /home/mantis/
21+
ADD scripts/install-mantis-dev.sh /home/mantis/
22+
ADD scripts/install-mantis.sh /home/mantis/
23+
24+
RUN chown mantis:mantis /home/mantis/install-*.sh
3325

3426
USER mantis
3527
WORKDIR /home/mantis
3628
ENV USER mantis
3729

38-
# install java, sbt, git, unzip
39-
RUN . ~/.nix-profile/etc/profile.d/nix.sh \
40-
&& nix-env -i openjdk-8u172b02 sbt-1.1.4 git unzip \
41-
&& nix-collect-garbage
42-
43-
# TODO: Could just use a nix-shell and garbage collect (e.g. git, unzip, sbt) after the installations ...
44-
RUN . ~/.nix-profile/etc/profile.d/nix.sh \
45-
&& mkdir repos && cd repos \
46-
&& git clone https://github.com/input-output-hk/sbt-verify.git \
47-
&& cd sbt-verify \
48-
&& git checkout $SBT_VERIFY_TAG \
49-
&& sbt publishLocal \
50-
&& cd - \
51-
&& git clone https://github.com/input-output-hk/mantis.git \
52-
&& cd mantis \
53-
&& git checkout $MANTIS_TAG \
54-
&& git submodule update --init \
55-
&& sbt 'set test in Test := {}' dist \
56-
&& cd ~ \
57-
&& rm -rf ~/repos/*
30+
RUN ~/install-nix-apps-dev.sh
31+
RUN ~/install-mantis-dev.sh $SBT_VERIFY_TAG $MANTIS_TAG

docker/build-base.sh

Lines changed: 7 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,7 @@
1+
#!/usr/bin/env bash
2+
3+
set -eux
4+
5+
HERE=$(readlink -m $(dirname ${BASH_SOURCE[0]}))
6+
7+
exec $HERE/buildhelper.sh mantis-base Dockerfile-base latest

docker/build-dev.sh

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -4,4 +4,4 @@ set -eux
44

55
HERE=$(readlink -m $(dirname ${BASH_SOURCE[0]}))
66

7-
exec $HERE/buildhelper.sh mantis-dev Dockerfile-dev
7+
exec $HERE/buildhelper.sh mantis-dev Dockerfile-dev latest

docker/scripts/install-base-system.sh

Lines changed: 21 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,21 @@
1+
#!/usr/bin/env bash
2+
3+
set -euxo pipefail
4+
5+
apt-get update
6+
apt-get dist-upgrade -y
7+
apt-get install -y curl bzip2 locales
8+
locale-gen en_US.UTF-8
9+
update-locale LC_ALL=en_US.UTF-8 LANG=en_US.UTF-8
10+
11+
adduser --disabled-password --gecos '' mantis
12+
13+
mkdir /nix
14+
chown mantis:mantis /nix
15+
su mantis -c 'curl https://nixos.org/nix/install | sh \
16+
&& tail -n 1 ~/.profile >> ~/.bashrc'
17+
ln -s /home/mantis/mantis-dist/app /app
18+
19+
apt-get purge -y curl bzip2
20+
apt-get clean -y
21+
rm -rf /var/cache/debconf/* /var/lib/apt/lists/* /var/log/* /tmp/* /var/tmp/*

docker/scripts/install-mantis-dev.sh

Lines changed: 27 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,27 @@
1+
#!/usr/bin/env bash
2+
3+
set -euxo pipefail
4+
5+
SBT_VERIFY_TAG=$1
6+
MANTIS_TAG=$2
7+
8+
HERE=$(readlink -m $(dirname ${BASH_SOURCE[0]}))
9+
. $HERE/install-nix-common.sh
10+
11+
mkdir ~/repos
12+
13+
cd ~/repos
14+
git clone https://github.com/input-output-hk/sbt-verify.git
15+
cd sbt-verify
16+
git checkout $SBT_VERIFY_TAG
17+
# This is needed, since the library is not published in binary form.
18+
sbt publishLocal
19+
20+
cd ~/repos
21+
git clone https://github.com/input-output-hk/mantis.git
22+
cd mantis
23+
git checkout $MANTIS_TAG
24+
git submodule update --init
25+
26+
# Trigger compilation, so that we get some dependencies from the internetz.
27+
sbt 'set test in Test := {}' compile

docker/scripts/install-mantis.sh

Lines changed: 21 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,21 @@
1+
#!/usr/bin/env bash
2+
3+
set -euxo pipefail
4+
5+
MANTIS_TAG=$1
6+
MANTIS_DIST_ZIP_NAME=$2
7+
8+
HERE=$(readlink -m $(dirname ${BASH_SOURCE[0]}))
9+
. $HERE/install-nix-common.sh
10+
11+
cd ~/repos/mantis
12+
13+
git checkout $MANTIS_TAG
14+
git submodule update --init
15+
16+
sbt 'set test in Test := {}' dist
17+
mkdir -p ~/mantis-dist/app
18+
unzip -d ~/mantis-dist/app target/universal/${MANTIS_DIST_ZIP_NAME}.zip
19+
mv ~/mantis-dist/app/*/* ~/mantis-dist/app
20+
rmdir ~/mantis-dist/app/$MANTIS_DIST_ZIP_NAME
21+
rm -rf ~/repos ~/.ivy2 ~/.sbt
Lines changed: 9 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,9 @@
1+
#!/usr/bin/env bash
2+
3+
set -euxo pipefail
4+
5+
HERE=$(readlink -m $(dirname ${BASH_SOURCE[0]}))
6+
. $HERE/install-nix-common.sh
7+
8+
nix-install openjdk
9+
nix-collect-garbage -d
Lines changed: 9 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,9 @@
1+
#!/usr/bin/env bash
2+
3+
set -euxo pipefail
4+
5+
HERE=$(readlink -m $(dirname ${BASH_SOURCE[0]}))
6+
. $HERE/install-nix-common.sh
7+
8+
nix-install sbt gitMinimal unzip
9+
nix-collect-garbage -d

docker/scripts/install-nix-common.sh

Lines changed: 14 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,14 @@
1+
#!/usr/bin/env bash
2+
3+
set -euxo pipefail
4+
5+
NIX_PROFILE=~/.nix-profile/etc/profile.d/nix.sh
6+
7+
export MANPATH=
8+
. $NIX_PROFILE
9+
10+
export NIX_PATH=nixpkgs=https://github.com/NixOS/nixpkgs-channels/archive/nixos-18.03.tar.gz
11+
12+
function nix-install() {
13+
nix-env -f '<nixpkgs>' -iA "$@"
14+
}

0 commit comments

Comments
 (0)