'docker build' tries to reuse the layers already built until something changes inside the Dockerfile. In this way, we can save several minutes when rebuilding an image if the changes happen further down the list in the Dockerfile.
Sometimes, though, we do want to invalidate the cache and ensure the next build won't use it.
To do this an option is to pass the '--no-cache' argument to 'docker build'.
When dealing with 'apt-get install' instructions though there are other tricks. I found this document on Dockerfile best practices very useful.
First of all an observation. If you have 'RUN apt-get update' as a single line of a Dockerfile, followed by the installation of a package, e.g.:
RUN apt-get update
RUN apt-get install -y nginx
then changing the list of packages and running again the build command won't trigger an 'apt-get update': that line hasn't changed so docker build reuses the cache. It might not be what you want.
To force cache invalidation for this specific case the recommendation is to use those commands in the form:
RUN apt-get update && apt-get install -y nginx
This will always install the latest version of the packages. It even has a name: "cache busting".
Another recommendation I like is to put each package on a single line, and have them in alphabetical order: this will ease visual inspection and prevent duplicates or other undesired conditions.
Of course, you can also specify exact versions for the packages as you would normally do with 'apt-get install'. That's "version pinning" and it invalidates the cache too.
You can find all this on the linked page on Dockerfile best practices; this is just my digested interpretation.
Just one more thing: a way to limit the size of a built image is to clean up the content of '/var/lib/apt/lists' in the same RUN command, e.g.:
RUN apt-get update && apt-get install -y \
aufs-tools \
automake \
build-essential \
&& rm -rf /var/lib/apt/lists/*
The command above will build an image layer that doesn't contain the apt cache.
If you had instead used this:
RUN apt-get update && apt-get install -y \
aufs-tools \
automake \
build-essential
RUN rm -rf /var/lib/apt/lists/*
you would have had not only a larger layer, containing the apt cache, but also an additional layer generated by the second RUN command.
No comments:
Post a Comment