Docker Optimization Skill

Docker优化技能

Comprehensive optimization techniques for Docker images and containers covering size reduction, build caching, and runtime performance.

涵盖镜像体积缩减、构建缓存和运行时性能的Docker镜像与容器全方位优化技术。

Purpose

目标

Reduce image size, improve build times, and optimize container performance using 2024-2025 industry best practices.

采用2024-2025年行业最佳实践，缩减镜像体积、提升构建速度并优化容器性能。

Parameters

参数

Parameter	Type	Required	Default	Description
target	enum	No	all	size/build/runtime/all
base_image	string	No	-	Current base image
current_size	string	No	-	Current image size

参数	类型	是否必填	默认值	描述
target	枚举	否	all	size/build/runtime/all
base_image	字符串	否	-	当前基础镜像
current_size	字符串	否	-	当前镜像大小

Optimization Strategies

优化策略

1. Image Size Reduction

1. 镜像体积缩减

Base Image Selection

基础镜像选择

Base	Size	Use Case
scratch	0	Static Go/Rust binaries
distroless	2-20MB	Production containers
alpine	5MB	General purpose
slim	80-150MB	When apt packages needed
full	500MB+	Development only

dockerfile

undefined

基础镜像	体积	适用场景
scratch	0	静态Go/Rust二进制文件
distroless	2-20MB	生产环境容器
alpine	5MB	通用场景
slim	80-150MB	需要apt包时
full	500MB+	仅用于开发

dockerfile

undefined

Before: 1.2GB

优化前：1.2GB

FROM node:20

After: 150MB (88% smaller)

优化后：150MB（缩小88%）

FROM node:20-alpine

undefined

FROM node:20-alpine

undefined

Layer Optimization

分层优化

dockerfile

undefined

dockerfile

undefined

Bad: 3 layers, 150MB

不佳：3层，150MB

RUN apt-get update RUN apt-get install -y curl RUN rm -rf /var/lib/apt/lists/*

Good: 1 layer, 50MB

良好：1层，50MB

RUN apt-get update &&
apt-get install -y --no-install-recommends curl &&
rm -rf /var/lib/apt/lists/*

undefined

RUN apt-get update &&
apt-get install -y --no-install-recommends curl &&
rm -rf /var/lib/apt/lists/*

undefined

Remove Unnecessary Files

移除不必要文件

dockerfile

undefined

dockerfile

undefined

Clean package manager cache

清理包管理器缓存

RUN npm cache clean --force RUN pip cache purge RUN apt-get clean && rm -rf /var/lib/apt/lists/*

Use .dockerignore

使用.dockerignore

node_modules, .git, *.md, tests/, docs/

undefined

undefined

2. Build Speed Optimization

2. 构建速度优化

Layer Caching Strategy

分层缓存策略

dockerfile

undefined

dockerfile

undefined

Dependencies first (rarely change)

先复制依赖（很少变更）

COPY package*.json ./ RUN npm ci

Source code last (frequently changes)

最后复制源代码（频繁变更）

COPY . . RUN npm run build

undefined

COPY . . RUN npm run build

undefined

BuildKit Cache Mounts

BuildKit缓存挂载

dockerfile

undefined

dockerfile

undefined

syntax=docker/dockerfile:1

FROM node:20-alpine

Cache npm packages

缓存npm包

RUN --mount=type=cache,target=/root/.npm
npm ci

Cache pip packages

缓存pip包

RUN --mount=type=cache,target=/root/.cache/pip
pip install -r requirements.txt

undefined

RUN --mount=type=cache,target=/root/.cache/pip
pip install -r requirements.txt

undefined

Parallel Multi-Stage

并行多阶段构建

dockerfile

undefined

dockerfile

undefined

Parallel stages (BuildKit)

并行阶段（BuildKit）

FROM node:20-alpine AS deps COPY package*.json ./ RUN npm ci

FROM deps AS builder COPY . . RUN npm run build

FROM deps AS linter COPY . . RUN npm run lint

undefined

FROM node:20-alpine AS deps COPY package*.json ./ RUN npm ci

FROM deps AS builder COPY . . RUN npm run build

FROM deps AS linter COPY . . RUN npm run lint

undefined

3. Runtime Performance

3. 运行时性能优化

Resource Limits

资源限制

yaml

services:
  app:
    deploy:
      resources:
        limits:
          cpus: '1'
          memory: 512M
        reservations:
          cpus: '0.5'
          memory: 256M

yaml

services:
  app:
    deploy:
      resources:
        limits:
          cpus: '1'
          memory: 512M
        reservations:
          cpus: '0.5'
          memory: 256M

Container Tuning

容器调优

bash

undefined

bash

undefined

Set memory limits

设置内存限制

docker run --memory=512m --memory-swap=512m app

CPU limits

CPU限制

docker run --cpus=1.5 app

I/O limits

I/O限制

docker run --device-read-bps=/dev/sda:1mb app

undefined

docker run --device-read-bps=/dev/sda:1mb app

undefined

Optimization Checklist

优化检查清单

Size Checklist

体积检查清单

Using smallest viable base image?
Multi-stage build implemented?
Package manager cache cleaned?
Dev dependencies excluded?
.dockerignore configured?

是否使用了最小可行基础镜像？
是否实现了多阶段构建？
是否清理了包管理器缓存？
是否排除了开发依赖？
是否配置了.dockerignore？

Build Speed Checklist

构建速度检查清单

Dependencies copied before code?
BuildKit enabled?
Cache mounts used?
Parallel stages where possible?

是否先复制依赖再复制代码？
是否启用了BuildKit？
是否使用了缓存挂载？
是否在可行处使用了并行阶段？

Runtime Checklist

运行时检查清单

Resource limits set?
Health checks configured?
Non-root user?
Read-only filesystem where possible?

是否设置了资源限制？
是否配置了健康检查？
是否使用非root用户？
是否在可行处使用了只读文件系统？

Analysis Tools

分析工具

bash

undefined

bash

undefined

Image size analysis

镜像体积分析

docker images --format "table {{.Repository}}\t{{.Tag}}\t{{.Size}}"

Layer analysis

分层分析

docker history <image> --format "{{.Size}}\t{{.CreatedBy}}"

Deep dive analysis

深度分析

dive <image>

Build time analysis

构建时间分析

DOCKER_BUILDKIT=1 docker build --progress=plain .

undefined

DOCKER_BUILDKIT=1 docker build --progress=plain .

undefined

Error Handling

错误处理

Common Issues

常见问题

Issue	Cause	Solution
Large image	No multi-stage	Implement multi-stage
Slow builds	Poor layer order	Dependencies before code
Cache not working	Context changes	Use .dockerignore
OOM at runtime	No limits	Set memory limits

问题	原因	解决方案
镜像过大	未使用多阶段构建	实现多阶段构建
构建缓慢	分层顺序不合理	先复制依赖再复制代码
缓存不生效	上下文变更	使用.dockerignore
运行时内存不足	未设置限制	设置内存限制

Troubleshooting

故障排查

Debug Checklist

调试检查清单

BuildKit enabled? (
```
DOCKER_BUILDKIT=1
```
)
Cache being used? (Check build output)
.dockerignore working? (Check context size)
Layers optimized? (Run
```
dive
```
)

是否启用了BuildKit？（
```
DOCKER_BUILDKIT=1
```
）
是否在使用缓存？（检查构建输出）
.dockerignore是否生效？（检查上下文体积）
分层是否已优化？（运行
```
dive
```
）

Usage

使用方法

Skill("docker-optimization")

Skill("docker-optimization")

docker-optimization

Original

Translation

Docker Optimization Skill

Docker优化技能

Purpose

目标

Parameters

参数

Optimization Strategies

优化策略

1. Image Size Reduction

1. 镜像体积缩减

Base Image Selection

基础镜像选择

Before: 1.2GB

优化前：1.2GB

After: 150MB (88% smaller)

优化后：150MB（缩小88%）

Layer Optimization

分层优化

Bad: 3 layers, 150MB

不佳：3层，150MB

Good: 1 layer, 50MB

良好：1层，50MB

Remove Unnecessary Files

移除不必要文件

Clean package manager cache

清理包管理器缓存

Use .dockerignore

使用.dockerignore

node_modules, .git, *.md, tests/, docs/

node_modules, .git, *.md, tests/, docs/

2. Build Speed Optimization

2. 构建速度优化

Layer Caching Strategy

分层缓存策略

Dependencies first (rarely change)

先复制依赖（很少变更）

Source code last (frequently changes)

最后复制源代码（频繁变更）

BuildKit Cache Mounts

BuildKit缓存挂载

syntax=docker/dockerfile:1

syntax=docker/dockerfile:1

Cache npm packages

缓存npm包

Cache pip packages

缓存pip包

Parallel Multi-Stage

并行多阶段构建

Parallel stages (BuildKit)

并行阶段（BuildKit）

3. Runtime Performance

3. 运行时性能优化

Resource Limits

资源限制

Container Tuning

容器调优

Set memory limits

设置内存限制

CPU limits

CPU限制

I/O limits

I/O限制

Optimization Checklist

优化检查清单

Size Checklist

体积检查清单

Build Speed Checklist

构建速度检查清单

Runtime Checklist

运行时检查清单

Analysis Tools

分析工具

Image size analysis

镜像体积分析

Layer analysis

分层分析

Deep dive analysis