docker
/
docs
mirror of https://github.com/docker/docs.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Update best-practices.md (#21045) 

## Description

Adding `--no-install-recommends` is a common best practice and can
massively reduce image sizes. Since people copy from this page it is
good to add.
This commit is contained in:
Duncan Ogilvie 2024-12-03 13:38:00 +01:00 committed by GitHub
parent 548f41111a
commit ff09b52268
No known key found for this signature in database
GPG Key ID: B5690EEEBB952194
1 changed files with 10 additions and 10 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

20
content/manuals/build/building/best-practices.md
View File

@ -98,7 +98,7 @@ download of base images and dependencies.
```dockerfile
# syntax=docker/dockerfile:1
FROM ubuntu:24.04
RUN apt-get -y update && apt-get install -y python
RUN apt-get -y update && apt-get install -y --no-install-recommends python3
```
Also consider [pinning base image versions](#pin-base-image-versions).
@ -165,7 +165,7 @@ review. Adding a space before a backslash (`\`) helps as well.
Heres an example from the [buildpack-deps image](https://github.com/docker-library/buildpack-deps):
```dockerfile
RUN apt-get update && apt-get install -y \
RUN apt-get update && apt-get install -y --no-install-recommends \
bzr \
cvs \
git \
@ -322,7 +322,7 @@ For example, you can chain commands with the `&&` operator, and use
escape characters to break long commands into multiple lines.
```dockerfile
RUN apt-get update && apt-get install -y \
RUN apt-get update && apt-get install -y --no-install-recommends \
package-bar \
package-baz \
package-foo
@ -337,7 +337,7 @@ with a pipeline operator:
```dockerfile
RUN <<EOF
apt-get update
apt-get install -y \
apt-get install -y --no-install-recommends \
package-bar \
package-baz \
package-foo
@ -356,7 +356,7 @@ Always combine `RUN apt-get update` with `apt-get install` in the same `RUN`
statement. For example:
```dockerfile
RUN apt-get update && apt-get install -y \
RUN apt-get update && apt-get install -y --no-install-recommends \
package-bar \
package-baz \
package-foo
@ -370,7 +370,7 @@ subsequent `apt-get install` instructions to fail. For example, this issue will
FROM ubuntu:22.04
RUN apt-get update
RUN apt-get install -y curl
RUN apt-get install -y --no-install-recommends curl
```
After building the image, all layers are in the Docker cache. Suppose you later
@ -381,7 +381,7 @@ modify `apt-get install` by adding an extra package as shown in the following Do
FROM ubuntu:22.04
RUN apt-get update
RUN apt-get install -y curl nginx
RUN apt-get install -y --no-install-recommends curl nginx
```
Docker sees the initial and modified instructions as identical and reuses the
@ -390,14 +390,14 @@ because the build uses the cached version. Because the `apt-get update` isn't
run, your build can potentially get an outdated version of the `curl` and
`nginx` packages.
Using `RUN apt-get update && apt-get install -y` ensures your Dockerfile
Using `RUN apt-get update && apt-get install -y --no-install-recommends` ensures your Dockerfile
installs the latest package versions with no further coding or manual
intervention. This technique is known as cache busting. You can also achieve
cache busting by specifying a package version. This is known as version pinning.
For example:
```dockerfile
RUN apt-get update && apt-get install -y \
RUN apt-get update && apt-get install -y --no-install-recommends \
package-bar \
package-baz \
package-foo=1.3.*
@ -411,7 +411,7 @@ Below is a well-formed `RUN` instruction that demonstrates all the `apt-get`
recommendations.
```dockerfile
RUN apt-get update && apt-get install -y \
RUN apt-get update && apt-get install -y --no-install-recommends \
aufs-tools \
automake \
build-essential \