Skip to content

Dockerfile: optimize layers #10103

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
wants to merge 1 commit into
base: master
Choose a base branch
from
Open

Dockerfile: optimize layers #10103

wants to merge 1 commit into from

Conversation

@marcofranssen
Copy link

@marcofranssen marcofranssen commented Mar 19, 2025
edited by coderabbitai bot
Loading

Enter [N/A] in the box, if an item is not applicable to your change.

Testing
Before we can approve your change; please submit the following in a comment:

  • [N/A] Example configuration file for the change
  • [N/A] Debug log output from testing the change
  • [N/A] Attached Valgrind output that shows no leaks or memory corruption was found

If this is a change to packaging of containers or native binaries then please confirm it works for all targets.

  • [N/A] Run local packaging test showing all targets (including any new ones) build.
  • [N/A] Set ok-package-test label to test for all targets (requires maintainer to do).

Documentation

  • [N/A] Documentation required for this feature

Backporting

  • [N/A] Backport to latest stable release.

Fluent Bit is licensed under Apache 2.0, by submitting this pull request I understand that this code will be released under the terms of that license.

Summary by CodeRabbit

  • Chores
    • Optimized Docker build process by consolidating build arguments and RUN steps to reduce intermediate layers, enabling faster builds and reduced image sizes.
    • Enhanced debug image with expanded toolkit and additional libraries for improved troubleshooting.
    • Configured production environment with improved service accessibility.

marcofranssen
marcofranssen commented Mar 19, 2025
View reviewed changes
dockerfiles/Dockerfile
FROM gcr.io/distroless/cc-debian12 AS production
ARG RELEASE_VERSION
ENV FLUENT_BIT_VERSION=${RELEASE_VERSION}
EXPOSE 2020
Copy link
Author

@marcofranssen marcofranssen Mar 19, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Moved up, as this is not likely to change, meaning the layer doesn't have to be rebuild,pushed,pulled.

@marcofranssen
Copy link
Author

marcofranssen commented Mar 27, 2025

Rebased on top of master branch and fixed following small mistake.

UndefinedVar: Usage of undefined variable '$RELEASE_VERSION'
More info: https://docs.docker.com/go/dockerfile/rule/undefined-var/

@github-actions
Copy link
Contributor

github-actions bot commented Sep 7, 2025

This PR is stale because it has been open 45 days with no activity. Remove stale label or comment or this will be closed in 10 days.

@github-actions github-actions bot added the Stale label Sep 7, 2025
@marcofranssen
Dockerfile: optimize layers
e39e92e 
Squashed some layers to reduce the amount of layers in the image. Also rearranged some layers to reduce the amount of layers that have to be rebuild.

If one layer changes all layers after have to be updated. By moving the ones least likely to change first this means less layers have to be rebuild, pushed and pulled on new releases.

Signed-off-by: Marco Franssen <[email protected]>
@marcofranssen
Copy link
Author

marcofranssen commented Nov 4, 2025
edited
Loading

I rebased the PR on latest main. Can someone please have a look at this one?

@patrick-stephens what is holding back from getting this one merged?

@coderabbitai
Copy link

coderabbitai bot commented Nov 4, 2025
edited
Loading

Walkthrough

The Dockerfile was refactored to consolidate build arguments, combine RUN instructions into single chained commands, expose port 2020 in the production stage, adjust library extraction flows, and expand the debug image environment with additional tools and libraries.

Changes

Cohort / File(s) Summary
Docker build optimization
dockerfiles/Dockerfile		 Combined FLB_NIGHTLY_BUILD and FLB_CHUNK_TRACE build arguments; consolidated FLB_WAMR_BUILD_TARGET and EXTRA_CMAKE_FLAGS; chained RUN make and install commands; added EXPOSE 2020 to production stage; adjusted library extraction and copy flows; expanded debug stage apt-get install list with additional tools and libraries

Estimated code review effort

🎯 2 (Simple) | ⏱️ ~12 minutes

  • Verify that chained RUN commands maintain functional equivalence with original separate commands
  • Confirm port exposure (EXPOSE 2020) is appropriate for production stage
  • Review expanded debug environment tooling list for completeness and appropriateness
  • Ensure library extraction/copy flow changes preserve correct binary and library placement

Suggested labels

ci/integration-docker-ok

Suggested reviewers

  • niedbalski
  • celalettin1286

Poem

🐰 From many layers, one emerges clean,
Build args combine in harmonious scene,
Chained commands flow like rabbits in flight,
Docker's streamlined now—oh what a sight! 🏗️

Pre-merge checks and finishing touches

✅ Passed checks (2 passed)
Check name Status Explanation
Description Check ✅ Passed Check skipped - CodeRabbit’s high-level summary is enabled.
Title check ✅ Passed The title 'Dockerfile: optimize layers' directly and concisely summarizes the main change: optimizing Docker build layers through consolidation of ARGs, ENVs, and RUN steps as evidenced by the raw summary.
✨ Finishing touches
🧪 Generate unit tests (beta)
  • Create PR with unit tests
  • Post copyable unit tests in a comment
📜 Recent review details

Configuration used: CodeRabbit UI

Review profile: CHILL

Plan: Pro

📥 Commits

Reviewing files that changed from the base of the PR and between ed06c31 and e39e92e.

📒 Files selected for processing (1)
  • dockerfiles/Dockerfile (5 hunks)
🧰 Additional context used
🧠 Learnings (5)
📚 Learning: 2025-09-14T09:46:09.531Z 
Learnt from: aminvakil
Repo: fluent/fluent-bit PR: 10844
File: conf/fluent-bit:13-15
Timestamp: 2025-09-14T09:46:09.531Z
Learning: For fluent-bit Debian packaging, /opt/fluent-bit/bin/ is the appropriate installation path since the package may be installed from non-official Debian sources, making /opt compliant with FHS for optional software packages.

Applied to files:

  • dockerfiles/Dockerfile
📚 Learning: 2025-08-31T12:46:11.940Z 
Learnt from: ThomasDevoogdt
Repo: fluent/fluent-bit PR: 9277
File: .github/workflows/pr-compile-check.yaml:147-151
Timestamp: 2025-08-31T12:46:11.940Z
Learning: In fluent-bit CMakeLists.txt, the system library preference flags are defined as FLB_PREFER_SYSTEM_LIB_ZSTD and FLB_PREFER_SYSTEM_LIB_KAFKA with the FLB_ prefix.

Applied to files:

  • dockerfiles/Dockerfile
📚 Learning: 2025-08-31T12:46:11.940Z 
Learnt from: ThomasDevoogdt
Repo: fluent/fluent-bit PR: 9277
File: .github/workflows/pr-compile-check.yaml:147-151
Timestamp: 2025-08-31T12:46:11.940Z
Learning: In fluent-bit, the correct CMake flag for using system librdkafka is `FLB_PREFER_SYSTEM_LIB_KAFKA=ON`.

Applied to files:

  • dockerfiles/Dockerfile
📚 Learning: 2025-09-08T11:21:33.975Z 
Learnt from: cosmo0920
Repo: fluent/fluent-bit PR: 10851
File: include/fluent-bit/flb_simd.h:60-66
Timestamp: 2025-09-08T11:21:33.975Z
Learning: Fluent Bit currently only supports MSVC compiler on Windows, so additional compiler compatibility guards may be unnecessary for Windows-specific code paths.

Applied to files:

  • dockerfiles/Dockerfile
📚 Learning: 2025-09-04T07:28:37.083Z 
Learnt from: cosmo0920
Repo: fluent/fluent-bit PR: 10832
File: src/wasm/CMakeLists.txt:112-131
Timestamp: 2025-09-04T07:28:37.083Z
Learning: In fluent-bit CMake files, the user cosmo0920 prefers treating Git as a command rather than a package, emphasizing that Git is not a pkg-config retrievable package but just a command.

Applied to files:

  • dockerfiles/Dockerfile
🔇 Additional comments (7)
dockerfiles/Dockerfile (7)

27-32: Good layer optimization via ARG/ENV consolidation.

Combining multi-line ARG declarations (lines 27–28) and ENV declarations (lines 30–32) into single statements reduces intermediate layers. Adding DEBIAN_FRONTEND=noninteractive in the ENV block prevents interactive prompts during package installation, which is a best practice for automated builds.

70-73: ARG/ENV consolidation for build flags is idiomatic.

Consolidating WAMR_BUILD_TARGET and EXTRA_CMAKE_FLAGS into multi-line ARG declarations (lines 70–71) and setting the ENV on line 73 follows Docker best practices. The pattern allows the shell RUN command (line 77) to conditionally extend EXTRA_CMAKE_FLAGS while preserving the original ARG value.

98-99: RUN consolidation reduces layers.

Chaining make -j "$(getconf _NPROCESSORS_ONLN)" and install bin/fluent-bit /fluent-bit/bin/ with && into a single RUN statement (lines 98–99) eliminates an intermediate layer and reduces overall image size.

180-183: EXPOSE directive properly positioned in production stage.

Adding EXPOSE 2020 on line 181 in the production stage documents the service port. Placing it immediately after FROM and before ARG RELEASE_VERSION ensures that port documentation is decoupled from later layer changes, improving build cache efficiency.

200-205: Library extraction COPY pattern is sound for distroless builds.

The addition of COPY --from=deb-extractor /dpkg / (line 201) after SSL certificates (line 198) and before binaries (line 204) correctly layers dependencies. Placing system libraries before binaries follows the principle of ordering by change frequency, optimizing layer reuse.

231-261: Debug image tooling expansion is comprehensive.

The extended apt-get install on lines 231–261 adds debugging essentials (gdb, valgrind, strace), network troubleshooting (tcpdump, nmap, dnsutils, iperf), system profiling (htop, atop, iotop), and development headers. The multi-line formatting with backslash continuations is clean and maintainable.

70-93: Pattern is valid—no issues found.

The ENV/ARG substitution pattern works as intended. When the RUN command executes, the shell automatically has access to the EXTRA_CMAKE_FLAGS environment variable (set on line 73) as a shell variable. The conditional assignment on line 77 modifies that variable within the shell session, and the subsequent expansion on line 90 uses the conditionally modified value. If WAMR_BUILD_TARGET is provided, the flag is appended; otherwise, the original EXTRA_CMAKE_FLAGS value (or empty string if not set) is used. This is a standard and correct Docker pattern for conditional flag modification.

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

Comment @coderabbitai help to get the list of available commands and usage tips.

@github-actions github-actions bot removed the Stale label Nov 17, 2025
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@patrick-stephens patrick-stephens patrick-stephens approved these changes

@niedbalski niedbalski Awaiting requested review from niedbalski niedbalski is a code owner

@celalettin1286 celalettin1286 Awaiting requested review from celalettin1286 celalettin1286 is a code owner

Assignees

No one assigned

Labels

packaging

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@marcofranssen @patrick-stephens