Skip to content
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.

Commit 0b85785

Browse files
saiarcot895saiarcot895
committedJan 10, 2025·
Work around Docker overlayfs inconsistencies by using rsync
With the new approach of building the images (where the entire final rootfs is copied into the second stage), if the system building the containers is using the overlay2 storage driver (which is the default) and is able to use native diffs (which could be true if CONFIG_OVERLAY_FS_REDIRECT_DIR isn't enabled in the kernel), then the final result of the image will be different than if naive diffs (where Docker compares the metadata of each file and, if needed, the contents to find out if something has changed) were used. Specifically, with native diffs, each container would be much larger, since technically speaking, the whole rootfs is being written to, even if the content ends up the same. This appears to be a known issue (in some form), and workarounds are being thought of in moby/moby#35280. As a workaround, install rsync into the base container, copy the entirely of that into an empty base image, and use rsync to copy only the changed files into the layer in one shot. This does mean that rsync will remain installed in the final built containers, but hopefully this is fine. Signe-off-by: Saikrishna Arcot <sarcot@microsoft.com>
1 parent 7ea1005 commit 0b85785

File tree

46 files changed

+50
-44
lines changed

Some content is hidden

Large Commits have some content hidden by default. Use the searchbox below for content that may be hidden.

46 files changed

+50
-44
lines changed
 

‎dockers/docker-base-bookworm/Dockerfile.j2

+3-1
Original file line numberDiff line numberDiff line change
@@ -35,6 +35,8 @@ RUN apt update && \
3535
python-is-python3 \
3636
vim-tiny \
3737
rsyslog \
38+
# Install rsync for copying over only changes between layers
39+
rsync \
3840
# Install redis-tools
3941
redis-tools \
4042
# common dependencies
@@ -94,6 +96,6 @@ RUN ln /usr/bin/vim.tiny /usr/bin/vim
9496

9597
COPY ["etc/supervisor/supervisord.conf", "/etc/supervisor/"]
9698

97-
FROM $BASE
99+
FROM scratch
98100

99101
COPY --from=base / /

‎dockers/docker-base-bullseye/Dockerfile.j2

+1-1
Original file line numberDiff line numberDiff line change
@@ -98,4 +98,4 @@ COPY ["etc/supervisor/supervisord.conf", "/etc/supervisor/"]
9898

9999
FROM $BASE
100100

101-
COPY --from=base / /
101+
RUN --mount=type=bind,from=base,target=/changes-to-image rsync -axAX --no-D --exclude=sys --exclude=resolv.conf /changes-to-image/ /

0 commit comments

Comments
 (0)
Please sign in to comment.