介绍

slim 优化容器体验。让您的容器更好、更小、更安全,并且为实现目标而做更少的工作

项目地址:https://github.com/slimtoolkit/slim

安装


wget https://mirror.ghproxy.com/https://github.com/slimtoolkit/slim/releases/download/1.40.11/dist_linux.tar.gz

[root@op2203-01 ~]# tar -xf dist_linux.tar.gz 
[root@op2203-01 ~]# ls
anaconda-ks.cfg  dist_linux  dist_linux.tar.gz

[root@op2203-01 dist_linux]# cp slim /usr/sbin/

[root@op2203-01 dist_linux]# cp slim-sensor /usr/sbin/

[root@op2203-01 dist_linux]# slim update
slim[update]: info=status message='version check was not successful'
slim[update]: state=exited version=linux/amd64|Transformer|1.40.11|1b271555882eacdfb4e6598d6d0552e9b9b1449b|2024-02-02_01:36:22PM
app='slim' message='GitHub Discussions' info='https://github.com/slimtoolkit/slim/discussions'
app='slim' message='Join the CNCF Slack channel to ask questions or to share your feedback' info='https://cloud-native.slack.com/archives/C059QP1RH1S'
app='slim' message='Join the Discord server to ask questions or to share your feedback' info='https://discord.gg/9tDyxYS'
app='slim' message='Join the Gitter channel to ask questions or to share your feedback' info='https://gitter.im/docker-slim/community'

使用

docker镜像导入

[root@op2203-01 ~]# docker images
REPOSITORY   TAG       IMAGE ID   CREATED   SIZE

[root@op2203-01 ~]# docker pull hub.oepkgs.net/openeuler/openeuler:latest
latest: Pulling from openeuler/openeuler
a36dfe0b41a9: Pull complete 
3e736a06a9b7: Pull complete 
Digest: sha256:ae4d69020c10fe2ac3955af80e468d1efc58f2b14cdca878eff300dc48815f96
Status: Downloaded newer image for hub.oepkgs.net/openeuler/openeuler:latest
hub.oepkgs.net/openeuler/openeuler:latest


[root@op2203-01 ~]# docker images
REPOSITORY                           TAG       IMAGE ID       CREATED      SIZE
hub.oepkgs.net/openeuler/openeuler   latest    6f850d8bdb8c   4 days ago   193MB

可以看到openeuler-22.03-lts-sp4镜像大小为193MB

使用slim build

缩小基础镜像的时候,因为没有暴露端口,需要--http-probe=false

[root@op2203-01 dist_linux]# slim build \
        --target hub.oepkgs.net/openeuler/openeuler:latest \
        --tag hub.oepkgs.net/openeuler/openeuler:mix \
        --http-probe=false \
        --continue-after 1
cmd=build state=started
cmd=build info=params image-build-engine='internal' target.type='image' target.image='hub.oepkgs.net/openeuler/openeuler:latest' continue.mode='timeout' rt.as.user='true' keep.perms='true' tags='hub.oepkgs.net/openeuler/openeuler:mix' 
cmd=build state=image.inspection.start
cmd=build info=image id='sha256:6f850d8bdb8c7848f9554f53f16e658382df58841590a2895e57576b10620fbd' size.bytes='193287873' size.human='193 MB' 
cmd=build info=image.stack index='0' name='hub.oepkgs.net/openeuler/openeuler:latest' id='sha256:6f850d8bdb8c7848f9554f53f16e658382df58841590a2895e57576b10620fbd' 
cmd=build state=image.inspection.done
cmd=build state=container.inspection.start
cmd=build info=container status='created' name='slimk_4187_20240705004103' id='ab049b855551670366d5b91cc9ab0b3a404dd973fd922f24751695b6f0b3257a' 
cmd=build info=container status='running' name='slimk_4187_20240705004103' id='ab049b855551670366d5b91cc9ab0b3a404dd973fd922f24751695b6f0b3257a' 
cmd=build info=container message='obtained IP address' ip='172.17.0.2' 
cmd=build info=cmd.startmonitor status='sent' 
cmd=build info=event.startmonitor.done status='received' 
cmd=build info=container name='slimk_4187_20240705004103' id='ab049b855551670366d5b91cc9ab0b3a404dd973fd922f24751695b6f0b3257a' target.port.list='' target.port.info='' message='YOU CAN USE THESE PORTS TO INTERACT WITH THE CONTAINER' 
cmd=build info=continue.after mode='timeout' message='no input required, execution will resume after the timeout' 
cmd=build prompt='waiting for the target container (1 seconds)'
cmd=build info=event message='done waiting for the target container' 
cmd=build state=container.inspection.finishing
cmd=build state=container.inspection.artifact.processing
cmd=build state=container.inspection.done
cmd=build state=building message="building optimized image" engine=internal 
cmd=build state=completed
cmd=build info=results size.optimized='4.2 MB' status='MINIFIED' by='46.18X' size.original='193 MB' 
cmd=build info=results image.digest='sha256:e90b3aceb1d0ca1491d52acdb9e455568ed5f2e61966b52ad95821b1718c4cc1' has.data='true' image-build-engine='internal' image.name='hub.oepkgs.net/openeuler/openeuler:mix' image.size='4.2 MB' image.id='sha256:c92cb5bd270a65e1e4fdfe0b10a09e490ca42b0e44fb51aae8d580ae37a42636' 
cmd=build info=results artifacts.location='/tmp/slim-state/.slim-state/images/6f850d8bdb8c7848f9554f53f16e658382df58841590a2895e57576b10620fbd/artifacts' 
cmd=build info=results artifacts.report='creport.json' 
cmd=build info=results artifacts.dockerfile.reversed='Dockerfile.reversed' 
cmd=build info=results artifacts.seccomp='hub.oepkgs.net-openeuler-openeuler-seccomp.json' 
cmd=build info=results artifacts.apparmor='hub.oepkgs.net-openeuler-openeuler-apparmor-profile' 
cmd=build state=done
cmd=build info=commands message='use the xray command to learn more about the optimize image' 
cmd=build info=report file='slim.report.json' 
app='slim' message='GitHub Discussions' info='https://github.com/slimtoolkit/slim/discussions'
app='slim' message='Join the CNCF Slack channel to ask questions or to share your feedback' info='https://cloud-native.slack.com/archives/C059QP1RH1S'
app='slim' message='Join the Discord server to ask questions or to share your feedback' info='https://discord.gg/9tDyxYS'
app='slim' message='Join the Gitter channel to ask questions or to share your feedback' info='https://gitter.im/docker-slim/community'


[root@op2203-01 dist_linux]# docker images
REPOSITORY                           TAG       IMAGE ID       CREATED         SIZE
hub.oepkgs.net/openeuler/openeuler   mix       c92cb5bd270a   5 seconds ago   4.19MB
hub.oepkgs.net/openeuler/openeuler   latest    6f850d8bdb8c   4 days ago      193MB

此时可以看到缩小到只有4.19M

验证

验证缩小之后的容器是否能正常登陆

[root@op2203-01 ~]# docker run -ti hub.oepkgs.net/openeuler/openeuler:mix bash
bash-5.2# exit

FAQ

如果没有expose去暴露端口的话,使用正常的slim build会报如下错误

alt text

results matching ""

    No results matching ""