-
Notifications
You must be signed in to change notification settings - Fork 1.1k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Reduce nodejs image size by removing /nodejs/include directory #1548
Comments
Sounds reasonable. Can you point to some documentation about the include directory? |
@loosebazooka I have created a draft #1597 |
I checked that the PR referenced above was merged in May, but I just built an image using gcr.io/distroless/nodejs22-debian12:nonroot (9f0d01f30f68) with a standalone Next.js app, was wondering why it's still 240.03 MB and apparently the Node.js layer is still 114.09 MB. What else needs to happen for these changes to be reflected in the images on gcr.io? |
@daaain the nodejs binary itself is about ~114 MB
If you use dive, you can also see that the layer that adds 115MB only adds the license and node binary. Do you compile next.js into standalone mode? It could reduce the bundle size a little bit.
|
Oh right, I tried to use dive, but it doesn't seem to work on my Mac since I switched docker to use containerd. I'm using standalone mode, so the actual app and dependencies are only 24 MB (you can see in the screenshot as the next layer), so that's why I was wondering where 90% of the image size is coming from. I thought I could get the image using distroless below what's possible with alpine after reading this post, but maybe not. |
I think alpine compiles their node version which some different settings than the official nodejs binary. |
I'm trying to research now what's inside that massive binary and wondering if it has all the dependencies statically linked, in which case the rest of the image could jettison SSL and C libs?
I couldn't find slimmer prebuilt binaries (e.g. small ICU) so sounds like this might then get into a very custom territory like manually building in a full Debian stage and copying the binary over... |
I wouldn’t worry that much about the size of the base image. If multiple images ise the same base image, it’s kinda “cached” on the system as long as they all use the same layers |
Could probably reduce the binary size if we’d compile the binary to be specific for debian. But I think distroless just wants to use original releases, @loosebazooka could probably verify this statement |
If it doesn't complicate the could too much it'd probably be fine. But we don't really build anything else from source so it would be a one off. Wonder if someone at canonical, red hat or chainguard might be more appropriate for this. They might have more flexible build processes |
It'll probably complicate a bit, and could break things, so probably not really worth it |
I don't think it's worth the complexity building from source and / or trying to remove something someone at some point will miss, to me there are 2 opportunities:
|
Describe the bug
Distroless nodejs images currently include the
/nodejs/include
directory (55.4M). A large portion of this is/nodejs/include/node/openssl
(53.9M) which includes include files for multiple architectures and variants.To Reproduce
Steps to reproduce the behavior:
gcr.io/distroless/nodejs20-debian12:latest
orgcr.io/distroless/nodejs20-debian12:debug
images:/nodejs/include
directory within the container. Note that it makes up ~30% of the overall image size even though a compiler is not shipped in the image to use the include files.Expected behavior
Either the nodejs images should omit the
/nodejs/include
directory or provide an image with a different tag to allow users to reduce the size of their nodejs images.Console Output
Additional context
n/a
The text was updated successfully, but these errors were encountered: