You may not need a Dockerfile
🐳
Explore ways to create images without the Dockerfile
generic approach
Building a “docker image”, or more appropriately an OCI image, is usually associated with
the Dockerfile
format. Although it is one of the most generic way to build an OCI
image, it is definitely not the only way, nor the best way, depending on your use case.
And there is a decent amount of ways to create your image. Let’s try to explore some of
them.
Jason write an amazing article around this : Moving and Building Container Images, The Right Way.
Don’t get me wrong, I used to love Dockerfile
🙃
I love Dockerfile
. They have been extremely useful for the container ecosystem. The
recent evolutions, backed by buildkit
are also very good. But they do come with a bit of
baggages:
- They do not allow (or enable) to write reproducible builds. The timestamps, the
RUN
with “random” commands is getting in the way. - They bring a very big assumption, each and every
RUN
is running in a container. Of course there is tools (as we may, or may not see) that do buildDockerfile
without containers, but they are a bit limited (because of that assumption).
Questions to ask yourself
In order to decide what to use to build a container image, there is a couple of questions to answer. Your answers will help you choose what tool to use.
- Is “reproductible builds” something important to you ?
- Is your CI running in containers ?
- Is your developement environment running in containers ?
- Do you care about running things as root ?
- Do you care about running things as privileged (aka giving the keys to escape the containers to the process running in the container) ?