An important thing to do with process based containers or any container is to keep them slim and ensure that only what is necessary is packaged into the image.
For that reason I went with the
python:3.8-alpine base image. After all was said and done the size of the resulting image was
No GCC in that Base Image
Although I needed another python package and this package needed gcc, as shown by this error message in the build process:
running build_ext building 'Cryptodome.Hash._MD2' extension creating build/temp.linux-x86_64-3.8 creating build/temp.linux-x86_64-3.8/src gcc -Wno-unused-result -Wsign-compare -DNDEBUG -g -fwrapv -O3 -Wall -DTHREAD_STACK_SIZE=0x100000 -fPIC -DPYCRYPTO_LITTLE_ENDIAN -DSYS_BITS=64 -DLTC_NO_ASM -Isrc/ -I/usr/local/include/python3.8 -c src/MD2.c -o build/temp.linux-x86_64-3.8/src/MD2.o unable to execute 'gcc': No such file or directory error: command 'gcc' failed with exit status 1
The Wasteful Solution
There is an easy way to fix this problem…use a base image that has
gcc prepackaged. I used
python:3.8 and it just worked.
However that came at a price, the image was now
1.12GB in size.
So I looked around and it seemed ok to just install gcc with
The Ideal Solution
I reverted back to using
python:3.8-alpine and installed gcc and my dependencies in one line:
RUN apk add --no-cache --virtual .build-deps gcc musl-dev \ && pip install --no-cache-dir -r /code/requirements.txt \ && apk del .build-deps
Now the image built correctly and the size was
The ideal solution might not even be this though, as there is the suggestion of multi-stage builds. A Docker image just to build the project and a seperate image just to run.
I think it comes down to batteries included or not.
I’m also not a fan of having too many commands in your dockerfile. It feels like we are dong the job of a system administrator and each line adds risk for errors, bugs and potential security holes.
But use you descretion – horses for courses.