Reduce images size

[Aschen]

Reduce image size

⚠️ Depends on #1635

Reduce Kuzzle images size:

• kuzzleio/kuzzle:2: from 563 Mo to 165 Mo
• kuzzleio/plugin-dev:2: from 968 Mo to 410 Mo

This PR also includes 2 new tags:

• kuzzleio/kuzzle:2-alpine: 140 Mo
• kuzzleio/kuzzle:2-scratch: 94 Mo

I followed the tricks explained here: https://medium.com/trendyol-tech/how-we-reduce-node-docker-image-size-in-3-steps-ff2762b51d5a

Also I made few other changes for the production image:

• remove all object and build files (.o, .h)
• add only relevant files (lib, config, plugins, etc)
• remove .git
• remove useless npm dependencies
• minify JS
• strip re2 and node binaries

The scratch image contains only Node.js (with libstdc++), musl and Kuzzle source code.

Scripts

All docker related scripts are in docker/scripts/:

• entrypoint.sh: the entrypoint
• clean-node.sh: remove every unnecessary file from a directory. If NODE_ENV=production then the JS and JSON files will be minified
• run-dev.sh: used by the core-dev image to run a core-developer stack
• run-plugin.sh: used by plugin-dev to run an application composed of plugins (like we do now)
• run-prod.sh: used by the kuzzle images to run kuzzle in production

How should this be manually tested?

Build the images and play the functional tests

Other changes

• Elasticsearch initialization is now waited with the bin/wait-elasticsearch script instead of curl
• Functionals tests are run in parallel in 2 travis jobs

[Aschen]

I really struggled with the .dockerignore file, it does not seem to work if anyone know why

[alexandrebouthinon]

Update kuzzle directory location in Docker image is a breaking change. Otherwise very nice job 👍

[alexandrebouthinon]

This is a breaking change

[benoitvidis]

Suggested change

	run();
	if (require.main === module) {
	run();
	}

Else, will be called on require (i.e. from kuzzle-start)

[benoitvidis]

Suggested change

	&& for plugin in plugins/available/*; do cd "$plugin"; npm install --production; cd /app; done \
	&& for plugin in plugins/*/*; do npm install --production --prefix "$plugin"; done \

[benoitvidis]

Suggested change

	( echo $NODE_ENV | grep production ) || exit 0
	[ "${NODE_ENV}" = "production" ] || exit 0

This is posix

[alexandrebouthinon]

I used Shellcheck on scripts, there it is some of the easiest warning/error to correct 🙂

[alexandrebouthinon]

Suggested change

	promise_run docker_build 'kuzzle' $TRAVIS_BRANCH 'kuzzle'
	promise_then docker_push 'kuzzle' $TRAVIS_BRANCH
	promise_run docker_build 'kuzzle' $TRAVIS_BRANCH-alpine 'kuzzle.alpine'
	promise_then docker_push 'kuzzle' $TRAVIS_BRANCH-alpine
	promise_run docker_build 'kuzzle' "$TRAVIS_BRANCH" 'kuzzle'
	promise_then docker_push 'kuzzle' "$TRAVIS_BRANCH"
	promise_run docker_build 'kuzzle' "$TRAVIS_BRANCH-alpine" 'kuzzle.alpine'
	promise_then docker_push 'kuzzle' "$TRAVIS_BRANCH-alpine"

[alexandrebouthinon]

Suggested change

	promise_run docker_build 'plugin-dev' $TRAVIS_BRANCH 'plugin-dev'
	promise_then docker_push 'plugin-dev' $TRAVIS_BRANCH
	promise_run docker_build 'plugin-dev' "$TRAVIS_BRANCH" 'plugin-dev'
	promise_then docker_push 'plugin-dev' "$TRAVIS_BRANCH"

[alexandrebouthinon]

Suggested change

	RELEASE_TAG=$(cat package.json | grep version | head -1 | awk -F: '{ print $2 }' | sed 's/[\",]//g' | tr -d '[[:space:]]')
	RELEASE_TAG=$(grep version package.json | head -1 | awk -F: '{ print $2 }' | sed 's/[\",]//g' | tr -d '[:space:]')

[alexandrebouthinon]

Suggested change

	#!/bin/sh
	#!/usr/bin/env sh

[Aschen]

I will wait for Kaaf before finishing this PR

[Aschen]

@benoitvidis About the compression, the decompression is very fast (~4-5s) and it allows to have only 19 mo transiting through the network instead of 94. It could be very useful for K8S environment where the pods have to download the new image before running for example.
Also keeping a lot of images on a server takes a lot of storage. You can clean it but it's not always the case and you also may want to keep previous versions to rollback quickly.

Also the way I copy Kuzzle still allows developers to add plugins in the plugins/* directories

I will leave the kuzzleio/kuzzle, kuzzleio/plugin-dev and kuzzleio/kuzzle:*-alpine without compression and I will create a new kuzzleio/kuzzle:*-everest image with the compression for those who want extra small images, what do you think?

Image sizes:

kuzzleio/kuzzle      plugin-dev      97624376beb0    53 seconds ago  385MB
kuzzleio/kuzzle      kuzzle          be537f211ae9    37 minutes ago  165MB
kuzzleio/kuzzle      kuzzle:alpine   d826c568d69a    10 minutes ago  140MB
kuzzleio/kuzzle      kuzzle:everest  67ef01c1d47e    9 minutes ago   19.5MB

[codecov]

Codecov Report

Merging #1636 into master will not change coverage.
The diff coverage is n/a.

@@           Coverage Diff           @@
##           master    #1636   +/-   ##
=======================================
  Coverage   93.52%   93.52%           
=======================================
  Files         113      113           
  Lines        7197     7197           
=======================================
  Hits         6731     6731           
  Misses        466      466           

---

Continue to review full report at Codecov.

Legend - Click here to learn more
Δ = absolute <relative> (impact), ø = not affected, ? = missing data
Powered by Codecov. Last update c81e218...1ea882f. Read the comment docs.

[alexandrebouthinon]

Suggested change

	set -e
	set -x
	set -ex

[alexandrebouthinon]

set arguments could be combined

[alexandrebouthinon]

Same

[alexandrebouthinon]

Suggested change

	if [ ! -z "$WITHOUT_KUZZLE" ]; then
	if [ -n "$WITHOUT_KUZZLE" ]; then

[alexandrebouthinon]

Missing set -e?

[benoitvidis]

@Aschen , I am still not sure about everest image.

1. docker layers are already compressed. May be worth checking but my guess is there is gain to extra compress the layer for download time.
2. because of the mergefs system, you will get 2 layers on the disk: the one with the compressed tar + the diff once is is extracted, which is also counter productive considering the goal. The docker image ls here needs to be compared vs the real size of the corresponding layers in /var/lib/docker/overlay/merged|diff
3. the rollback issues you are mentioning should not have much impact in most cases, as only the application layer should be updated.

These 2 points + the already discussed UX issues make me really dubious about this image.

[Aschen]

@benoitvidis I replaced the image by a scratch image without the compression (size 94 Mo)

Docker compress layers with Gzip which is not as efficient as Lzma, especially for binary files:

The difference between compressed application layers is not that huge (13Mo gz vs 9.7 Mo lzma) so I agree that for subsequent download of the same image the gain won't be huge:

I still think the compression is useful in a K8S environment because the pods has to download the image whenever they are spawned so it allows to save bandwidth, which is quite expensive in most of the cloud providers.

But I understand your point of view and we need those smaller image so LGTM

[sonarqubecloud]

Kudos, SonarCloud Quality Gate passed!

0 Bugs
0 Vulnerabilities (and 0 Security Hotspots to review)
0 Code Smells

No Coverage information
No Duplication information