docker-slim

Start DockerSlim on interactive mode

$ docker-slim

$ docker-slim xray --target [image:tag]

$ docker-slim lint --target [path/to/Dockerfile]

$ docker-slim build [image:tag]

$ docker-slim [subcommand] --help

docker-slim [global options] [command options]

--archive string
    Archive type: tar, tar.gz, tgz, tar.bz2, tbz2, zip (default: tar.gz)

--artifact-location string
    Directory to store artifacts

--compose-file string
    Path to Docker Compose file

--compose-service string
    Docker Compose service name

--container-network string
    Container network: bridge, host, none

--copy string
    Files to copy from the original image to the slimmed image

--entrypoint string
    Image entrypoint to use

--expose string
    Ports to expose in the slimmed image

--http-probe string
    HTTP probe endpoint to test

--image string
    The Docker image to slim

--include-paths string
    Paths to include in the slimmed image

--keep-tmp
    Keep temporary files created during the slimming process

--mount string
    Mount volumes in the slimmed image

--new-entrypoint string
    New entrypoint to use in the slimmed image

--port string
    Ports to probe when analyzing the application

--publish string
    Publish ports in the slimmed image

--remove-paths string
    Paths to remove from the slimmed image

--report string
    Generate report

--target string
    Target build stage name

--tag string
    Tag the slimmed image with the provided tag

--verbose
    Enable verbose output

--continue-after string
    Stop after this stage

docker-slim analyzes and optimizes Docker images, reducing their size and improving their security. It achieves this by statically and dynamically analyzing the image to identify the minimal set of files required for the application to run. It then creates a new image containing only these essential files, significantly reducing the image size, attack surface, and overall build time. Docker-slim supports various application types and frameworks, making it a versatile tool for Docker image optimization. It offers a suite of options for customizing the slimming process, including specifying entrypoints, exposing ports, and mounting volumes. Docker-slim helps to build more efficient, secure, and portable containerized applications by reducing the attack surface by removing unnecessary files.

Docker-slim's effectiveness depends on the application's runtime behavior. If the application dynamically loads files not detected during the static or dynamic analysis, they might be excluded from the slimmed image, causing runtime errors. Thorough testing of the slimmed image is crucial.

Docker-slim uses dynamic analysis to understand application dependencies. It executes the application within the container and monitors its file system and network activity. This helps to identify the files that the application actually uses at runtime. This analysis is key to minimizing the image size without breaking the application's functionality.
Consider setting the environment before running it.

In addition to dynamic analysis, docker-slim also utilizes static analysis to examine the image's contents and identify potential dependencies and files that are not required for the application's operation. This can include things like development tools, documentation, and sample code that are not needed at runtime.

Docker-slim was created to address the issue of large Docker image sizes, which often contain unnecessary dependencies and files. Its development focused on automating the process of identifying and removing these unnecessary components, thereby reducing the image size and improving security. It has evolved to support various application types and frameworks and to provide a more user-friendly experience.

docker(1), dockerfile(5)