tusc / ntopng-udm

ntopng Docker image for the UDM base and UDM pro
164 stars 20 forks source link

Multi Stage Docker Build #6

Closed boostchicken closed 4 years ago

boostchicken commented 4 years ago

It is a docker best practice to keep the image as minimal as possible. It would be great to build all these binaries and then copy them over to a fresh image. Here is a very simple example

https://github.com/boostchicken/udm-utilities/blob/master/nextdns/docker/Dockerfile

It would look like everything you have now, just in the 2nd part you only copy the files you need to have over from the builder image. That looks like redis server, nDPI, and the ntopng binaries.

boostchicken commented 4 years ago

FYI, this is considered a Docker best practice, and also a security one. You don't want a c compiler sitting around incase your box gets compromised :)

tusc commented 4 years ago

@boostchicken have a look at my Dockerfile which gets pushed to dockerhub: https://github.com/tusc/ntopng-udm/blob/master/Dockerfile

I don't include gcc and all the build tools in that image. I build two deb packages, ntop.deb and ntop-data.deb and package them with their dependancies using the debian package build files provided by ntopng.

I agree the image is a little big. Ideally I would like to use alpine Linux but the ntopng team doesn't maintain a recent apkbuild file.

I do provide a secondary Dockerfile for folks that want to build ntopng: https://github.com/tusc/ntopng-udm/blob/master/source/Dockerfile