diff --git a/dockers/docker-base-bookworm/Dockerfile.j2 b/dockers/docker-base-bookworm/Dockerfile.j2 index 14032ed308f3..2886834465bb 100644 --- a/dockers/docker-base-bookworm/Dockerfile.j2 +++ b/dockers/docker-base-bookworm/Dockerfile.j2 @@ -1,12 +1,24 @@ {% set prefix = DEFAULT_CONTAINER_REGISTRY %} {% from "dockers/dockerfile-macros.j2" import install_debian_packages, install_python_wheels, copy_files %} {% if CONFIGURED_ARCH == "armhf" and (MULTIARCH_QEMU_ENVIRON == "y" or CROSS_BUILD_ENVIRON == "y") %} +{% if build_debian_slim == "y" %} +FROM --platform=linux/arm/v7 {{ prefix }}debian:bookworm-slim +{% else %} FROM --platform=linux/arm/v7 {{ prefix }}debian:bookworm +{% endif %} {% elif CONFIGURED_ARCH == "arm64" and (MULTIARCH_QEMU_ENVIRON == "y" or CROSS_BUILD_ENVIRON == "y") %} +{% if build_debian_slim == "y" %} +FROM --platform=linux/arm64 {{ prefix }}debian:bookworm-slim +{% else %} FROM --platform=linux/arm64 {{ prefix }}debian:bookworm +{% endif %} +{% else %} +{% if build_debian_slim == "y" %} +FROM {{ prefix }}{{DOCKER_BASE_ARCH}}/debian:bookworm-slim {% else %} FROM {{ prefix }}{{DOCKER_BASE_ARCH}}/debian:bookworm {% endif %} +{% endif %} # Clean documentation in FROM image RUN find /usr/share/doc -depth \( -type f -o -type l \) ! -name copyright | xargs rm || true diff --git a/dockers/docker-config-engine/Dockerfile.j2 b/dockers/docker-config-engine/Dockerfile.j2 index c470102fa4c4..4a05c1b6de95 100644 --- a/dockers/docker-config-engine/Dockerfile.j2 +++ b/dockers/docker-config-engine/Dockerfile.j2 @@ -1,4 +1,9 @@ +{% from "dockers/dockerfile-macros.j2" import install_debian_packages, install_python_wheels, copy_files %} +{% if squash_base_debian_image == "y" %} +FROM docker-base-{{DOCKER_USERNAME}}:{{DOCKER_USERTAG}} as intermediate +{% else %} FROM docker-base-{{DOCKER_USERNAME}}:{{DOCKER_USERTAG}} +{% endif %} ## Make apt-get non-interactive ENV DEBIAN_FRONTEND=noninteractive @@ -17,29 +22,29 @@ COPY \ debs/{{ deb }}{{' '}} {%- endfor -%} debs/ -{%- endif -%} +{%- endif %} {% if docker_config_engine_debs.strip() %} RUN dpkg -i \ {% for deb in docker_config_engine_debs.split(' ') -%} debs/{{ deb }}{{' '}} {%- endfor %} -{%- endif -%} +{%- endif %} {% if docker_config_engine_whls.strip() %} COPY \ {% for whl in docker_config_engine_whls.split(' ') -%} python-wheels/{{ whl }}{{' '}} -{%- endfor -%} +{%- endfor %} python-wheels/ -{%- endif -%} +{%- endif %} {% if docker_config_engine_whls.strip() %} RUN pip install \ {% for whl in docker_config_engine_whls.split(' ') -%} python-wheels/{{ whl }}{{' '}} {%- endfor %} -{%- endif -%} +{%- endif %} # Copy files COPY ["files/swss_vars.j2", "/usr/share/sonic/templates/"] @@ -47,3 +52,9 @@ COPY ["files/swss_vars.j2", "/usr/share/sonic/templates/"] ## Clean up RUN apt-get purge -y build-essential python-dev; apt-get clean -y; apt-get autoclean -y; apt-get autoremove -y RUN rm -rf /debs /python-wheels + +{% if squash_base_debian_image == "y" %} +# Squash. Only keep the files that remain. +FROM scratch +COPY --from=intermediate / / +{% endif %} \ No newline at end of file diff --git a/rules/config b/rules/config index 3d3a81ce60f2..f2ca30123e24 100644 --- a/rules/config +++ b/rules/config @@ -334,3 +334,9 @@ SONIC_PTF_ENV_PY_VER = mixed # Add timeout on some process which may hangs BUILD_PROCESS_TIMEOUT ?= 0 + +# Build with debian slim image +BUILD_DEBIAN_SLIM = n + +# Squash base docker image to save space and remove secrets in image layers +SQUASH_BASE_DEBIAN_IMAGE = n diff --git a/slave.mk b/slave.mk index f3d9ad3e237e..bf328c22b502 100644 --- a/slave.mk +++ b/slave.mk @@ -1156,6 +1156,8 @@ $(addprefix $(TARGET_PATH)/, $(DOCKER_IMAGES)) : $(TARGET_PATH)/%.gz : .platform export include_system_eventd="$(INCLUDE_SYSTEM_EVENTD)" export build_reduce_image_size="$(BUILD_REDUCE_IMAGE_SIZE)" export sonic_asic_platform="$(patsubst %-$(CONFIGURED_ARCH),%,$(CONFIGURED_PLATFORM))" + export build_debian_slim="$(BUILD_DEBIAN_SLIM)" + export squash_base_debian_image="$(SQUASH_BASE_DEBIAN_IMAGE)" $(eval export $(subst -,_,$(notdir $($*.gz_PATH)))_debs=$(shell printf "$(subst $(SPACE),\n,$(call expand,$($*.gz_DEPENDS),RDEPENDS))\n" | awk '!a[$$0]++')) $(eval export $(subst -,_,$(notdir $($*.gz_PATH)))_pydebs=$(shell printf "$(subst $(SPACE),\n,$(call expand,$($*.gz_PYTHON_DEBS)))\n" | awk '!a[$$0]++')) $(eval export $(subst -,_,$(notdir $($*.gz_PATH)))_whls=$(shell printf "$(subst $(SPACE),\n,$(call expand,$($*.gz_PYTHON_WHEELS)))\n" | awk '!a[$$0]++')) @@ -1459,6 +1461,8 @@ $(addprefix $(TARGET_PATH)/, $(SONIC_INSTALLERS)) : $(TARGET_PATH)/% : \ export include_kubernetes_master="$(INCLUDE_KUBERNETES_MASTER)" export kube_docker_proxy="$(KUBE_DOCKER_PROXY)" export enable_pfcwd_on_start="$(ENABLE_PFCWD_ON_START)" + export build_debian_slim="$(BUILD_DEBIAN_SLIM)" + export squash_base_debian_image="$(SQUASH_BASE_DEBIAN_IMAGE)" export installer_debs="$(addprefix $(IMAGE_DISTRO_DEBS_PATH)/,$($*_INSTALLS) $(FIPS_BASEIMAGE_INSTALLERS))" export lazy_installer_debs="$(foreach deb, $($*_LAZY_INSTALLS),$(foreach device, $($(deb)_PLATFORM),$(addprefix $(device)@, $(IMAGE_DISTRO_DEBS_PATH)/$(deb))))" export lazy_build_installer_debs="$(foreach deb, $($*_LAZY_BUILD_INSTALLS), $(addprefix $($(deb)_MACHINE)|,$(deb)))"