Docker images analysis
Skipped all instruments that need
Docker Desktop
Analyzing container image tools is essential for automating the inspection process, saving time and ensuring consistency across development environments. They assist in optimizing images for better performance and resource utilization, aligning with best practices in containerization.
By integrating such tools into CI/CD
pipelines, teams can ensure that image layer analysis becomes an integral part of the software development lifecycle.
DIVE
A tool for exploring a docker image, layer contents, and discovering ways to shrink the size of your Docker/OCI image.
Two ways how to analyse nginx
images
- Run from
docker
1
docker run -ti --rm -v /var/run/docker.sock:/var/run/docker.sock wagoodman/dive nginx
- Install
dive
locally. See https://github.com/wagoodman/dive/blob/main/README.md#installation1
dive nginx
Slim from Slim Toolkit
Slim allows developers to inspect, optimize and debug their containers using its xray, lint, build, debug, run, images, merge, registry, vulnerability (and other) commands.
slim build
to optimize vanilla nginx
image
Download nginx
|
|
Run slim from docker
. Use additional flags (like --http-probe=false
)
|
|
slim xray
containers’ underhood
xray
- performs static analysis for the target container image (including ‘reverse engineering’ the Dockerfile for the image). Use this command if you want to know what’s inside your container image and what makes it fat.
|
|