From 2b69cb887c2ff8d672f306a1cdba73c385379082 Mon Sep 17 00:00:00 2001 From: Shaun Smith Date: Mon, 28 Oct 2024 13:47:05 -0400 Subject: [PATCH] Removed sbom, binutils, updated README --- tiny-java-containers/README.md | 23 ++++++++++--------- .../Dockerfile.distroless-base.mostly | 2 +- .../Dockerfile.distroless-java-base.dynamic | 2 +- .../Dockerfile.distroless-java-base.jlink | 1 - .../Dockerfile.distroless-static.static | 2 +- .../jwebserver/Dockerfile.scratch.static | 2 +- .../jwebserver/Dockerfile.scratch.static-upx | 2 +- 7 files changed, 17 insertions(+), 17 deletions(-) diff --git a/tiny-java-containers/README.md b/tiny-java-containers/README.md index 8339f2eb..f92a5f54 100644 --- a/tiny-java-containers/README.md +++ b/tiny-java-containers/README.md @@ -21,7 +21,8 @@ App](images/youtube.png)](https://youtu.be/6wYrAtngIVo) ## Prerequisites * x86 Linux (but the few binary dependencies could easily be changed for aarch64) -* Docker installed and running. It should work fine with [podman](https://podman.io/) but it has not been tested. +* Docker installed and running. It should work fine with + [podman](https://podman.io/) but it has not been tested. > NOTE: These instructions have only been tested on Linux x64. @@ -56,8 +57,8 @@ In a terminal, run: 1. The `hello` executable generated by GraalVM Native Image in the Dockerfile using the `--static --libc=musl` options is a fully self-contained executable. This means that it does not rely on any libraries in the host - operating system environment. This makes it easier to package in a variety of container images. - of Docker container images. + operating system environment. This makes it easier to package in a variety of + container images. 2. You can see in the output of the Dockerfile build that `ls -lh` reports the `hello` executable is ~4.9MB. There's no JVM, no JARs, no JIT compiler and @@ -72,8 +73,8 @@ In a terminal, run: ### Container Images -The size of the `scratch`-based container image is about the same size as the `hello.upx` -executable since it adds little overhead. +The size of the `scratch`-based container image is about the same size as the +`hello.upx` executable since it adds little overhead. ![](images/keyboard.jpg) `docker images hello` @@ -104,7 +105,7 @@ introduced in JDK 18 and build a containerized executable that serves up web pages. How small can a containerized Java web server be? Would you believe a measly -4.4MB? Let's see. +3.9 MB? Let's see. Let's move from the `helloworld` folder over to the `jwebserver` folder. @@ -139,7 +140,7 @@ jwebserver distroless-java de7f7efb6df4 4 minutes jwebserver temurin 643203bf8168 4 minutes ago 451MB jwebserver debian fa5bfa4b2e5e 4 minutes ago 932MB jwebserver distroless-java-base.jlink c3113c2400ea 5 minutes ago 122MB -jwebserver scratch.static-upx 75b3bb3249f3 5 minutes ago 4.12MB +jwebserver scratch.static-upx 75b3bb3249f3 5 minutes ago 3.9MB jwebserver alpine.static 178081760470 6 minutes ago 21.6MB jwebserver distroless-static.static 84053f6323c1 6 minutes ago 15.8MB jwebserver scratch.static 98061f48037c 6 minutes ago 13.8MB @@ -149,7 +150,7 @@ jwebserver distroless-java-base.dynamic 1aceeabbb329 7 minutes Sorting by size, it's clear that the fully statically linked GraalVM Native Image generated executable that's compressed and packaged on `scratch` -(`scratch.static-upx`) is the smallest at just 4.71MB, less than 4% of the size +(`scratch.static-upx`) is the smallest at just 3.9 MB, less than 4% of the size of the `jlink` version (`distroless-java-base.jlink`) running on the JVM. | Base Image | App Version | Size (MB) | @@ -163,16 +164,16 @@ of the `jlink` version (`distroless-java-base.jlink`) running on the JVM. | Alpine | native *fully* static linked | 21.60 | | Distroless Static | native *fully* static linked | 15.80 | | Scratch | native *fully* static linked | 13.80 | -| Scratch | *compressed* native *fully* static | 4.12 | +| Scratch | *compressed* native *fully* static | 3.90 | Running a container image is once again straight forward, just remember to map the server port, e.g.: -![](images/keyboard.jpg) `docker run --rm -p8000:8000 jwebserver:scratch.static` +![](images/keyboard.jpg) `docker run --init --rm -p8000:8000 jwebserver:scratch.static` or -![](images/keyboard.jpg) `docker run --rm -p8000:8000 jwebserver:scratch.static-upx` +![](images/keyboard.jpg) `docker run --init --rm -p8000:8000 jwebserver:scratch.static-upx` Using `curl` or your favourite tool you can hit `http://localhost:8000` to fetch the index.html file. diff --git a/tiny-java-containers/jwebserver/Dockerfile.distroless-base.mostly b/tiny-java-containers/jwebserver/Dockerfile.distroless-base.mostly index 0c608259..cda4e7c1 100644 --- a/tiny-java-containers/jwebserver/Dockerfile.distroless-base.mostly +++ b/tiny-java-containers/jwebserver/Dockerfile.distroless-base.mostly @@ -1,7 +1,7 @@ FROM container-registry.oracle.com/graalvm/native-image:23 AS nativebuild WORKDIR /build # Build a native executable optimizing for size with `-Os` -RUN native-image --static-nolibc -Os --enable-sbom=cyclonedx -m jdk.httpserver -o jwebserver.mostly +RUN native-image --static-nolibc -Os -m jdk.httpserver -o jwebserver.mostly RUN ls -lh jwebserver.mostly FROM gcr.io/distroless/base-debian12 diff --git a/tiny-java-containers/jwebserver/Dockerfile.distroless-java-base.dynamic b/tiny-java-containers/jwebserver/Dockerfile.distroless-java-base.dynamic index 25107158..a1bc87ce 100644 --- a/tiny-java-containers/jwebserver/Dockerfile.distroless-java-base.dynamic +++ b/tiny-java-containers/jwebserver/Dockerfile.distroless-java-base.dynamic @@ -1,7 +1,7 @@ FROM container-registry.oracle.com/graalvm/native-image:23 AS nativebuild WORKDIR /build # Build a dynamically linked native executable optimizing for size with `-Os` -RUN native-image -Os --enable-sbom=cyclonedx -m jdk.httpserver -o jwebserver.dynamic +RUN native-image -Os -m jdk.httpserver -o jwebserver.dynamic RUN ls -lh jwebserver.dynamic FROM gcr.io/distroless/java-base-debian12 diff --git a/tiny-java-containers/jwebserver/Dockerfile.distroless-java-base.jlink b/tiny-java-containers/jwebserver/Dockerfile.distroless-java-base.jlink index 20f71e06..066c8db8 100644 --- a/tiny-java-containers/jwebserver/Dockerfile.distroless-java-base.jlink +++ b/tiny-java-containers/jwebserver/Dockerfile.distroless-java-base.jlink @@ -1,5 +1,4 @@ FROM container-registry.oracle.com/graalvm/jdk:23 AS build -RUN microdnf install -y binutils WORKDIR /build # Build a runtime image optimized for size RUN jlink \ diff --git a/tiny-java-containers/jwebserver/Dockerfile.distroless-static.static b/tiny-java-containers/jwebserver/Dockerfile.distroless-static.static index 47e5630e..b7136238 100644 --- a/tiny-java-containers/jwebserver/Dockerfile.distroless-static.static +++ b/tiny-java-containers/jwebserver/Dockerfile.distroless-static.static @@ -1,7 +1,7 @@ FROM container-registry.oracle.com/graalvm/native-image:23-muslib AS nativebuild WORKDIR /build # Build a statically linked native executable optimizing for size with `-Os` -RUN native-image --static --libc=musl -Os --enable-sbom=cyclonedx -m jdk.httpserver -o jwebserver.static +RUN native-image --static --libc=musl -Os -m jdk.httpserver -o jwebserver.static RUN ls -lh jwebserver.static FROM gcr.io/distroless/static-debian12 diff --git a/tiny-java-containers/jwebserver/Dockerfile.scratch.static b/tiny-java-containers/jwebserver/Dockerfile.scratch.static index 02545ab1..595add72 100644 --- a/tiny-java-containers/jwebserver/Dockerfile.scratch.static +++ b/tiny-java-containers/jwebserver/Dockerfile.scratch.static @@ -1,7 +1,7 @@ FROM container-registry.oracle.com/graalvm/native-image:23-muslib AS nativebuild WORKDIR /build # Build a statically linked native executable optimizing for size with `-Os` -RUN native-image --static --libc=musl -Os --enable-sbom=cyclonedx -m jdk.httpserver -o jwebserver.static +RUN native-image --static --libc=musl -Os -m jdk.httpserver -o jwebserver.static RUN ls -lh jwebserver.static FROM scratch diff --git a/tiny-java-containers/jwebserver/Dockerfile.scratch.static-upx b/tiny-java-containers/jwebserver/Dockerfile.scratch.static-upx index 31fe91cd..9aa0d697 100644 --- a/tiny-java-containers/jwebserver/Dockerfile.scratch.static-upx +++ b/tiny-java-containers/jwebserver/Dockerfile.scratch.static-upx @@ -2,7 +2,7 @@ FROM container-registry.oracle.com/graalvm/native-image:23-muslib AS nativebuild WORKDIR /build # Build a statically linked native executable optimizing for size with `-Os` -RUN native-image --static --libc=musl -Os --enable-sbom=cyclonedx -m jdk.httpserver -o jwebserver.static +RUN native-image --static --libc=musl -Os -m jdk.httpserver -o jwebserver.static RUN ls -lh jwebserver.static # Install and use UPX