Gaurav
Back to Blogs

Optimizing Docker Image Using Multistage Builds

January 15, 20245 min read

Introduction

Docker has revolutionized the way we package and deploy applications. However, as applications grow in complexity, Docker images can become quite large, leading to slower deployments and increased storage costs. This is where multistage builds come into play.

What are Multistage Builds?

Multistage builds allow you to use multiple FROM statements in your Dockerfile. Each FROM instruction begins a new stage of the build, and you can selectively copy artifacts from one stage to another, leaving behind everything you don't want in the final image.

Example Dockerfile

Here's a practical example of a multistage Dockerfile for a Node.js application:

# Build stage
FROM node:18-alpine AS builder
WORKDIR /app
COPY package*.json ./
RUN npm ci --only=production

# Production stage
FROM node:18-alpine AS production
WORKDIR /app
COPY --from=builder /app/node_modules ./node_modules
COPY . .
EXPOSE 3000
CMD ["npm", "start"]

Benefits of Multistage Builds

  • Smaller final image size: Only production dependencies are included
  • Better security: Fewer packages and tools in production
  • Faster deployments: Smaller images transfer faster
  • Reduced storage costs: Less disk space required

Best Practices

When using multistage builds, consider the following:

  1. Use specific base images (avoid latest tags)
  2. Minimize the number of layers in each stage
  3. Clean up unnecessary files and dependencies
  4. Use .dockerignore files to exclude unwanted files
  5. Optimize the order of operations for better layer caching

Advanced Example

Here's a more complex example for a Go application:

# Build stage
FROM golang:1.21-alpine AS builder
WORKDIR /app
COPY go.mod go.sum ./
RUN go mod download
COPY . .
RUN CGO_ENABLED=0 GOOS=linux go build -a -installsuffix cgo -o main .

# Production stage
FROM alpine:latest
RUN apk --no-cache add ca-certificates
WORKDIR /root/
COPY --from=builder /app/main .
CMD ["./main"]

Performance Impact

The performance improvements from multistage builds can be significant. In many cases, you can reduce image size by 50-80% compared to single-stage builds. This translates to:

  • Faster container startup times
  • Reduced network transfer times during deployments
  • Lower storage costs in container registries
  • Improved CI/CD pipeline performance

Conclusion

Multistage builds are a powerful feature that can significantly improve your Docker workflow. By separating build and runtime environments, you can create more efficient and secure container images. The initial setup might require some extra thought, but the benefits in terms of performance, security, and cost make it well worth the effort.

Start implementing multistage builds in your Dockerfiles today, and you'll quickly see the difference in your containerized applications.