Skip to main content
Redhat Developers  Logo
  • Products

    Featured

    • Red Hat Enterprise Linux
      Red Hat Enterprise Linux Icon
    • Red Hat OpenShift AI
      Red Hat OpenShift AI
    • Red Hat Enterprise Linux AI
      Linux icon inside of a brain
    • Image mode for Red Hat Enterprise Linux
      RHEL image mode
    • Red Hat OpenShift
      Openshift icon
    • Red Hat Ansible Automation Platform
      Ansible icon
    • Red Hat Developer Hub
      Developer Hub
    • View All Red Hat Products
    • Linux

      • Red Hat Enterprise Linux
      • Image mode for Red Hat Enterprise Linux
      • Red Hat Universal Base Images (UBI)
    • Java runtimes & frameworks

      • JBoss Enterprise Application Platform
      • Red Hat build of OpenJDK
    • Kubernetes

      • Red Hat OpenShift
      • Microsoft Azure Red Hat OpenShift
      • Red Hat OpenShift Virtualization
      • Red Hat OpenShift Lightspeed
    • Integration & App Connectivity

      • Red Hat Build of Apache Camel
      • Red Hat Service Interconnect
      • Red Hat Connectivity Link
    • AI/ML

      • Red Hat OpenShift AI
      • Red Hat Enterprise Linux AI
    • Automation

      • Red Hat Ansible Automation Platform
      • Red Hat Ansible Lightspeed
    • Developer tools

      • Red Hat Trusted Software Supply Chain
      • Podman Desktop
      • Red Hat OpenShift Dev Spaces
    • Developer Sandbox

      Developer Sandbox
      Try Red Hat products and technologies without setup or configuration fees for 30 days with this shared Openshift and Kubernetes cluster.
    • Try at no cost
  • Technologies

    Featured

    • AI/ML
      AI/ML Icon
    • Linux
      Linux Icon
    • Kubernetes
      Cloud icon
    • Automation
      Automation Icon showing arrows moving in a circle around a gear
    • View All Technologies
    • Programming Languages & Frameworks

      • Java
      • Python
      • JavaScript
    • System Design & Architecture

      • Red Hat architecture and design patterns
      • Microservices
      • Event-Driven Architecture
      • Databases
    • Developer Productivity

      • Developer productivity
      • Developer Tools
      • GitOps
    • Secure Development & Architectures

      • Security
      • Secure coding
    • Platform Engineering

      • DevOps
      • DevSecOps
      • Ansible automation for applications and services
    • Automated Data Processing

      • AI/ML
      • Data Science
      • Apache Kafka on Kubernetes
      • View All Technologies
    • Start exploring in the Developer Sandbox for free

      sandbox graphic
      Try Red Hat's products and technologies without setup or configuration.
    • Try at no cost
  • Learn

    Featured

    • Kubernetes & Cloud Native
      Openshift icon
    • Linux
      Rhel icon
    • Automation
      Ansible cloud icon
    • Java
      Java icon
    • AI/ML
      AI/ML Icon
    • View All Learning Resources

    E-Books

    • GitOps Cookbook
    • Podman in Action
    • Kubernetes Operators
    • The Path to GitOps
    • View All E-books

    Cheat Sheets

    • Linux Commands
    • Bash Commands
    • Git
    • systemd Commands
    • View All Cheat Sheets

    Documentation

    • API Catalog
    • Product Documentation
    • Legacy Documentation
    • Red Hat Learning

      Learning image
      Boost your technical skills to expert-level with the help of interactive lessons offered by various Red Hat Learning programs.
    • Explore Red Hat Learning
  • Developer Sandbox

    Developer Sandbox

    • Access Red Hat’s products and technologies without setup or configuration, and start developing quicker than ever before with our new, no-cost sandbox environments.
    • Explore Developer Sandbox

    Featured Developer Sandbox activities

    • Get started with your Developer Sandbox
    • OpenShift virtualization and application modernization using the Developer Sandbox
    • Explore all Developer Sandbox activities

    Ready to start developing apps?

    • Try at no cost
  • Blog
  • Events
  • Videos

Reduce the size of container images with DockerSlim

January 17, 2022
Karan Singh
Related topics:
ContainersLinuxKubernetes
Related products:
Red Hat OpenShiftRed Hat Enterprise Linux

Share:

    Please note DockerSlim cannot be used with Red Hat Enterprise Linux. Red Hat does not support DockerSlim with Podman and no longer provides Docker in RHEL or Red Hat OpenShift. 

    Containers are a great way to package your applications. Packaging your application codebase together with its dependencies creates a container image. The smaller the container image is, the faster your application will spin up for the first time, and the faster it will scale. But many container images are quite large, in the hundreds of megabytes—just search Docker Hub and prepare to be amazed at the image sizes.

    In this article, you'll learn how to optimize Docker container images for size using a project called DockerSlim. DockerSlim, which is open sourced under the Apache 2.0 license, won't change anything in your container image, but can still reduce its size—or minify it—by up to a factor of 30. For applications written in compiled languages, the size reduction can be even more dramatic. DockerSlim also makes your packages more secure by reducing the available attack surface.

    Using DockerSlim

    DockerSlim uses various techniques to optimize and secure container images. For one, it disposes of packages and files from the container image that your application does not need to serve the business logic. Removing additional files helps to reduce the container's attack surface. Using DockerSlim is a simple two-step process.

    Step 1: Install DockerSlim

    The installation steps for DockerSlim are explained in the DockerSlim GitHub repository. Here's how you would install DockerSlim on macOS using brew:

    brew install docker-slim
    

    Step 2: Minify your Docker image

    Once you have DockerSlim installed, you can use it to minify your Docker image by running docker-slim against existing container images. Start by running docker images to list the container images currently available:

    $ docker images
    REPOSITORY                    TAG            IMAGE ID       CREATED         SIZE
    python-hello-world-ubi       latest          50c12e1ca549   13 days ago     169MB

    Next, run docker-slim build against an existing container image to minify it:

    $ docker-slim build python-hello-world-ubi
    docker-slim: message='join the Gitter channel to ask questions or to share your feedback' info='https://gitter.im/docker-slim/community'
    docker-slim: message='join the Discord server to ask questions or to share your feedback' info='https://discord.gg/9tDyxYS'
    docker-slim: message='Github discussions' info='https://github.com/docker-slim/docker-slim/discussions'
    cmd=build info=param.http.probe message='using default probe'
    cmd=build state=started
    cmd=build info=params rt.as.user='true' keep.perms='true' tags='python-hello-world-ubi.slim ' target.type='image' target='python-hello-world-ubi' continue.mode='probe'
    cmd=build state=image.inspection.start
    ...
    ...
    ...
    cmd=build state=done
    cmd=build info=commands message='use the xray command to learn more about the optimize image'
    ...
    ...
    

    docker-slim will generate an optimized image from your source image and store that with a .slim file extension:

    $ docker images
    REPOSITORY                        TAG        IMAGE ID       CREATED         SIZE
    python-hello-world-ubi            latest     50c12e1ca549   13 days ago     169MB
    python-hello-world-ubi.slim       latest     17ba0fab2e4e   13 days ago     25.8MB
    

    In this case, the original image is 169MB, and the newly optimized image is 25.8MB—a 600 percent reduction in size.

    Get a DockerSlim container report

    If you're curious, you can use the docker-slim xray command to get the details about a package's size. The command performs a static analysis on the target container image and reverse-engineers the Dockerfile from the image, telling you what's inside of your container image and why it is so big:

    $ docker-slim xray python-hello-world-ubi

    The xray option on docker-slim generates a slim.report.json file that includes all the details on your container image and provides a great resource for investigating what's inside of it. Here is partial output from an example file:

    ...
    ...
    cmd=xray info=image id='sha256:50c12e1ca549655293c8148359bf80d551cec739c34556d4506f49602f9ea203' size.bytes='168702969' size.human='169 MB'
    cmd=xray info=image.stack index='0' name='python-hello-world-ubi:latest' id='sha256:50c12e1ca549655293c8148359bf80d551cec739c34556d4506f49602f9ea203' instructions='8' message='see report file for details'
    ...
    ...
    cmd=xray info=layer.objects.top.start
    A: mode=-rw-r--r-- size.human='6.9 MB' size.bytes=6949250 uid=0 gid=0 mtime='2021-03-05T16:50:01Z' H=[A:0] '/usr/lib/locale/C.utf8/LC_COLLATE'
    A: mode=-rw-r--r-- size.human='5.2 MB' size.bytes=5194744 uid=0 gid=0 mtime='2021-01-29T16:23:30Z' H=[A:0] '/usr/share/misc/magic.mgc'
    A: mode=-rw-r--r-- size.human='4.8 MB' size.bytes=4837376 uid=0 gid=0 mtime='2021-09-14T16:20:29Z' H=[A:0/M:2] '/var/lib/rpm/Packages'
    A: mode=-rwxr-xr-x size.human='3.2 MB' size.bytes=3167976 uid=0 gid=0 mtime='2021-03-05T17:03:03Z' H=[A:0] '/usr/lib64/libc-2.28.so'
    A: mode=-rwxr-xr-x size.human='3.1 MB' size.bytes=3071456 uid=0 gid=0 mtime='2021-03-25T16:49:50Z' H=[A:0] '/usr/lib64/libcrypto.so.1.1.1g'
    A: mode=-rwxr-xr-x size.human='2.2 MB' size.bytes=2191840 uid=0 gid=0 mtime='2021-03-05T17:03:04Z' H=[A:0] '/usr/lib64/libm-2.28.so'
    A: mode=-rwxr-xr-x size.human='2.1 MB' size.bytes=2052344 uid=0 gid=0 mtime='2021-04-01T13:15:58Z' H=[A:0] '/usr/lib64/libgnutls.so.30.28.0'
    A: mode=-rwxr-xr-x size.human='2.0 MB' size.bytes=1975976 uid=0 gid=0 mtime='2021-03-08T15:43:28Z' H=[A:0] '/usr/lib64/libdnf.so.2'
    A: mode=-rwxr-xr-x size.human='1.9 MB' size.bytes=1869272 uid=0 gid=0 mtime='2021-09-09T06:45:53Z' H=[A:0] '/usr/lib64/libdb-5.3.so'
    A: mode=-rwxr-xr-x size.human='1.8 MB' size.bytes=1770160 uid=0 gid=0 mtime='2021-07-26T13:46:03Z' H=[A:0] '/usr/lib64/libgio-2.0.so.0.5600.4'
    A: mode=-rwxr-xr-x size.human='1.8 MB' size.bytes=1760264 uid=0 gid=0 mtime='2018-08-17T20:47:18Z' H=[A:0] '/usr/lib64/libunistring.so.2.1.0'
    A: mode=-rwxr-xr-x size.human='1.7 MB' size.bytes=1661376 uid=0 gid=0 mtime='2020-09-29T22:13:10Z' H=[A:0] '/usr/lib64/libstdc++.so.6.0.25'
    A: mode=-rwxr-xr-x size.human='1.5 MB' size.bytes=1503528 uid=0 gid=0 mtime='2021-05-19T08:14:20Z' H=[A:0] '/usr/lib64/libxml2.so.2.9.7'
    A: mode=-rwxr-xr-x size.human='1.5 MB' size.bytes=1503456 uid=0 gid=0 mtime='2019-06-14T08:41:36Z' H=[A:0] '/usr/lib64/libgmp.so.10.3.2'
    A: mode=-rwxr-xr-x size.human='1.4 MB' size.bytes=1367288 uid=0 gid=0 mtime='2021-07-28T11:56:34Z' H=[A:0] '/usr/lib64/libsystemd.so.0.23.0'
    A: mode=-rwxr-xr-x size.human='1.3 MB' size.bytes=1321808 uid=0 gid=0 mtime='2021-03-05T17:03:06Z' H=[A:0] '/usr/sbin/ldconfig'
    A: mode=-rwxr-xr-x size.human='1.3 MB' size.bytes=1304120 uid=0 gid=0 mtime='2020-04-14T12:13:07Z' H=[A:0] '/usr/bin/coreutils'
    A: mode=-rwxr-xr-x size.human='1.2 MB' size.bytes=1246520 uid=0 gid=0 mtime='2021-01-11T13:56:24Z' H=[A:0] '/usr/lib64/libp11-kit.so.0.3.0'
    A: mode=-rwxr-xr-x size.human='1.2 MB' size.bytes=1188080 uid=0 gid=0 mtime='2020-06-15T16:21:33Z' H=[A:0] '/usr/lib64/libgcrypt.so.20.2.5'
    A: mode=-rwxr-xr-x size.human='1.2 MB' size.bytes=1167784 uid=0 gid=0 mtime='2021-07-26T13:46:03Z' H=[A:0] '/usr/lib64/libglib-2.0.so.0.5600.4'
    cmd=xray info=layer.objects.top.end
    cmd=xray info=layer.end
    ...
    ...

    Conclusion

    Bloated container images can negatively impact application performance. If you suspect your container image is getting too big, after reading this article you should know how to use DockerSlim to minify it. It's a nice addition to your toolbox.

    Please note DockerSlim cannot be used with Red Hat Enterprise Linux. Red Hat does not support DockerSlim with Podman and no longer provides Docker in RHEL or Red Hat OpenShift. 

    Last updated: September 20, 2023

    Related Posts

    • Build lean Node.js container images with UBI and Podman

    • 10 things to avoid in docker containers

    • How to work around Docker's new download rate limit on Red Hat OpenShift

    • Build lightweight and secure container images using RHEL UBI

    • How to transition from Docker to Podman

    Recent Posts

    • How to run AI models in cloud development environments

    • How Trilio secures OpenShift virtual machines and containers

    • How to implement observability with Node.js and Llama Stack

    • How to encrypt RHEL images for Azure confidential VMs

    • How to manage RHEL virtual machines with Podman Desktop

    What’s up next?

    Podman is one of the next-generation container tools (along with Buildah and Skopeo) included in Red Hat Enterprise Linux. This cheat sheet makes it easy to learn basic commands for working with images, containers, and container resources.

    Get the Podman Basics cheat sheet
    Red Hat Developers logo LinkedIn YouTube Twitter Facebook

    Products

    • Red Hat Enterprise Linux
    • Red Hat OpenShift
    • Red Hat Ansible Automation Platform

    Build

    • Developer Sandbox
    • Developer Tools
    • Interactive Tutorials
    • API Catalog

    Quicklinks

    • Learning Resources
    • E-books
    • Cheat Sheets
    • Blog
    • Events
    • Newsletter

    Communicate

    • About us
    • Contact sales
    • Find a partner
    • Report a website issue
    • Site Status Dashboard
    • Report a security problem

    RED HAT DEVELOPER

    Build here. Go anywhere.

    We serve the builders. The problem solvers who create careers with code.

    Join us if you’re a developer, software engineer, web designer, front-end designer, UX designer, computer scientist, architect, tester, product manager, project manager or team lead.

    Sign me up

    Red Hat legal and privacy links

    • About Red Hat
    • Jobs
    • Events
    • Locations
    • Contact Red Hat
    • Red Hat Blog
    • Inclusion at Red Hat
    • Cool Stuff Store
    • Red Hat Summit

    Red Hat legal and privacy links

    • Privacy statement
    • Terms of use
    • All policies and guidelines
    • Digital accessibility

    Report a website issue