From 11e6734ed5cef2ceed14295e4abb25b09e463c86 Mon Sep 17 00:00:00 2001 From: Michael Rademaker Date: Wed, 10 Dec 2025 20:57:19 +0100 Subject: [PATCH 1/3] Optimize Dockerfile to reduce image size and improve build efficiency Consolidated multiple RUN commands into single layers to minimize image size. Combined apt-get operations with cleanup in one RUN statement. Added fd-find removal after use and comprehensive cleanup of docs, man pages, cache, and temp files. Reorganized multi-stage build with clearer stage comments and added final cleanup of copied PostgreSQL version directories. --- Dockerfile | 67 +++++++++++++++++++++++++++++++++--------------------- 1 file changed, 41 insertions(+), 26 deletions(-) diff --git a/Dockerfile b/Dockerfile index fd95e43..7bced8c 100644 --- a/Dockerfile +++ b/Dockerfile @@ -1,52 +1,67 @@ - ARG PG_MAJOR=17 ARG TIMESCALE_VERSION=2.22 +# Stage 1: Prepare the main image with UID/GID changes and cleanup FROM timescale/timescaledb-ha:pg17-ts${TIMESCALE_VERSION} AS trimmed LABEL maintainer="support@openremote.io" USER root -# install fd to find files to speed up chown and chgrp -RUN apt-get update && apt-get install -y fd-find && rm -rf /var/lib/apt/lists/* - -# Give postgres user the same UID and GID as the old alpine postgres image to simplify migration of existing DB -RUN usermod -u 70 postgres \ - && groupmod -g 70 postgres \ - && (fd / -group 1000 -exec chgrp -h postgres {} \; || true) \ - && (fd / -user 1000 -exec chown -h postgres {} \; || true) - -# Set PGDATA to the same location as our old alpine image -RUN mkdir -p /var/lib/postgresql && mv /home/postgres/pgdata/* /var/lib/postgresql/ && chown -R postgres:postgres /var/lib/postgresql - -# Add custom entry point (see file header for details) +# Install fd-find, fix UID/GID, setup directories, copy files, and cleanup - all in one layer COPY or-entrypoint.sh / -RUN chmod +x /or-entrypoint.sh - -# Add custom initdb script(s) COPY docker-entrypoint-initdb.d/ /docker-entrypoint-initdb.d/ -RUN chmod +x /docker-entrypoint-initdb.d/* - -# Below is mostly copied from https://github.com/timescale/timescaledb-docker-ha/blob/master/Dockerfile (with OR specific entrypoint, -# workdir and OR env defaults) - -# Get the -all variant which contains multiple PostgreSQL versions -# According to TimescaleDB docs: "timescale/timescaledb-ha images have the files necessary to run previous versions" +RUN apt-get update && apt-get install -y --no-install-recommends fd-find \ + # Give postgres user the same UID and GID as the old alpine postgres image + && usermod -u 70 postgres \ + && groupmod -g 70 postgres \ + && (fdfind . / -group 1000 -exec chgrp -h postgres {} \; 2>/dev/null || true) \ + && (fdfind . / -user 1000 -exec chown -h postgres {} \; 2>/dev/null || true) \ + # Set PGDATA to the same location as our old alpine image + && mkdir -p /var/lib/postgresql \ + && mv /home/postgres/pgdata/* /var/lib/postgresql/ \ + && chown -R postgres:postgres /var/lib/postgresql \ + # Make scripts executable + && chmod +x /or-entrypoint.sh /docker-entrypoint-initdb.d/* \ + # Remove fd-find and clean up + && apt-get purge -y fd-find \ + && apt-get autoremove -y --purge \ + && apt-get clean \ + && rm -rf /var/lib/apt/lists/* \ + /var/cache/apt/* \ + /var/log/* \ + /usr/share/doc/* \ + /usr/share/man/* \ + /usr/share/info/* \ + /usr/share/lintian/* \ + /tmp/* \ + /var/tmp/* \ + /root/.cache + +# Stage 2: Get PostgreSQL 14/15 binaries for upgrade support FROM timescale/timescaledb-ha:pg17-ts${TIMESCALE_VERSION}-all AS trimmed-all -## Create a smaller Docker image from the builder image +# Stage 3: Create final minimal image FROM scratch COPY --from=trimmed / / ARG PG_MAJOR -## Copy only PostgreSQL 14 and 15 for upgrade support +# Copy only PostgreSQL 14 and 15 lib directories for pg_upgrade support COPY --from=trimmed-all /usr/lib/postgresql/14 /usr/lib/postgresql/14 COPY --from=trimmed-all /usr/lib/postgresql/15 /usr/lib/postgresql/15 +# Copy minimal share files needed for upgrades COPY --from=trimmed-all /usr/share/postgresql/14 /usr/share/postgresql/14 COPY --from=trimmed-all /usr/share/postgresql/15 /usr/share/postgresql/15 +# Clean up docs/man from copied PG versions and any remaining cruft +RUN rm -rf /usr/share/postgresql/14/man \ + /usr/share/postgresql/15/man \ + /usr/share/doc/* \ + /usr/share/man/* \ + /var/cache/* \ + /var/log/* + # Increment this to indicate that a re-index should be carried out on first startup with existing data; REINDEX can still be overidden # with OR_DISABLE_REINDEX=true ARG OR_REINDEX_COUNTER=1 From f22ad7a2b4bc5c92684c8adbf4cc569ccf51be85 Mon Sep 17 00:00:00 2001 From: Michael Date: Thu, 11 Dec 2025 11:14:33 +0100 Subject: [PATCH 2/3] Optimize Dockerfile to reduce image size through multi-stage build and binary stripping Restructured Dockerfile to use multi-stage build pattern with pg-all stage for extracting PostgreSQL 14/15 binaries. Added strip operations to remove debug symbols from all PostgreSQL binaries and shared libraries. Removed unnecessary extension, man, doc, and contrib files from old PostgreSQL versions before copying. Consolidated cleanup operations into single RUN layer and added locale cleanup. --- Dockerfile | 65 ++++++++++++++++++++++++++++++++---------------------- 1 file changed, 39 insertions(+), 26 deletions(-) diff --git a/Dockerfile b/Dockerfile index 7bced8c..de1b3b5 100644 --- a/Dockerfile +++ b/Dockerfile @@ -1,16 +1,44 @@ ARG PG_MAJOR=17 ARG TIMESCALE_VERSION=2.22 -# Stage 1: Prepare the main image with UID/GID changes and cleanup -FROM timescale/timescaledb-ha:pg17-ts${TIMESCALE_VERSION} AS trimmed +# Stage 1: Get PostgreSQL 14/15 binaries for upgrade support +FROM timescale/timescaledb-ha:pg17-ts${TIMESCALE_VERSION}-all AS pg-all + +USER root + +# Strip debug symbols and remove unnecessary files from PG 14/15 in this stage +# For pg_upgrade we only need bin/ and lib/, plus minimal share files (NOT extensions) +RUN find /usr/lib/postgresql/14 /usr/lib/postgresql/15 -type f -name '*.so*' -exec strip --strip-unneeded {} \; 2>/dev/null || true \ + && find /usr/lib/postgresql/14 /usr/lib/postgresql/15 -type f -executable -exec strip --strip-unneeded {} \; 2>/dev/null || true \ + && rm -rf /usr/share/postgresql/14/extension \ + /usr/share/postgresql/15/extension \ + /usr/share/postgresql/14/man \ + /usr/share/postgresql/15/man \ + /usr/share/postgresql/14/doc \ + /usr/share/postgresql/15/doc \ + /usr/share/postgresql/14/contrib \ + /usr/share/postgresql/15/contrib + +# Stage 2: Prepare the main image with UID/GID changes and cleanup +FROM timescale/timescaledb-ha:pg17-ts${TIMESCALE_VERSION} AS final LABEL maintainer="support@openremote.io" USER root -# Install fd-find, fix UID/GID, setup directories, copy files, and cleanup - all in one layer +# Copy only PG 14/15 bin directories for pg_upgrade (lib is needed for binaries to work) +COPY --from=pg-all /usr/lib/postgresql/14/bin /usr/lib/postgresql/14/bin +COPY --from=pg-all /usr/lib/postgresql/14/lib /usr/lib/postgresql/14/lib +COPY --from=pg-all /usr/lib/postgresql/15/bin /usr/lib/postgresql/15/bin +COPY --from=pg-all /usr/lib/postgresql/15/lib /usr/lib/postgresql/15/lib +# Copy minimal share files needed for pg_upgrade (excluding extensions which are ~500MB each) +COPY --from=pg-all /usr/share/postgresql/14 /usr/share/postgresql/14 +COPY --from=pg-all /usr/share/postgresql/15 /usr/share/postgresql/15 + +# Copy entrypoint scripts COPY or-entrypoint.sh / COPY docker-entrypoint-initdb.d/ /docker-entrypoint-initdb.d/ +# Install fd-find, fix UID/GID, setup directories, strip binaries, and cleanup - all in one layer RUN apt-get update && apt-get install -y --no-install-recommends fd-find \ # Give postgres user the same UID and GID as the old alpine postgres image && usermod -u 70 postgres \ @@ -23,6 +51,9 @@ RUN apt-get update && apt-get install -y --no-install-recommends fd-find \ && chown -R postgres:postgres /var/lib/postgresql \ # Make scripts executable && chmod +x /or-entrypoint.sh /docker-entrypoint-initdb.d/* \ + # Strip debug symbols from PostgreSQL binaries to reduce size + && find /usr/lib/postgresql -type f -name '*.so*' -exec strip --strip-unneeded {} \; 2>/dev/null || true \ + && find /usr/lib/postgresql -type f -executable -exec strip --strip-unneeded {} \; 2>/dev/null || true \ # Remove fd-find and clean up && apt-get purge -y fd-find \ && apt-get autoremove -y --purge \ @@ -34,34 +65,16 @@ RUN apt-get update && apt-get install -y --no-install-recommends fd-find \ /usr/share/man/* \ /usr/share/info/* \ /usr/share/lintian/* \ + /usr/share/locale/* \ /tmp/* \ /var/tmp/* \ - /root/.cache - -# Stage 2: Get PostgreSQL 14/15 binaries for upgrade support -FROM timescale/timescaledb-ha:pg17-ts${TIMESCALE_VERSION}-all AS trimmed-all - -# Stage 3: Create final minimal image -FROM scratch -COPY --from=trimmed / / + /root/.cache \ + /home/postgres/.cache \ + /usr/share/postgresql/*/man \ + /usr/share/postgresql/*/doc ARG PG_MAJOR -# Copy only PostgreSQL 14 and 15 lib directories for pg_upgrade support -COPY --from=trimmed-all /usr/lib/postgresql/14 /usr/lib/postgresql/14 -COPY --from=trimmed-all /usr/lib/postgresql/15 /usr/lib/postgresql/15 -# Copy minimal share files needed for upgrades -COPY --from=trimmed-all /usr/share/postgresql/14 /usr/share/postgresql/14 -COPY --from=trimmed-all /usr/share/postgresql/15 /usr/share/postgresql/15 - -# Clean up docs/man from copied PG versions and any remaining cruft -RUN rm -rf /usr/share/postgresql/14/man \ - /usr/share/postgresql/15/man \ - /usr/share/doc/* \ - /usr/share/man/* \ - /var/cache/* \ - /var/log/* - # Increment this to indicate that a re-index should be carried out on first startup with existing data; REINDEX can still be overidden # with OR_DISABLE_REINDEX=true ARG OR_REINDEX_COUNTER=1 From b6e95874357b074672d21d543b173e274650ce43 Mon Sep 17 00:00:00 2001 From: Michael Date: Thu, 18 Dec 2025 15:08:18 +0100 Subject: [PATCH 3/3] Remove unused extension --- Dockerfile | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) diff --git a/Dockerfile b/Dockerfile index de1b3b5..aea507c 100644 --- a/Dockerfile +++ b/Dockerfile @@ -2,7 +2,7 @@ ARG PG_MAJOR=17 ARG TIMESCALE_VERSION=2.22 # Stage 1: Get PostgreSQL 14/15 binaries for upgrade support -FROM timescale/timescaledb-ha:pg17-ts${TIMESCALE_VERSION}-all AS pg-all +FROM timescale/timescaledb-ha:pg${PG_MAJOR}-ts${TIMESCALE_VERSION}-all AS pg-all USER root @@ -20,7 +20,7 @@ RUN find /usr/lib/postgresql/14 /usr/lib/postgresql/15 -type f -name '*.so*' -ex /usr/share/postgresql/15/contrib # Stage 2: Prepare the main image with UID/GID changes and cleanup -FROM timescale/timescaledb-ha:pg17-ts${TIMESCALE_VERSION} AS final +FROM timescale/timescaledb-ha:pg${PG_MAJOR}-ts${TIMESCALE_VERSION} AS final LABEL maintainer="support@openremote.io" USER root @@ -70,6 +70,7 @@ RUN apt-get update && apt-get install -y --no-install-recommends fd-find \ /var/tmp/* \ /root/.cache \ /home/postgres/.cache \ + /usr/local/lib/pgai \ /usr/share/postgresql/*/man \ /usr/share/postgresql/*/doc