A Powerful Tool to Diagnosis Docker Images "dive"
To diagnose docker images and get detailed information of the image, including the command history, file system changes, and size of the layers, we need powerful tools. The official docker is shipped with a few commands to help on this, but sometimes that’s not enough. Fortunately, the community has developed a more powerful tool called dive.
Official Commands
- docker history: To get the history of the image layers.
$ docker history [image]- docker inspect: To get the detailed information of the image, including the configuration, environment variables, and labels.
$ docker inspect [image]- docker scout: To get the security information of the image, including the vulnerabilities and compliance issues.
$ docker scout quickview [image]Dive
The output of the official docker commands is a little limited and sometimes hard to read. If we replace that with dive, we can get a more detailed and interactive view of the image layers, like,
$ dive [image]The dive will provide a more detailed view of the image layers, including the command history, file system changes, and size of the layers. It also provides an interactive view to explore the image layers, like,
│ Current Layer Contents ├───────────────────────────────────────────────────────────────────────────────────────────
┃ ● Layers ┣━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━ Permission UID:GID Size Filetree
Cmp Size Command drwxr-xr-x 0:0 919 kB ├── bin
8.8 MB FROM blobs -rwxrwxrwx 0:0 0 B │ ├── arch → /bin/busybox
138 MB RUN /bin/sh -c addgroup -g 1000 node && adduser -u 1000 -G node -s /bin/sh -D node && apk add --n -rwxrwxrwx 0:0 0 B │ ├── ash → /bin/busybox
5.6 MB RUN /bin/sh -c apk add --no-cache --virtual .build-deps-yarn curl gnupg tar && export GNUPGHOME="$(mkte -rwxrwxrwx 0:0 0 B │ ├── base64 → /bin/busybox
388 B COPY docker-entrypoint.sh /usr/local/bin/ # buildkit -rwxrwxrwx 0:0 0 B │ ├── bbconfig → /bin/busybox
68 MB RUN /bin/sh -c apk update && apk add --no-cache curl git tzdata util-linux vim zsh # buildkit -rwxr-xr-x 0:0 919 kB │ ├── busybox
123 MB RUN /bin/sh -c npm install -g gatsby-cli # buildkit -rwxrwxrwx 0:0 0 B │ ├── cat → /bin/busybox
3.0 kB RUN |1 uid=1000 /bin/sh -c if [ $uid -eq 1000 ]; then deluser node; fi; # buildkit -rwxrwxrwx 0:0 0 B │ ├── chattr → /bin/busybox
3.0 kB RUN |1 uid=1000 /bin/sh -c adduser -u $uid -D -s /bin/zsh editor # buildkit -rwxrwxrwx 0:0 0 B │ ├── chgrp → /bin/busybox
354 B COPY .zshrc /home/editor/zshrc_template # buildkit -rwxrwxrwx 0:0 0 B │ ├── chmod → /bin/busybox
0 B WORKDIR /home/editor -rwxrwxrwx 0:0 0 B │ ├── chown → /bin/busybox
10 MB RUN |1 uid=1000 /bin/sh -c env REPO="alexxyjiang/ohmyzsh" zsh -c "$(curl -fsSL https://raw.githubusercont -rwxrwxrwx 0:0 0 B │ ├── cp → /bin/busybox
4.7 MB RUN |1 uid=1000 /bin/sh -c zsh zshrc_template && cp zshrc_template .zshrc && rm zshrc_template # buildkit -rwxrwxrwx 0:0 0 B │ ├── date → /bin/busybox
-rwxrwxrwx 0:0 0 B │ ├── dd → /bin/busybox
-rwxrwxrwx 0:0 0 B │ ├── df → /bin/busybox
│ Layer Details ├──────────────────────────────────────────────────────────────────────────────────────────────────── -rwxrwxrwx 0:0 0 B │ ├── dmesg → /bin/busybox
-rwxrwxrwx 0:0 0 B │ ├── dnsdomainname → /bin/busybox
Tags: (unavailable) -rwxrwxrwx 0:0 0 B │ ├── dumpkmap → /bin/busybox
Id: blobs -rwxrwxrwx 0:0 0 B │ ├── echo → /bin/busybox
Digest: sha256:16113d51b7181f20135f51e8ffbaead20a7671cd783017601f198748ce8a8ebf -rwxrwxrwx 0:0 0 B │ ├── egrep → /bin/busybox
Command: -rwxrwxrwx 0:0 0 B │ ├── false → /bin/busybox
#(nop) ADD file:ee5bb8409915b11413f44cce4c22fed658aba4fb078a448e08dd4ac9a23581f2 in / -rwxrwxrwx 0:0 0 B │ ├── fatattr → /bin/busybox
-rwxrwxrwx 0:0 0 B │ ├── fdflush → /bin/busybox
-rwxrwxrwx 0:0 0 B │ ├── fgrep → /bin/busybox
-rwxrwxrwx 0:0 0 B │ ├── fsync → /bin/busybox
-rwxrwxrwx 0:0 0 B │ ├── getopt → /bin/busybox
-rwxrwxrwx 0:0 0 B │ ├── grep → /bin/busybox
-rwxrwxrwx 0:0 0 B │ ├── gunzip → /bin/busybox
-rwxrwxrwx 0:0 0 B │ ├── gzip → /bin/busybox
-rwxrwxrwx 0:0 0 B │ ├── hostname → /bin/busybox
-rwxrwxrwx 0:0 0 B │ ├── ionice → /bin/busybox
│ Image Details ├──────────────────────────────────────────────────────────────────────────────────────────────────── -rwxrwxrwx 0:0 0 B │ ├── iostat → /bin/busybox
-rwxrwxrwx 0:0 0 B │ ├── ipcalc → /bin/busybox
Image name: alexxyjiang/blog-site-generator:latest -rwxrwxrwx 0:0 0 B │ ├── kbd_mode → /bin/busybox
Total Image size: 359 MB -rwxrwxrwx 0:0 0 B │ ├── kill → /bin/busybox
Potential wasted space: 3.6 MB -rwxrwxrwx 0:0 0 B │ ├── link → /bin/busybox
Image efficiency score: 99 % -rwxrwxrwx 0:0 0 B │ ├── linux32 → /bin/busybox
-rwxrwxrwx 0:0 0 B │ ├── linux64 → /bin/busybox
Count Total Space Path -rwxrwxrwx 0:0 0 B │ ├── ln → /bin/busybox
4 880 kB /etc/ssl/certs/ca-certificates.crt -rwxrwxrwx 0:0 0 B │ ├── login → /bin/busybox
4 277 kB /lib/apk/db/installed -rwxrwxrwx 0:0 0 B │ ├── ls → /bin/busybox
2 133 kB /sbin/fdisk -rwxrwxrwx 0:0 0 B │ ├── lsattr → /bin/busybox
2 70 kB /bin/dmesg -rwxrwxrwx 0:0 0 B │ ├── lzop → /bin/busybox
2 68 kB /usr/bin/logger -rwxrwxrwx 0:0 0 B │ ├── makemime → /bin/busybox
2 68 kB /usr/bin/cal -rwxrwxrwx 0:0 0 B │ ├── mkdir → /bin/busybox
2 68 kB /sbin/losetup -rwxrwxrwx 0:0 0 B │ ├── mknod → /bin/busybox
-rwxrwxrwx 0:0 0 B │ ├── mktemp → /bin/busybox
-rwxrwxrwx 0:0 0 B │ ├── more → /bin/busybox