All Articles

A Powerful Tool to Diagnosis Docker Images "dive"

docker-detective

To diagnose docker images and get detailed information of the image, including the command history, file system changes, and size of the layers, we need powerful tools. The official docker is shipped with a few commands to help on this, but sometimes that’s not enough. Fortunately, the community has developed a more powerful tool called dive.

Official Commands

  • docker history: To get the history of the image layers.
$ docker history [image]
  • docker inspect: To get the detailed information of the image, including the configuration, environment variables, and labels.
$ docker inspect [image]
  • docker scout: To get the security information of the image, including the vulnerabilities and compliance issues.
$ docker scout quickview [image]

Dive

The output of the official docker commands is a little limited and sometimes hard to read. If we replace that with dive, we can get a more detailed and interactive view of the image layers, like,

$ dive [image]

The dive will provide a more detailed view of the image layers, including the command history, file system changes, and size of the layers. It also provides an interactive view to explore the image layers, like,

                                                                                                                      │ Current Layer Contents ├───────────────────────────────────────────────────────────────────────────────────────────
┃ ● Layers ┣━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━ Permission     UID:GID       Size  Filetree
Cmp   Size  Command                                                                                                   drwxr-xr-x         0:0     919 kB  ├── bin
    8.8 MB  FROM blobs                                                                                                -rwxrwxrwx         0:0        0 B  │   ├── arch → /bin/busybox
    138 MB  RUN /bin/sh -c addgroup -g 1000 node     && adduser -u 1000 -G node -s /bin/sh -D node     && apk add --n -rwxrwxrwx         0:0        0 B  │   ├── ash → /bin/busybox
    5.6 MB  RUN /bin/sh -c apk add --no-cache --virtual .build-deps-yarn curl gnupg tar   && export GNUPGHOME="$(mkte -rwxrwxrwx         0:0        0 B  │   ├── base64 → /bin/busybox
     388 B  COPY docker-entrypoint.sh /usr/local/bin/ # buildkit                                                      -rwxrwxrwx         0:0        0 B  │   ├── bbconfig → /bin/busybox
     68 MB  RUN /bin/sh -c apk update   && apk add --no-cache curl git tzdata util-linux vim zsh # buildkit           -rwxr-xr-x         0:0     919 kB  │   ├── busybox
    123 MB  RUN /bin/sh -c npm install -g gatsby-cli # buildkit                                                       -rwxrwxrwx         0:0        0 B  │   ├── cat → /bin/busybox
    3.0 kB  RUN |1 uid=1000 /bin/sh -c if [ $uid -eq 1000 ]; then deluser node; fi; # buildkit                        -rwxrwxrwx         0:0        0 B  │   ├── chattr → /bin/busybox
    3.0 kB  RUN |1 uid=1000 /bin/sh -c adduser -u $uid -D -s /bin/zsh editor # buildkit                               -rwxrwxrwx         0:0        0 B  │   ├── chgrp → /bin/busybox
     354 B  COPY .zshrc /home/editor/zshrc_template # buildkit                                                        -rwxrwxrwx         0:0        0 B  │   ├── chmod → /bin/busybox
       0 B  WORKDIR /home/editor                                                                                      -rwxrwxrwx         0:0        0 B  │   ├── chown → /bin/busybox
     10 MB  RUN |1 uid=1000 /bin/sh -c env REPO="alexxyjiang/ohmyzsh" zsh -c "$(curl -fsSL https://raw.githubusercont -rwxrwxrwx         0:0        0 B  │   ├── cp → /bin/busybox
    4.7 MB  RUN |1 uid=1000 /bin/sh -c zsh zshrc_template && cp zshrc_template .zshrc && rm zshrc_template # buildkit -rwxrwxrwx         0:0        0 B  │   ├── date → /bin/busybox
                                                                                                                      -rwxrwxrwx         0:0        0 B  │   ├── dd → /bin/busybox
                                                                                                                      -rwxrwxrwx         0:0        0 B  │   ├── df → /bin/busybox
│ Layer Details ├──────────────────────────────────────────────────────────────────────────────────────────────────── -rwxrwxrwx         0:0        0 B  │   ├── dmesg → /bin/busybox
                                                                                                                      -rwxrwxrwx         0:0        0 B  │   ├── dnsdomainname → /bin/busybox
Tags:   (unavailable)                                                                                                 -rwxrwxrwx         0:0        0 B  │   ├── dumpkmap → /bin/busybox
Id:     blobs                                                                                                         -rwxrwxrwx         0:0        0 B  │   ├── echo → /bin/busybox
Digest: sha256:16113d51b7181f20135f51e8ffbaead20a7671cd783017601f198748ce8a8ebf                                       -rwxrwxrwx         0:0        0 B  │   ├── egrep → /bin/busybox
Command:                                                                                                              -rwxrwxrwx         0:0        0 B  │   ├── false → /bin/busybox
#(nop) ADD file:ee5bb8409915b11413f44cce4c22fed658aba4fb078a448e08dd4ac9a23581f2 in /                                 -rwxrwxrwx         0:0        0 B  │   ├── fatattr → /bin/busybox
                                                                                                                      -rwxrwxrwx         0:0        0 B  │   ├── fdflush → /bin/busybox
                                                                                                                      -rwxrwxrwx         0:0        0 B  │   ├── fgrep → /bin/busybox
                                                                                                                      -rwxrwxrwx         0:0        0 B  │   ├── fsync → /bin/busybox
                                                                                                                      -rwxrwxrwx         0:0        0 B  │   ├── getopt → /bin/busybox
                                                                                                                      -rwxrwxrwx         0:0        0 B  │   ├── grep → /bin/busybox
                                                                                                                      -rwxrwxrwx         0:0        0 B  │   ├── gunzip → /bin/busybox
                                                                                                                      -rwxrwxrwx         0:0        0 B  │   ├── gzip → /bin/busybox
                                                                                                                      -rwxrwxrwx         0:0        0 B  │   ├── hostname → /bin/busybox
                                                                                                                      -rwxrwxrwx         0:0        0 B  │   ├── ionice → /bin/busybox
│ Image Details ├──────────────────────────────────────────────────────────────────────────────────────────────────── -rwxrwxrwx         0:0        0 B  │   ├── iostat → /bin/busybox
                                                                                                                      -rwxrwxrwx         0:0        0 B  │   ├── ipcalc → /bin/busybox
Image name: alexxyjiang/blog-site-generator:latest                                                                    -rwxrwxrwx         0:0        0 B  │   ├── kbd_mode → /bin/busybox
Total Image size: 359 MB                                                                                              -rwxrwxrwx         0:0        0 B  │   ├── kill → /bin/busybox
Potential wasted space: 3.6 MB                                                                                        -rwxrwxrwx         0:0        0 B  │   ├── link → /bin/busybox
Image efficiency score: 99 %                                                                                          -rwxrwxrwx         0:0        0 B  │   ├── linux32 → /bin/busybox
                                                                                                                      -rwxrwxrwx         0:0        0 B  │   ├── linux64 → /bin/busybox
Count   Total Space  Path                                                                                             -rwxrwxrwx         0:0        0 B  │   ├── ln → /bin/busybox
    4        880 kB  /etc/ssl/certs/ca-certificates.crt                                                               -rwxrwxrwx         0:0        0 B  │   ├── login → /bin/busybox
    4        277 kB  /lib/apk/db/installed                                                                            -rwxrwxrwx         0:0        0 B  │   ├── ls → /bin/busybox
    2        133 kB  /sbin/fdisk                                                                                      -rwxrwxrwx         0:0        0 B  │   ├── lsattr → /bin/busybox
    2         70 kB  /bin/dmesg                                                                                       -rwxrwxrwx         0:0        0 B  │   ├── lzop → /bin/busybox
    2         68 kB  /usr/bin/logger                                                                                  -rwxrwxrwx         0:0        0 B  │   ├── makemime → /bin/busybox
    2         68 kB  /usr/bin/cal                                                                                     -rwxrwxrwx         0:0        0 B  │   ├── mkdir → /bin/busybox
    2         68 kB  /sbin/losetup                                                                                    -rwxrwxrwx         0:0        0 B  │   ├── mknod → /bin/busybox
                                                                                                                      -rwxrwxrwx         0:0        0 B  │   ├── mktemp → /bin/busybox
                                                                                                                      -rwxrwxrwx         0:0        0 B  │   ├── more → /bin/busybox

Published Oct 31, 2024

Flying code monkey