binpot is the repository holding Dockerfiles and Github workflows to statically build binaries for all CPU architectures supported by Docker. TL;DR ⏩ Usage: FROMalpine:3.14COPY --from=qmcgaw/binpot:helm /bin /usr/local/bin/helm Programs available Search programs on Docker Hub All Docker images and programs are built for every CPU architecture supported by Docker Initial situation 🤔 I developed VSCode development containers Dockerfiles for amd64 only, which covers most machines....
Alpine is tiny. The alpine:3.14 Docker image is only 5.6MB uncompressed on amd64. Alpine achieves this partly thanks to busybox, which Docker image busybox is only 1.24MB. Alpine comes with wget implemented in its Busybox multi-call binary. You can try it with: docker run -it --rm busybox wget But why isn’t curl implemented as well, or instead of wget?? 🤔 wget vs curl The following table shows some key differences between the two, comparing the two installs on Alpine by using...
buildkit is now included with Docker Desktop and the Docker buildx plugin. We can now build an image for multiple CPU architectures by using the flag --platform in the docker buildx build command. For example docker buildx build --platform=linux/amd64,linux/arm64 .. You can however keep on using the native build platform by using the --platform=${BUILDPLATFORM} flag in your Dockerfile’s FROM instruction. For example: FROM--platform=${BUILDPLATFORM} golang:1.16-alpine3.13 AS builderYou will usually specify the TARGETPLATFORM argument further down in the Docker build stage block....
Please read Buildkit cross architecture building bug instead, this page is actually wrong.
There are various ways to organize your Dockerfile and CI. After having tried many solutions, I have a solid way to write your Dockerfile for your Go program. The Dockerfile is also heavily optimized for the Docker layer caching mechanism, to have fast rebuilds locally and on your CI. In this post, we will analyze such Dockerfile and analyze the structure of it, which is optimized for caching, secured and designed to contain everything....
A lot of developers are not aware running a Docker container as root is risky security wise. A container is still isolated with the isolation of LXC, but running as root means it’s running as the same root as the on the host. An attacker gaining access to the container can thus do some damage since he has root access. There are multiple ways to avoid running as root but there are also many challenges that we address in the following....
Building cross CPU Docker images for Go programs is not a trivial task. With the excellent Go compiler and the recent improvements of Docker building, quite an advanced setup can be achieved to build Docker images for all CPU architectures supported by Docker and Go. What we’ll do We will design a Dockerfile cross building a simple Go program for Docker images supporting multiple CPU architectures. The aim is to have the statically compiled Go program in a final Docker image based on the alpine:3....