4

I am trying to get my feet wet with Docker/containers. I started with this tutorial:

Getting Started ยท Spring Boot with Docker

It works fine, but I was surprised it is necessary to have the "dockerd" daemon running to build an image. It connects to it using localhost and a port number as part of executing the Maven build. Why is this required (and can it be avoided)? I mean, in many cases the image will have to be run on a separate platform anyway. It is particularly annoying, because I am building on Windows where Docker requires you to have Hyper-V enabled, which causes other issues (for instance that you can't use VMware on the same machine).

Due to the problems, I resorted to building it all inside a Linux VM (which then ran the Docker daemon).

Another thing which might be related to the above: It seems the build process doesn't leave the image on disk; it is installed directly into the repository managed by the Docker daemon. I can then export the image from the command line, and I suppose (haven't tried) this image could be moved to another machine and run from there. But how do I build "just" the image without having it deployed anywhere, etc.? It just needs to produce the artifacts in the local file system and leave it at that. Maybe that would also remove the requirement for having Docker running?

The command the tutorial uses for running Maven is:

./mvnw install dockerfile:build

However, trying alternatives to "install" (such as "package", etc.) seemingly doesn't change the behavior.

Peter Mortensen
  • 147
  • 5
Morty
  • 141
  • 1
  • 3

4 Answers4

7

Each command in the Dockerfile is processed as a separate step. Every step from the build process gets executed in a dedicated container. It starts from Step 1 (the first command in the Dockerfile). That step is run in a container and if it is successful, a commit to a temporary image (let's call it image A) takes place. Then, Step 2 is executed in a container which is run from image A ... and so on until the final step is executed successfully. And as Tensibai commented - how do you think to run a container without the daemon?

So, yes - building a docker image requires the docker daemon to be running.

Peter Mortensen
  • 147
  • 5
13dimitar
  • 757
  • 4
  • 12
3

The Docker client is a CLI interface to the dockerd REST API. Very little happens in the client itself. Docker performs build steps on the dockerd engine and changing this would be a non-trivial task. Each RUN step creates a temporary container to execute the command and gather the resulting container filesystem as a new layer. The build cache is maintained as images on the server. And each layer of the image is managed by the storage driver within the Docker engine.

There are various attempts to try to remove this dependency, but the biggest stumbling block for each will be the temporary containers used by RUN which require a container runtime and root access on the server to set up.

Peter Mortensen
  • 147
  • 5
BMitch
  • 3,568
  • 12
  • 18
0

Rootless container builds without using a docker daemon are possible using the Buildah and Podman utilities.

N.B. Podman has vendored in the Buildah library so it's all Buildah under the covers.

Rob Wells
  • 123
  • 5
0

With Kaniko, you can build Docker images without Docker daemon.

Not all possible Dockerfile options might be supported.

https://github.com/GoogleContainerTools/kaniko

Ta Mu
  • 6,792
  • 5
  • 43
  • 83