kaniko vs buildkit

目录

kaniko

buikdkit

---

kaniko

kaniko会提取Dockerfile里面的base image作为文件系统，但是如果Dockerfile的base image选的不合理，那整个过程是相当漫长的。

kaniko-private-github.yaml

apiVersion: v1
kind: Pod
metadata:
  name: kaniko-private-github
  namespace: kaniko
spec:
  containers:
  - name: kaniko
    image: gcr.io/kaniko-project/executor:v1.0.0
    args: ["--verbosity=trace",
           "--dockerfile=Dockerfile",
           "--context=git://[email protected]/xkfen/hello-world#refs/heads/master",
           "--destination=registry.local/it/buildpack-linux-demo:v1.0",
           "--cache=true",
           "--cache-repo=registry.local/it"]
  restartPolicy: Never

以这个Dockerfile为例：

  
FROM golang:1.14-alpine as builder
COPY . /go/src/github.com/xkf/hello-world
RUN cd /go/src/github.com/xkf/hello-world && CGO_ENABLED=0 GOOS=linux GOARCH=amd64 go build -o app

FROM alpine:latest
RUN apk --no-cache add ca-certificates
COPY --from=builder /go/src/github.com/xkf/hello-world /bin/app
CMD ["/bin/app/app"]

本身这个项目是很简单的hello world的，但是使用kaniko的时候竟然耗费了15m，无法忍受。一开始使用的是golang:1.14，整个过程持续了半小时还没结束我放弃了，赶紧修改为了alpine。

按照kaniko官方给的解释是，它要提取Dockerfile里面的base image作为文件系统并进行快照，我把日志级别调低到trace，看到的几乎全是在提取文件系统以及进行快照的日志。简直不要太多。

经多次验证kaniko-private-github.yaml发现，只有一开始耗费的时间会很长，多试几次时间就缩短为2m+，而且加不加cache时间都有缩短。

// 加了cache
[root@m2 katy]# kc get po -n kaniko
NAME                    READY   STATUS      RESTARTS   AGE
kaniko-private-github   0/1     Completed   0          2m37s

// 没加cache
[root@m2 katy]# kc get po -n kaniko
NAME                      READY   STATUS      RESTARTS   AGE
kaniko-private-github-1   0/1     Completed   0          2m54s

buildkit

用buildkit执行相同的dockerfile

总共花了67.9s!!!

在另一个机器测试，发现花了421s。Building 421.0s (12/12) FINISHED

[root@m1 hello-world]# DOCKER_BUILDKIT=1 docker build -f Dockerfile -t hello:v1.0 .
[+] Building 67.9s (12/12) FINISHED                                                                                                        
 => [internal] load build definition from Dockerfile                                                                                  0.1s
 => => transferring dockerfile: 32B                                                                                                   0.0s
 => [internal] load .dockerignore                                                                                                     0.1s
 => => transferring context: 2B                                                                                                       0.0s
 => [internal] load metadata for docker.io/library/alpine:latest                                                                      5.9s
 => [internal] load metadata for docker.io/library/golang:1.14-alpine                                                                 4.7s
 => [internal] load build context                                                                                                     0.0s
 => => transferring context: 21.82kB                                                                                                  0.0s
 => [builder 1/3] FROM docker.io/library/golang:1.14-alpine@sha256:680a1ec90372b08a26c2bab408014fc4b5236a91dc701a1bf784d3c64f11d964  43.3s
 => => resolve docker.io/library/golang:1.14-alpine@sha256:680a1ec90372b08a26c2bab408014fc4b5236a91dc701a1bf784d3c64f11d964           0.0s
 => => sha256:ed8968b2872e472e21554ca58b35a02277634f3e501cc04ab7b0d0963f60f54d 282.60kB / 282.60kB                                    1.6s
 => => sha256:a92cc7c5fd73817407fa0e4de5e1fb262a9c0f34c35c7450a2d01a7cef79c62f 155B / 155B                                            1.6s
 => => sha256:628f3eafb14e8e2c95d377f4905fd9a8fac5bfd0168db6c5daa8d2eb3ae7bf08 107.34MB / 107.34MB                                   30.0s
 => => sha256:680a1ec90372b08a26c2bab408014fc4b5236a91dc701a1bf784d3c64f11d964 1.65kB / 1.65kB                                        0.0s
 => => sha256:34c8efcf735f53ed10510175a3b218deb0b8e523c1014157a1d9b133c1d1b854 1.36kB / 1.36kB                                        0.0s
 => => sha256:cf2ff089aa2c6cc70812eca2933d21fcede3e953ab7d71b211f37efec287b60c 4.63kB / 4.63kB                                        0.0s
 => => extracting sha256:ed8968b2872e472e21554ca58b35a02277634f3e501cc04ab7b0d0963f60f54d                                             0.3s
 => => sha256:4c45347fed5d8edfe1363c8b3c58358f566fabace2eadc5a1a074fa259ea94ce 126B / 126B                                            2.3s
 => => extracting sha256:a92cc7c5fd73817407fa0e4de5e1fb262a9c0f34c35c7450a2d01a7cef79c62f                                             0.0s
 => => extracting sha256:628f3eafb14e8e2c95d377f4905fd9a8fac5bfd0168db6c5daa8d2eb3ae7bf08                                            12.1s
 => => extracting sha256:4c45347fed5d8edfe1363c8b3c58358f566fabace2eadc5a1a074fa259ea94ce                                             0.0s
 => [stage-1 1/3] FROM docker.io/library/alpine:latest@sha256:185518070891758909c9f839cf4ca393ee977ac378609f700f60a771a2dfe321        1.0s
 => => resolve docker.io/library/alpine:latest@sha256:185518070891758909c9f839cf4ca393ee977ac378609f700f60a771a2dfe321                0.0s
 => => sha256:185518070891758909c9f839cf4ca393ee977ac378609f700f60a771a2dfe321 1.64kB / 1.64kB                                        0.0s
 => => sha256:a15790640a6690aa1730c38cf0a440e2aa44aaca9b0e8931a9f2b0d7cc90fd65 528B / 528B                                            0.0s
 => => sha256:a24bb4013296f61e89ba57005a7b3e52274d8edd3ae2077d04395f806b63d83e 1.51kB / 1.51kB                                        0.0s
 => [stage-1 2/3] RUN apk --no-cache add ca-certificates                                                                             60.7s
 => [builder 2/3] COPY . /go/src/github.com/xkf/hello-world                                                                           1.5s
 => [builder 3/3] RUN cd /go/src/github.com/xkf/hello-world && CGO_ENABLED=0 GOOS=linux GOARCH=amd64 go build -o app                  1.1s
 => [stage-1 3/3] COPY --from=builder /go/src/github.com/xkf/hello-world /bin/app                                                     0.1s
 => exporting to image                                                                                                                0.2s 
 => => exporting layers                                                                                                               0.2s 
 => => writing image sha256:7bd8e7ce649305199202ed1052b3f1b84096cac63b2d77fa09f1af1be3c08d49                                          0.0s 
 => => naming to docker.io/library/hello:v1.0 

单从执行耗时来看，buildkit肯定是首选了。晚点再验证下资源使用情况