Julius' Blog

Rails 7: Optimised Container Images

Posted on Jul 21, 2022

Rails container images can easily be one gigabyte or more in size. This is very wasteful in terms of storage space, both in your registry, on your deployment target, or development machine. But it also slows down your deployments, when the image needs to be pulled first.

If you are using a different image for development, you may have struggled with slow startup times of your development environment. Gems need to be fetched and rebuilt.

That’s why today, I want to show you my multi–stage container image build which yields a tiny production image (around 50 MB for a standard Rails app) as well as a developement image that is ready in less than five seconds.

The Containerfile

Let’s dig straight into the Containerfile (also known as Dockerfile). It assumes PostgreSQL to be used but can easily be adapted to work with MariaDB, SQLite, or others.

This blog post has been written for the following versions:

  • Alpine Linux 3.16.1
  • Ruby 3.1.2
  • Rails 7.0.3.1
  • Bundler 2.3.17
# https://j.ulius.de/posts/rails-7-optimised-container-images
##################################################
# Base stage with dependencies
##################################################
FROM ruby:3.1.2-alpine3.16 AS base

WORKDIR /app
ENV PATH /app/bin:${PATH}

# Install commonly needed build packages.
# We're not really concerned about size here.
RUN apk add --update --no-cache \
    bash \
    build-base \
    curl \
    git \
    libxml2-dev \
    libxslt-dev \
    nodejs \
    openssl \
    postgresql-client \
    postgresql-dev \
    tzdata \
    yarn \
    ;

# Make sure we're using the latest version of bundler
RUN gem install bundler

ENV BUNDLE_RETRY 3
ENV BUNDLE_FROZEN true
ENV BUNDLE_WITHOUT development:test
COPY Gemfile Gemfile.lock ./
RUN bundle install

COPY package.json yarn.lock ./
RUN yarn install --frozen-lockfile

ENV RAILS_LOG_TO_STDOUT true
ENV RAILS_SERVE_STATIC_FILES true


##################################################
# Builder stage
##################################################
FROM base AS builder

COPY . ./
RUN \
    RAILS_ENV=production \
    SECRET_KEY_BASE=precompile \
    rails assets:precompile

##################################################
# Development stage
##################################################
FROM base AS development

ENV BUNDLE_WITHOUT=
RUN bundle install

ENV BUNDLE_FROZEN=

CMD ["rails", "server", "-b", "0.0.0.0"]

##################################################
# Intermidiary stage for easier removal of files
##################################################
FROM builder AS intermidiary

# We don't need node_modules in production.
RUN rm -rf \
    log \
    node_modules \
    test \
    tmp \
    vendor/cache
# Get rid of any unnecessary folders, files, and gem caches.
RUN set -eux; \
    find /usr/local/bundle/ -name ".git" -exec rm -rv {} +; \
    find /usr/local/bundle/ -name "*.c" -delete; \
    find /usr/local/bundle/ -name "*.o" -delete; \
    rm -rf /usr/local/bundle/ruby/*/cache; \
    find /usr/local/bundle/ -name "*.gem" -delete

##################################################
# Production stage
##################################################
FROM ruby:3.1.2-alpine3.16 AS production

WORKDIR /app
ENV PATH /app/bin:${PATH}

RUN apk add --update --no-cache \
    curl \
    libxml2 \
    postgresql-client \
    openssl \
    tzdata \
    ;

# Isolate the user running our app as a non-root user.
RUN set -eux; \
    addgroup -g 1000 app; \
    adduser -g '' -G app -D -u 1000 app; \
    chown -R app:app /app
USER app

# Copy the gems.
COPY --from=intermidiary /usr/local/bundle/ /usr/local/bundle/
# Copy our app.
COPY --from=intermidiary /app .

ENV RAILS_LOG_TO_STDOUT true
ENV RAILS_SERVE_STATIC_FILES true
ENV RAILS_ENV production
ENV BUNDLE_FROZEN true
ENV BUNDLE_WITHOUT development:test

CMD ["rails", "server", "-b", "0.0.0.0"]

Understanding the Individual Parts

The build file consists of five stages: base, builder, development, intermidiary, and production. Let’s take a closer look at each of them:

base

The base stage prepares an environment suited to build a Rails app. If you want, you can extract this part into a container image on which your builds can depend.

builder

This step runs the Rails asset pipeline. The only reason this is not performed in the base image is that it’s not needed for development and is thus excluded.

intermidiary

There is no way to copy everything but a specific folder in a container image build. Besides that, this step significantly simplifies cleaning up anything that’s not needed in the production image.

Thus, in this step, we remove the node_modules directory, source files, and gem caches.

production

In this step, we install everything that’s needed to run a Rails app in production and copy our gems and app over. Additionally, we set up a non-root user to run our app.

development

In development, we may need more gems, e.g., for testing, linting, debugging. We install them and unfreeze Bundler afterwards. This way, it’s easy to update dependencies in development.

Closing Words

After tinkering with Rails images for a while, I’m quite happy with this setup now. It yields small production images and fast development images.

Feedback is highly appreciated! Feel free to hit me up at j@ulius.de.