Multi-Stage Build: Build-Tools in der ersten Stage, Ergebnis in der finalen. Dramatisch kleinere Images.

Node.js¶

FROM node:18 AS builder WORKDIR /app COPY package*.json ./ RUN npm ci COPY . . RUN npm run build FROM nginx:alpine COPY –from=builder /app/dist /usr/share/nginx/html

40 MB statt 1,2 GB¶

Go¶

FROM golang:1.22 AS builder WORKDIR /app COPY . . RUN CGO_ENABLED=0 go build -o server . FROM scratch COPY –from=builder /app/server /server ENTRYPOINT [“/server”]

15 MB¶

Python¶

FROM python:3.12 AS builder COPY requirements.txt . RUN pip install –user –no-cache-dir -r requirements.txt FROM python:3.12-slim COPY –from=builder /root/.local /root/.local COPY . . CMD [“python”, “app.py”]

• Stages benennen (AS builder)
• Dependency-Dateien zuerst -> besseres Caching
• alpine/slim/scratch als Basis
• .dockerignore verwenden

Kleiner = besser¶

Multi-Stage = kleineres Image, kleinere Angriffsflaeche, schnellerer Pull.