π³ Dockerfile Strategy - Arquitectura de ImΓ‘genes¶
π― JerarquΓa de ImΓ‘genes¶
βββββββββββββββββββββββββββββββββββββββββββββββββββββββββββ
β β
β [Dockerfile.base] β Ubuntu 22.04 + basics β
β β β
β [Dockerfile.build] β + compilers + deps β
β β β β
β [Dockerfile.test] [Dockerfile.dev] β
β + test tools + dev tools β
β β
βββββββββββββββββββββββββββββββββββββββββββββββββββββββββββ
π Principios de DiseΓ±o¶
Multi-stage builds: - Stage 1: Build dependencies - Stage 2: Compile - Stage 3: Runtime (copy artifacts only) - Result: Image 80% smaller
Layer caching: - Deps lentas primero (apt install) - CΓ³digo volΓ‘til al final - InvalidaciΓ³n mΓnima
Size optimization:
βββββββββββββββββββββββββββββββββββββββββββββββββββββββββ
β Target sizes: β
β β’ base: < 200 MB β
β β’ build: < 500 MB β
β β’ test: < 600 MB β
β β’ dev: < 800 MB β
βββββββββββββββββββββββββββββββββββββββββββββββββββββββββ
π Security¶
- Non-root user siempre
- Minimal base (Alpine o Ubuntu minimal)
- No secrets en layers
- Regular security scans
β‘ Performance¶
- .dockerignore exhaustivo
- BuildKit enabled
- Cache mounts para package managers
- Parallel builds donde posible