Question 82485 in Docker Question posted in
The official documentation can be found here.

Cannot sh into rust image (made via multistage build) – Docker

My Rust app dockerfile is as below, which is working fine

# Generate a recipe file for dependencies
FROM rust as planner
WORKDIR /app
RUN cargo install cargo-chef
COPY . .
RUN cargo chef prepare --recipe-path recipe.json

# Building our dependencies
FROM rust as cacher
WORKDIR /app
RUN cargo install cargo-chef
COPY --from=planner /app/recipe.json recipe.json
RUN cargo chef cook --release --recipe-path recipe.json

# Builder Image
FROM rust as builder
COPY . /app
WORKDIR /app
COPY --from=cacher /app/target target
COPY --from=cacher /usr/local/cargo /usr/local/cargo
RUN cargo build --release

# Final stage
FROM gcr.io/distroless/cc-debian11
COPY --from=builder /app/target/release/melt-agent-host /app/melt-agent-host
WORKDIR /app

But, I also want to bash into this image.

Is there any way to install bash in this distroless image ?

I also tried some other base images for the last stage that provides bash functionality,
Ex. alpine, busybox — but those images, I am facing some other errors regarding libgcc.so missing

To sum up, I need a small size base image for the last stage which is compatible with Rust binary + also allows bash functionality.

Tags:

2

Answers


  1. 0

    Well I guess you can just have a docker command in your docker file to COPY /bin/bash to somewhere, and then execute that. I don’t know if bash depends on any shared libraries which you are missing, but that would be a starting point. If shared libraries are needed too, you’ll have to copy those too.

    I would also suggest that whatever you think you’re gaining by having a distroless image, you aren’t really gaining. Find a minimalist distro… and probably most of them for docker are anyway.

    Login or Signup to reply.
  2. 0

    Your final image is being built from a "distroless" base image. This doesn’t include any userspace tools – there probably isn’t even a /bin/sh binary – and that’s okay. You won’t be able to docker exec into this image and that’s probably not a problem.

    Your image just contains a set of shared libraries, some control files in /etc, and the one compiled binary (consider copying it into /usr/bin or /usr/local/bin so it’s easier to run). It’s not clear to me what you’d do with a docker exec shell in this case.

    If for some reason you do need a shell and the various tools that normally go with it (ls, grep, etc.) you need some sort of "normal" base image, not a "distroless" image or the special scratch image. If you’ve built a static binary then it’s possible the busybox image will work; if you have a dynamic binary, it’s possible alpine will work as well (it will have a POSIX shell at /bin/sh but not GNU bash) but you might need to build your final image stage FROM debian or FROM ubuntu.

    ... all of your build stages ...

FROM debian:bullseye
COPY --from=builder /app/target/release/melt-agent-host /usr/local/bin
CMD ["melt-agent-host"]
    Login or Signup to reply.
Please signup or login to give your own answer.

Back To Top
Search