We reduced our Docker images by 60% with –no-install-recommends

This article is more than 5 years old.


Here at Canonical, we use Dockerfiles on a daily basis for all our web projects. Something that caught our attention recently was the amount of space that we were using for each Docker image, and we realized that we were installing more dependencies than we needed.

In this article, I’ll explain how we improved our image build time and reduced the image size by using the flag --no-install-recommends in our Dockerfiles.

Using APT

As you may know, Advanced Package Tool, or APT, is the interface to handle the installation and removal of software on Debian based distributions. It simplifies the process of managing software by automating the retrieval, configuration and installation of software packages.

Every package has different types of dependencies:

  • Required packages
  • Recommended packages
  • Suggested packages

The required packages are mandatory since they are necessary for the correct operation of the package. Still, the recommended and suggested packages are not essential, and they are there to offer some extra functionality that we might not need to use. By default APT will install required and recommended packages.

Disabling recommended packages

To avoid the installation of recommended packages, we included the flag --no-install-recommends when using APT in our Dockerfile.

RUN apt-get update && apt-get install --no-install-recommends --yes python3

By doing this, we achieve a decrease of around 60% in our Docker images size.

This obviously will vary according to the dependencies you are using. In our case, we did it for all our Python websites which reduced the size of all our Docker containers significantly. Also, the build time sped up about 15%.

I recommend doing this whenever you run apt install in your Dockerfiles, and I hope you find it useful if you are trying to reduce the size of your containers.

It is important to keep in mind that doing this could result in some missing libraries in your projects which you may have to add back explicitly, but this will ultimately give you more control in the dependencies in your project.

Happy dockering!

ubuntu logo

What’s the risk of unsolved vulnerabilities in Docker images?

Recent surveys found that many popular containers had known vulnerabilities. Container images provenance is critical for a secure software supply chain in production. Benefit from Canonical’s security expertise with the LTS Docker images portfolio, a curated set of application images, free of vulnerabilities, with a 24/7 commitment.

Integrate with hardened LTS images ›

Newsletter signup

Get the latest Ubuntu news and updates in your inbox.

By submitting this form, I confirm that I have read and agree to Canonical's Privacy Policy.

Related posts

Introducing a VSCode extension for Vanilla CSS Framework

The Vanilla CSS Framework is a utility class-based and customizable SASS library that is the go-to when it comes to styling websites and dashboards across the...

Designing Canonical’s Figma libraries for performance and structure

How Canonical’s Design team rebuilt their Figma libraries, with practical guidelines on structure, performance, and maintenance processes.

Visual Testing: GitHub Actions Migration & Test Optimisation

What is Visual Testing? Visual testing analyses the visual appearance of a user interface. Snapshots of pages are taken to create a “baseline”, or the current...