📦 Docker Optimizer — Docker 优化器

Docker 优化器

Automatically analyzes and 优化s your Dockerfiles for faster builds, smaller images, better caching, and enhanced security. 转换 slow, bloated Docker images into production-ready contAIners following industry best practices.

What This 技能 Does

This 技能 analyzes your Dockerfile and provides optimizations for:

Multi-stage builds - Reduce final image size by 60-90% Layer caching - Speed up builds by 5-10× through intelligent layer ordering Security hardening - 移除 vulnerabilities, 运行 as non-root, minimize attack surface Image size reduction - Shrink images from GBs to MBs using Alpine, dist角色ss, slim variants Build performance - Parallel builds, 缓存 mounts, BuildKit optimizations Best practices - Follow Docker official recommendations and industry standards Dependency optimization - Efficient package 安装ation and 清理up Metadata and labels - Proper versioning, authorship, documentation

Supports multiple languages and eco系统s:

Node.js (npm, yarn, pnpm) Python (pip, poetry, conda) Go (模块s, vendor) Java (Maven, Gradle) Rust (Cargo) PHP (Composer) .NET (Nu获取) Ruby (Bundler) Why Use This 技能 Dramatically Faster Builds

优化d Dockerfiles build 签名ificantly faster:

Before: 10-15 minute builds After: 30 seconds to 2 minutes (with 缓存) Improvement: 5-20× faster iteration

Real example (Node.js 应用):

Un优化d: 12 minutes 优化d: 45 seconds (缓存d), 3 minutes (cold) Massive Size Reduction

Smaller images mean faster 部署ments and lower costs:

Before: 1.2GB Node.js image After: 150MB Alpine-based image Savings: 87% smaller, 8× faster pulls

Size comparison:

Full Ubuntu image: 800MB-1.5GB Alpine-based: 50-200MB Dist角色ss: 20-100MB Scratch (Go/Rust): 5-50MB Enhanced Security

优化d images have fewer vulnerabilities:

Smaller attack surface (fewer packages) No root user 访问 No shell in production (dist角色ss) Regular base image 更新s Vulnerability 扫描ning built-in

Security improvements:

Before: 245 vulnerabilities (Ubuntu base) After: 12 vulnerabilities (Alpine base) Reduction: 95% fewer security issues Lower Cloud Costs

Smaller, faster images reduce costs:

Storage: 80-90% reduction in registry costs Bandwidth: 80-90% less data transfer Compute: Faster cold 启动s (serverless) CI/CD: Shorter build times = lower CI minutes

Cost example (1000 部署ments/month):

Before: $150/month (storage + transfer) After: $25/month Savings: $1500/year When to Use This 技能

Use this 技能 to 优化 Docker images:

✅ Before production 部署ment (优化 for production) ✅ When builds are slow (improve developer experience) ✅ When images are large (reduce size and costs) ✅ During security 审计s (harden contAIners) ✅ 设置ting up new projects (启动 with best practices) ✅ Migrating to Kubernetes (smaller images = faster scaling) ✅ Serverless contAIners (cold 启动 optimization) ✅ CI/CD 流水线 optimization (faster builds) When NOT to Use This 技能 ❌ For docker-compose files (this focuses on Dockerfiles) ❌ During rAPId prototyping (premature optimization) ❌ For development-only images (unless build speed matters) ❌ When 调试ging (优化d images harder to 调试) ❌ For one-off scripts (not worth optimizing) How It Works Step-by-Step Analysis 解析s Dockerfile: Analyzes all instructions and stages Identifies anti-patterns: Finds inefficiencies and security issues Measures impact: Calculates potential size and speed improvements Suggests optimizations: Provides specific, actionable changes 生成s 优化d version: 创建s complete 优化d Dockerfile 验证s syntax: Ensures 优化d Dockerfile is valid Estimates improvements: Projects size reduction and build time savings Optimization Categories

Build Performance:

Layer caching strategy Dependency 安装ation order Parallel builds BuildKit 缓存 mounts Build secrets management

Image Size:

Multi-stage builds Minimal base images Package 清理up Layer squashing Dependency p运行ing

Security:

Non-root user Minimal attack surface No secrets in layers Read-only root file系统 Security 扫描ning

Best Practices:

Explicit versions 健康 检查s Proper labels 签名al handling Graceful 关闭 Usage Examples Example 1: Node.js 应用 Optimization

Your Dockerfile:

FROM node:latest

WORKDIR /应用

COPY . .

运行 npm 安装

EXPOSE 3000

CMD ["node", "server.js"]

Ask Claude:

"优化 this Dockerfile for production"

Analysis 报告:

🔴 Critical Issues Found:

Using :latest tag (Line 1)

Problem: Unpredictable builds, breaks in production Impact: Potential breaking changes, no reproducibility Fix: Use specific version

No multi-stage build (Overall)

Problem: Includes dev dependencies (200MB+) Impact: 3× larger image than necessary Fix: Separate build and 运行time stages

Inefficient layer caching (Lines 5-7)

Problem: Any file change in验证s npm 安装 Impact: 2-5 minute rebuild every time Fix: Copy package files first

运行ning as root (No USER instruction)

Problem: Security vul