Docker image larger than its filesystem

I have a docker image that I built from several layers and a debian:jessie base image that I’m working on making smaller. I added a cleanup layer than does apt-get remove a bunch of packages and deletes files from the filesystem. When I run the resulting image and do du -h inside it I can see it’s about 1.3GB. However, when I look at the image size in docker images, it’s more than 2.2GB, which is the size of the image before the cleanup layer. Why is the final image not getting smaller?

  • Terminal with Docker Compose with Links
  • Docker: can a container execute docker ps or docker images?
  • How to define a variable in a Dockerfile?
  • ffmpeg failed - 455 Method Not Valid in This State
  • docker-compose gives ERROR: Cannot locate specified Dockerfile: Dockerfile
  • Multiple dependent ? Dockerfiles building a LAMP container
  • Jenkins shell script add Unix user to group
  • Is there a way to use a remote API as an endpoint in a docker compose file?
  • Does it make any difference to include or omit :latest when pulling a Docker image?
  • Microsoft Word crashes when invoking its COM inside Docker Container
  • docker-compose v3 prepend folder name to network name
  • Docker Ignores limits.conf (trying to solve “too many open files” error)
  • One Solution collect form web for “Docker image larger than its filesystem”

    You can’t have a cleanup layer – the Union File System doesn’t work like that. If files exist in layer 1, and you delete them in layer 2, all Docker does when you run the container is hide the deleted files. Once files are saved into an image layer, they can’t be removed from that layer.

    You can try using the Docker squash tool to reduce the final image size, or rework your Dockerfiles in line with Titouan Freville’s comment – do all the APT commands in one RUN statement (update, install remove). That way when the image layer is saved, the files have already been cleaned up.

    Docker will be the best open platform for developers and sysadmins to build, ship, and run distributed applications.