Interesting... but also the "power" from container is precisely that the description itself, i.e. the Dockerfile, is sufficient. So I'm not sure what the main advantage of either providing the image itself via a registry or providing just the Dockerfile with the base image to another registry then adding steps add.
An image is immutable, many Dockerfiles are not idempotent. Running them multiple times at different times can lead to different results easily.
Building every time takes a lot of time. Both on download and execution time.
Also when building an image you may need to have access to resources that are unavailable where you actually want to run the image. So I see definitely reason for both to exist.
> we brought down image creation time to mere seconds, even for images that were multiple GiB in size
this sounds interesting; for e.g., was wondering the other day if we could build images without actually pulling base images.. everytime we compile, we copy artifact(s) onto a multi-hundred MB base image which definitely doesn't need to be pulled everytime.
One of the neat things about something like this is that you could, in theory, do OS builds (think stuff like bootable containers) where you can, deterministically, configure an operating system to boot into all within the confines of your web browser.
We already have image builders for stuff like Talos Linux and Incus OS. This is not out of the realm of possibility.
Creating multi arch builds for starters. Maybe creating image from just composing layers instead of “running” a Dockerfile? The first I find cumbersome and is easily overcome by using buildx.
I haven’t tried lately, but I think running a build still requires running a docker engine. Buildx has builders that run as containers.
I joked once that the future was dockerizing every single react component and running them in a wasm port of k8s... I hope that premonition isn't coming true!
I can't imagine this happening in reality (i.e. people wanting to do this for normal production applications), but after reading your comment I must admit I am very tempted to try it for purely esoteric reasons.
Building every time takes a lot of time. Both on download and execution time.
Also when building an image you may need to have access to resources that are unavailable where you actually want to run the image. So I see definitely reason for both to exist.
Or am I misunderstanding your point?
this sounds interesting; for e.g., was wondering the other day if we could build images without actually pulling base images.. everytime we compile, we copy artifact(s) onto a multi-hundred MB base image which definitely doesn't need to be pulled everytime.
We already have image builders for stuff like Talos Linux and Incus OS. This is not out of the realm of possibility.
What are the limitations of `docker build`?
I haven’t tried lately, but I think running a build still requires running a docker engine. Buildx has builders that run as containers.