Demonstration of creating a base image that contains a statically-linked program.
In classic Linux distro, some libraries are available only for dynamic linking (ex: GLib). Even the glibc requires a dynamically loaded library for some functions (read here).
Indeed, on
getaddrinfo()
calls, static and dynamic flavours ofglibc
always dynamically load at leastlibnss_files.so.2
which depends onlibc.so
itself. So you cannot make a static self-sufficient executable that usesgetaddrinfo()
API with the standardglibc
.
In order to create an empty Docker image that contains just an executable, you will need statically linked program that will not require or load any dynamic libraries, since the image will not have any shared libraries.
The best choice is to use musl-libc and Alpine Linux, where all the hard work has already be done.
The Docker image uses a multi-stage build.
- The first stage prepares the build environment (compiler and libraries).
- The second one creates a bare image with only the program and its data.
docker run --rm -ti rene2/fromscratch
Nota: This image is made by the automated build system on Docker Hub's infrastructure.
The demo.sh script builds and inspects the image (jq is required to filter the inspect output, or comment line 8).
Then, it runs the unique executable (a.out
) in the container.
Some explanations.