Skip to content

perf(docker): improve pd/store/server image build cache efficiency #3025

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Open
bitflicker64 wants to merge 2 commits into
base: master
Choose a base branch
from
Open

perf(docker): improve pd/store/server image build cache efficiency #3025

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
2 commits
Select commit Hold shift + click to select a range
c6e75ca
perf(docker): improve pd/store/server image build cache efficiency
bitflicker64 May 13, 2026
4cc2e42
perf(docker): improve pd/store/server image build cache efficiency
bitflicker64 May 14, 2026
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
35 changes: 35 additions & 0 deletions .dockerignore
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,35 @@
#
# Licensed to the Apache Software Foundation (ASF) under one or more
# contributor license agreements. See the NOTICE file distributed with
# this work for additional information regarding copyright ownership.
# The ASF licenses this file to You under the Apache License, Version 2.0
# (the "License"); you may not use this file except in compliance with
# the License. You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
#

# NOTE: This file intentionally stays minimal.
**/target/
# Most patterns (IDE files, build artifacts, logs, OS files) are already
# covered by .gitignore. Only Docker-specific extras are listed here.
Comment thread
bitflicker64 marked this conversation as resolved.
Copy link
Copy Markdown
Member

@imbajin imbajin May 14, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

‼️ The premise here is incorrect — Docker's build context exclusion does not inherit .gitignore. As a result, locally-extracted release dirs (apache-hugegraph-*/, measured at ~790 MB on a normal dev checkout), .idea/, node_modules/, logs/, *.iml, *.class, gen-java/, upload-files/, .vscode/, *.tar.gz, dist/, build/ all leak into every build's context, defeating the cache work in this PR (and risking IDE / secret leakage into image layers).

Suggested change
# covered by .gitignore. Only Docker-specific extras are listed here.
**/target/
# IMPORTANT: .dockerignore does NOT inherit .gitignore — patterns must be restated.
# Pre-extracted release dirs / archives
apache-hugegraph-*/
**/*.tar
**/*.tar.gz*
**/*.zip
**/*.war
# IDE / OS
.idea/
.vscode/
**/*.iml
**/*.iws
**/.DS_Store
# Build / runtime artifacts
**/logs/
**/*.log
**/*.class
**/gen-java/
**/upload-files/
**/dist/
**/build/
**/node_modules/
# Env files
.env.local
.env.*.local
# Git internals
.git
.gitignore
.gitattributes
.github
# Compose / docs not needed in build context
**/docker-compose*.yml
**/docker-compose*.yaml
**/*.md
docs/


# Git internals (never tracked by git, must be explicit here)
.git
.gitignore
.gitattributes
.github

# Docker compose files not needed in build context
**/docker-compose*.yml
**/docker-compose*.yaml

# Docs not needed in build context
**/*.md
docs/
3 changes: 1 addition & 2 deletions .github/workflows/server-ci.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -10,8 +10,7 @@ on:

jobs:
build-server:
# TODO: we need test & replace it to ubuntu-24.04 or ubuntu-latest
runs-on: ubuntu-22.04
runs-on: ubuntu-latest
Copy link
Copy Markdown
Member

@imbajin imbajin May 14, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

⚠️ Two concerns on this line:

  1. Scope creep: bumping ubuntu-22.04 → ubuntu-latest is unrelated to the Docker cache work in this PR. The original # TODO was a deliberate guard (Ubuntu 24.04 changed default Java, removed legacy packages). Suggest reverting in this PR and splitting into a focused follow-up.
  2. ubuntu-latest drifts when GitHub flips the alias — pin explicitly:
Suggested change
runs-on: ubuntu-latest
runs-on: ubuntu-24.04

Flagging here since it's the only CI file touched: there is no CI workflow that exercises any Dockerfile (verified — zero docker build references under .github/workflows/). PR's verification is "run docker build locally". Future regressions will ship silently. Consider adding a build-only smoke job:

docker-build:
  runs-on: ubuntu-24.04
  strategy:
    matrix:
      dockerfile:
        - hugegraph-pd/Dockerfile
        - hugegraph-store/Dockerfile
        - hugegraph-server/Dockerfile
        - hugegraph-server/Dockerfile-hstore
  steps:
    - uses: actions/checkout@v4
    - uses: docker/setup-buildx-action@v3
    - run: docker buildx build -f ${{ matrix.dockerfile }} --load .

env:
USE_STAGE: 'false' # Whether to include the stage repository.
TRAVIS_DIR: hugegraph-server/hugegraph-dist/src/assembly/travis
Expand Down
26 changes: 13 additions & 13 deletions hugegraph-pd/Dockerfile
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,3 +1,4 @@
# syntax=docker/dockerfile:1
#
# Licensed to the Apache Software Foundation (ASF) under one or more
# contributor license agreements. See the NOTICE file distributed with
Expand All @@ -16,15 +17,21 @@
#

# Dockerfile for HugeGraph PD
# NOTE: Build with DOCKER_BUILDKIT=1 to enable cache mounts and --parents COPY.
# 1st stage: build source code
FROM maven:3.9.0-eclipse-temurin-11 AS build

COPY . /pkg
WORKDIR /pkg

# Copy pom files first — layer is only invalidated when pom files change,
# keeping the Maven cache mount warm across source-only changes.
COPY --parents **/pom.xml ./
Comment thread
bitflicker64 marked this conversation as resolved.
Comment thread
bitflicker64 marked this conversation as resolved.
ARG MAVEN_ARGS

Comment on lines +26 to 30
RUN mvn package $MAVEN_ARGS -e -B -ntp -Dmaven.test.skip=true -Dmaven.javadoc.skip=true && pwd && ls -l && rm \
./hugegraph-server/*.tar.gz && rm ./hugegraph-pd/*.tar.gz && rm ./hugegraph-store/*.tar.gz
COPY . .
RUN --mount=type=cache,target=/root/.m2 \
mvn package $MAVEN_ARGS -e -B -ntp -Dmaven.test.skip=true -Dmaven.javadoc.skip=true \
&& rm ./hugegraph-server/*.tar.gz ./hugegraph-pd/*.tar.gz ./hugegraph-store/*.tar.gz

# 2nd stage: runtime env
# Note: ZGC (The Z Garbage Collector) is only supported on ARM-Mac with java > 13
Expand All @@ -38,25 +45,18 @@ ENV JAVA_OPTS="-XX:+UnlockExperimentalVMOptions -XX:+UseContainerSupport -XX:Max
HUGEGRAPH_HOME="hugegraph-pd" \
STDOUT_MODE="true"

#COPY . /hugegraph/hugegraph-pd
WORKDIR /hugegraph-pd/

# 1. Install environment and init HugeGraph Sever
RUN set -x \
&& rm /var/lib/dpkg/info/libc-bin.* \
&& apt-get -q clean \
&& apt-get -q update \
# 1. Install runtime dependencies
RUN apt-get -q update \
&& apt-get -q install -y --no-install-recommends --no-install-suggests \
dumb-init \
procps \
curl \
lsof \
vim \
cron \
&& apt-get clean \
&& rm -rf /var/lib/apt/lists/* \
&& service cron start \
&& pwd && cd /hugegraph-pd/
&& rm -rf /var/lib/apt/lists/*

# 2. Init docker script
COPY hugegraph-pd/hg-pd-dist/docker/docker-entrypoint.sh .
Expand Down
26 changes: 13 additions & 13 deletions hugegraph-server/Dockerfile
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,3 +1,4 @@
# syntax=docker/dockerfile:1
#
# Licensed to the Apache Software Foundation (ASF) under one or more
# contributor license agreements. See the NOTICE file distributed with
Expand All @@ -16,18 +17,24 @@
#

# Dockerfile for HugeGraph Server
# NOTE: Build with DOCKER_BUILDKIT=1 to enable cache mounts and --parents COPY.
# 1st stage: build source code
FROM maven:3.9.0-eclipse-temurin-11 AS build

COPY . /pkg
WORKDIR /pkg

# Copy pom files first — layer is only invalidated when pom files change,
# keeping the Maven cache mount warm across source-only changes.
COPY --parents **/pom.xml ./
Comment thread
bitflicker64 marked this conversation as resolved.
Comment thread
bitflicker64 marked this conversation as resolved.
ARG MAVEN_ARGS

Comment on lines +26 to 30
RUN mvn package $MAVEN_ARGS -e -B -ntp -Dmaven.test.skip=true -Dmaven.javadoc.skip=true && pwd && ls -l && rm \
./hugegraph-server/*.tar.gz && rm ./hugegraph-pd/*.tar.gz && rm ./hugegraph-store/*.tar.gz
COPY . .
RUN --mount=type=cache,target=/root/.m2 \
mvn package $MAVEN_ARGS -e -B -ntp -Dmaven.test.skip=true -Dmaven.javadoc.skip=true \
&& rm ./hugegraph-server/*.tar.gz ./hugegraph-pd/*.tar.gz ./hugegraph-store/*.tar.gz

# 2nd stage: runtime env
# Note: ZGC (The Z Garbage Collector) is only supported on ARM-Mac with java > 13
# Note: ZGC (The Z Garbage Collector) is only supported on ARM-Mac with java > 13
FROM eclipse-temurin:11-jre-jammy

COPY --from=build /pkg/hugegraph-server/apache-hugegraph-server-*/ /hugegraph-server/
Expand All @@ -39,25 +46,18 @@ ENV JAVA_OPTS="-XX:+UnlockExperimentalVMOptions -XX:+UseContainerSupport -XX:Max
HUGEGRAPH_HOME="hugegraph-server" \
STDOUT_MODE="true"

#COPY . /hugegraph/hugegraph-server
WORKDIR /hugegraph-server/

# 1. Install environment and init HugeGraph Sever
RUN set -x \
&& rm /var/lib/dpkg/info/libc-bin.* \
&& apt-get -q clean \
&& apt-get -q update \
# 1. Install runtime dependencies and configure server
RUN apt-get -q update \
&& apt-get -q install -y --no-install-recommends --no-install-suggests \
dumb-init \
procps \
curl \
lsof \
Comment thread
bitflicker64 marked this conversation as resolved.
Copy link
Copy Markdown
Member

@imbajin imbajin May 14, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

🧹 Pre-existing issue (not a regression from this PR, but worth fixing while in the area): the cron package stays installed in the runtime image (~3 MB), but no cron daemon is ever started — dumb-init only execs docker-entrypoint.sh. This means start-hugegraph.sh -m true silently fails to fire its scheduled monitor job, even though crontab_append returns success. Either:

  • Drop cron entirely (saves ~3 MB and removes the false impression that monitor mode works), or
  • Start cron in docker-entrypoint.sh (cron & before the server start) so the feature actually works.

Same applies to Dockerfile-hstore and the PD / Store Dockerfiles.

vim \
cron \
&& apt-get clean \
&& rm -rf /var/lib/apt/lists/* \
&& service cron start \
&& pwd && cd /hugegraph-server/ \
&& sed -i "s/^restserver.url.*$/restserver.url=http:\/\/0.0.0.0:8080/g" ./conf/rest-server.properties

# 2. Init docker script
Expand Down
26 changes: 14 additions & 12 deletions hugegraph-server/Dockerfile-hstore
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,3 +1,4 @@
# syntax=docker/dockerfile:1
#
# Licensed to the Apache Software Foundation (ASF) under one or more
# contributor license agreements. See the NOTICE file distributed with
Expand All @@ -15,19 +16,25 @@
# limitations under the License.
#

# Dockerfile for HugeGraph Server
# Dockerfile for HugeGraph Server (hstore backend)
# NOTE: Build with DOCKER_BUILDKIT=1 to enable cache mounts and --parents COPY.
# 1st stage: build source code
FROM maven:3.9.0-eclipse-temurin-11 AS build

COPY . /pkg
WORKDIR /pkg

# Copy pom files first — layer is only invalidated when pom files change,
# keeping the Maven cache mount warm across source-only changes.
COPY --parents **/pom.xml ./
Comment thread
bitflicker64 marked this conversation as resolved.
Comment thread
bitflicker64 marked this conversation as resolved.
ARG MAVEN_ARGS

Comment on lines +26 to 30
RUN mvn package $MAVEN_ARGS -e -B -ntp -DskipTests -Dmaven.javadoc.skip=true && pwd && ls -l && rm \
./hugegraph-server/*.tar.gz && rm ./hugegraph-pd/*.tar.gz && rm ./hugegraph-store/*.tar.gz
COPY . .
RUN --mount=type=cache,target=/root/.m2 \
mvn package $MAVEN_ARGS -e -B -ntp -DskipTests -Dmaven.javadoc.skip=true \
&& rm ./hugegraph-server/*.tar.gz ./hugegraph-pd/*.tar.gz ./hugegraph-store/*.tar.gz

# 2nd stage: runtime env
# Note: ZGC (The Z Garbage Collector) is only supported on ARM-Mac with java > 13
# Note: ZGC (The Z Garbage Collector) is only supported on ARM-Mac with java > 13
FROM eclipse-temurin:11-jre-jammy

COPY --from=build /pkg/hugegraph-server/apache-hugegraph-server-*/ /hugegraph-server/
Expand All @@ -41,23 +48,18 @@ LABEL maintainer="HugeGraph Docker Maintainers <dev@hugegraph.apache.org>"
ENV JAVA_OPTS="-XX:+UnlockExperimentalVMOptions -XX:+UseContainerSupport -XX:MaxRAMPercentage=50 -XshowSettings:vm" \
HUGEGRAPH_HOME="hugegraph-server"

#COPY . /hugegraph/hugegraph-server
WORKDIR /hugegraph-server/

# 1. Install environment and init HugeGraph Sever
RUN set -x \
&& apt-get -q update \
# 1. Install runtime dependencies and configure server
RUN apt-get -q update \
&& apt-get -q install -y --no-install-recommends --no-install-suggests \
dumb-init \
procps \
curl \
lsof \
Comment thread
bitflicker64 marked this conversation as resolved.
vim \
cron \
&& apt-get clean \
&& rm -rf /var/lib/apt/lists/* \
&& service cron start \
&& pwd && cd /hugegraph-server/ \
&& sed -i "s/^restserver.url.*$/restserver.url=http:\/\/0.0.0.0:8080/g" ./conf/rest-server.properties

# 2. Init docker script
Expand Down
26 changes: 13 additions & 13 deletions hugegraph-store/Dockerfile
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,3 +1,4 @@
# syntax=docker/dockerfile:1
#
# Licensed to the Apache Software Foundation (ASF) under one or more
# contributor license agreements. See the NOTICE file distributed with
Expand All @@ -16,15 +17,21 @@
#

# Dockerfile for HugeGraph Store
# NOTE: Build with DOCKER_BUILDKIT=1 to enable cache mounts and --parents COPY.
# 1st stage: build source code
FROM maven:3.9.0-eclipse-temurin-11 AS build

COPY . /pkg
WORKDIR /pkg

# Copy pom files first — layer is only invalidated when pom files change,
# keeping the Maven cache mount warm across source-only changes.
COPY --parents **/pom.xml ./
Comment thread
bitflicker64 marked this conversation as resolved.
Comment thread
bitflicker64 marked this conversation as resolved.
ARG MAVEN_ARGS

Comment on lines +26 to 30
RUN mvn package $MAVEN_ARGS -e -B -ntp -Dmaven.test.skip=true -Dmaven.javadoc.skip=true && pwd && ls -l && rm \
./hugegraph-server/*.tar.gz && rm ./hugegraph-pd/*.tar.gz && rm ./hugegraph-store/*.tar.gz
COPY . .
RUN --mount=type=cache,target=/root/.m2 \
mvn package $MAVEN_ARGS -e -B -ntp -Dmaven.test.skip=true -Dmaven.javadoc.skip=true \
&& rm ./hugegraph-server/*.tar.gz ./hugegraph-pd/*.tar.gz ./hugegraph-store/*.tar.gz

# 2nd stage: runtime env
# Note: ZGC (The Z Garbage Collector) is only supported on ARM-Mac with java > 13
Expand All @@ -38,25 +45,18 @@ ENV JAVA_OPTS="-XX:+UnlockExperimentalVMOptions -XX:+UseContainerSupport -XX:Max
HUGEGRAPH_HOME="hugegraph-store" \
STDOUT_MODE="true"

#COPY . /hugegraph/hugegraph-store
WORKDIR /hugegraph-store/

# 1. Install environment and init HugeGraph Sever
RUN set -x \
&& rm /var/lib/dpkg/info/libc-bin.* \
&& apt-get -q clean \
&& apt-get -q update \
# 1. Install runtime dependencies
RUN apt-get -q update \
&& apt-get -q install -y --no-install-recommends --no-install-suggests \
dumb-init \
procps \
curl \
lsof \
vim \
cron \
&& apt-get clean \
&& rm -rf /var/lib/apt/lists/* \
&& service cron start \
&& pwd && cd /hugegraph-store/
&& rm -rf /var/lib/apt/lists/*

# 2. Init docker script
COPY hugegraph-store/hg-store-dist/docker/docker-entrypoint.sh .
Expand Down
Loading