devops(docker): split browser layers and use zstd compression for faster pulls#40702
Open
KRRT7 wants to merge 7 commits into
Open
devops(docker): split browser layers and use zstd compression for faster pulls#40702KRRT7 wants to merge 7 commits into
KRRT7 wants to merge 7 commits into
Conversation
The zstd compression output requires a buildx builder with the docker-container driver. Also removes the now-unused tag_and_push function.
Build pushes one canonical tag per arch, then tag_and_push creates additional tags via `docker buildx imagetools create` (registry-side copy, no layer re-upload).
Use `install-deps` for all system dependencies in one shared layer, then `install` (without --with-deps) per browser for binary-only layers. This eliminates duplicate apt index fetches and makes browser layers pure binary data with better zstd compression ratio.
Member
|
Thanks for looking into it. I'm sure we have customers with older docker clients. But I'm ok with the layering change. Could you provide the numbers? Time w/ and w/o layers next to each other. |
… compatibility zstd-compressed layers require Docker 23.0+ (Feb 2023). Reverting to standard gzip keeps the parallel-layer speedup without breaking pulls for users on older Docker versions.
One-off workflow_dispatch to measure cold pull times for monolithic vs split-layer Docker images on a GitHub Actions runner.
Author
|
Dropped the zstd change (latest commit), so no Docker version concerns anymore — this is purely the layer split. Layer structure (arm64, compressed):
Largest single layer drops from 754 MB → 321 MB. Benchmarks (Azure VM, D16s_v5, amd64, GHCR):
The split helps when the bottleneck is per-connection throughput (registry/CDN rate limits per stream — Docker downloads each layer on a separate connection). When the user's own pipe is the bottleneck, it's neutral — never worse. For CI runners with high total bandwidth but CDN-limited per-stream rates, this cuts the download portion significantly. On fast unthrottled connections, decompression dominates and both are equivalent. |
pavelfeldman
reviewed
May 7, 2026
| npm i /tmp/playwright-core.tar.gz && \ | ||
| npm exec --no -- playwright-core mark-docker-image "${DOCKER_IMAGE_NAME_TEMPLATE}" && \ | ||
| npm exec --no -- playwright-core install --with-deps && rm -rf /var/lib/apt/lists/* && \ | ||
| npm exec --no -- playwright-core install-deps chromium chromium-headless-shell firefox webkit && \ |
Member
There was a problem hiding this comment.
Do not list browsers, install all deps.
Author
|
will act on the reviews later today, thanks for them |
- Remove benchmark workflow (not needed upstream) - Revert setup-buildx-action and docker buildx build in publish pipeline - Revert publish_docker.sh to use ./build.sh + docker tag/push - Use install-deps with no browser args (installs all deps) - Drop explicit chromium-headless-shell and ffmpeg install layers; playwright-core install chromium already installs both
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
2 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Summary
RUNinto per-browser layers (chromium, firefox, webkit, ffmpeg) enabling Docker's parallel layer downloadingdocker build+docker pushtodocker buildx build --pushwith zstd compression (level 19) for ~25% smaller compressed layersdocker buildx imagetools create(registry-side copy, no layer re-upload)docker/setup-buildx-actionto CI (required for buildx + zstd output)Note on zstd compatibility
zstd-compressed layers require Docker 23.0+ (Feb 2023) on the client side. Older Docker versions will fail to pull. If this is a concern for your user base, the layer-splitting alone still provides a significant speedup via parallel downloads, and the zstd change could be dropped or deferred.
Fixes #40701