Docker & KubernetesMulti-stage build tách stage build và stage runtime. Stage build chứa compiler, dev dependencies và artifacts tạm; stage runtime chỉ copy output cần chạy. Kết quả là image nhỏ hơn, ít surface security hơn và deploy nhanh hơn.
Ví dụ:
FROM node:22-alpine AS build
WORKDIR /app
COPY package.json pnpm-lock.yaml ./
RUN corepack enable && pnpm install --frozen-lockfile
COPY . .
RUN pnpm build
FROM node:22-alpine AS runtime
WORKDIR /app
COPY --from=build /app/.next ./.next
COPY --from=build /app/package.json ./package.json
CMD ["node", "server.js"]Không nên ship cả compiler, source test và cache build nếu runtime không cần.
Multi-stage builds separate the build stage from the runtime stage. The build stage contains compilers, dev dependencies and temporary artifacts; the runtime stage copies only what is needed to run. The result is a smaller image, less security surface and faster deploys.
Example:
FROM node:22-alpine AS build
WORKDIR /app
COPY package.json pnpm-lock.yaml ./
RUN corepack enable && pnpm install --frozen-lockfile
COPY . .
RUN pnpm build
FROM node:22-alpine AS runtime
WORKDIR /app
COPY --from=build /app/.next ./.next
COPY --from=build /app/package.json ./package.json
CMD ["node", "server.js"]Do not ship compilers, test source and build cache if the runtime does not need them.