Sometimes when building Docker images it's necessary to use apt-get. For example, an image for running Magento might start something like this

FROM php:5.4-apache
RUN apt-get -qqy update \
 && apt-get -qqy install git \
                         libmcrypt-dev \
                         libpng12-dev \
                         libxml2-dev \
                         libxslt-dev \
 && docker-php-ext-install bcmath \
                           gd \
                           mcrypt \
                           mysql \
                           soap \
                           xsl \
                           zip

But now I have all the junk brought in by those apt-get commands. Worse, I'm not even sure what I can afford to delete, because presumably the php libs are dynamically linked.

I'm thinking along lines such as

1. Is there a way to statically link the php libs in docker-php-ext-install so I can nuke all the apt-get stuff?
2. How can I remove the data left by apt-get update?

but those are really just X-Y questions. My actual question is just

How can I build smaller Docker images without entirely trading away the ease-of-use and maintainability of using apt-get in the Dockerfile?

You can get rid of some stuff some stuff by running rm -rf /var/lib/apt/lists/* e.g.

RUN apt-get update \
    && apt-get install -y MY_PACKAGE \
    && rm -rf /var/lib/apt/lists/*

Remember that you will need to run this in the same line as the apt-get update for it to be effective.

Where you looking for This approach? https://www.ianlewis.org/en/creating-smaller-docker-images

ENV REDIS_VERSION 3.0.5
ENV REDIS_DOWNLOAD_URL http://download.redis.io/releases/redis-3.0.5.tar.gz
ENV REDIS_DOWNLOAD_SHA1 ad3ee178c42bfcfd310c72bbddffbbe35db9b4a6

# for redis-sentinel see: http://redis.io/topics/sentinel
RUN buildDeps='gcc libc6-dev make' \
    && set -x \
    && apt-get update && apt-get install -y $buildDeps --no-install-recommends \
    && rm -rf /var/lib/apt/lists/* \
    && mkdir -p /usr/src/redis \
    && curl -sSL "$REDIS_DOWNLOAD_URL" -o redis.tar.gz \
    && echo "$REDIS_DOWNLOAD_SHA1 *redis.tar.gz" | sha1sum -c - \
    && tar -xzf redis.tar.gz -C /usr/src/redis --strip-components=1 \
    && rm redis.tar.gz \
    && make -C /usr/src/redis \
    && make -C /usr/src/redis install \
    && rm -r /usr/src/redis \
    && apt-get purge -y --auto-remove $buildDeps

Specifically you uninstall unneeded packages in the same layer