[https://nvbugs/5563653][infra] reduce docker image layers

[ZhanruiSunCh]

Reduce docker image layers to avoid meet error: "Error response from daemon: max depth exceeded"

Summary by CodeRabbit

• Refactor

  • Consolidated Docker build steps by batching script copies and installs into fewer layers.
  • Streamlined cleanup and standardized handling of third-party component installs.

• Chores

  • Simplified wheel/release build stages to reduce complexity and align dependencies.

• Impact

  • Smaller container images, faster build times, and more reliable, consistent builds.

Description

Test Coverage

PR Checklist

Please review the following before submitting your PR:

• PR description clearly explains what and why. If using CodeRabbit's summary, please make sure it makes sense.

• PR Follows TRT-LLM CODING GUIDELINES to the best of your knowledge.

• Test cases are provided for new code paths (see test instructions)

• Any new dependencies have been scanned for license and vulnerabilities

• CODEOWNERS updated if ownership changes

• Documentation updated as needed

• The reviewers assigned automatically/manually are appropriate for the PR.

• Please check this after reviewing the above items as appropriate for this PR.

GitHub Bot Help

/bot [-h] ['run', 'kill', 'skip', 'reuse-pipeline'] ...

Provide a user friendly way for developers to interact with a Jenkins server.

Run /bot [-h|--help] to print this help message.

See details below for each supported subcommand.

run [--reuse-test (optional)pipeline-id --disable-fail-fast --skip-test --stage-list "A10-PyTorch-1, xxx" --gpu-type "A30, H100_PCIe" --test-backend "pytorch, cpp" --add-multi-gpu-test --only-multi-gpu-test --disable-multi-gpu-test --post-merge --extra-stage "H100_PCIe-TensorRT-Post-Merge-1, xxx" --detailed-log --debug(experimental)]

Launch build/test pipelines. All previously running jobs will be killed.

--reuse-test (optional)pipeline-id (OPTIONAL) : Allow the new pipeline to reuse build artifacts and skip successful test stages from a specified pipeline or the last pipeline if no pipeline-id is indicated. If the Git commit ID has changed, this option will be always ignored. The DEFAULT behavior of the bot is to reuse build artifacts and successful test results from the last pipeline.

--disable-reuse-test (OPTIONAL) : Explicitly prevent the pipeline from reusing build artifacts and skipping successful test stages from a previous pipeline. Ensure that all builds and tests are run regardless of previous successes.

--disable-fail-fast (OPTIONAL) : Disable fail fast on build/tests/infra failures.

--skip-test (OPTIONAL) : Skip all test stages, but still run build stages, package stages and sanity check stages. Note: Does NOT update GitHub check status.

--stage-list "A10-PyTorch-1, xxx" (OPTIONAL) : Only run the specified test stages. Examples: "A10-PyTorch-1, xxx". Note: Does NOT update GitHub check status.

--gpu-type "A30, H100_PCIe" (OPTIONAL) : Only run the test stages on the specified GPU types. Examples: "A30, H100_PCIe". Note: Does NOT update GitHub check status.

--test-backend "pytorch, cpp" (OPTIONAL) : Skip test stages which don't match the specified backends. Only support [pytorch, cpp, tensorrt, triton]. Examples: "pytorch, cpp" (does not run test stages with tensorrt or triton backend). Note: Does NOT update GitHub pipeline status.

--only-multi-gpu-test (OPTIONAL) : Only run the multi-GPU tests. Note: Does NOT update GitHub check status.

--disable-multi-gpu-test (OPTIONAL) : Disable the multi-GPU tests. Note: Does NOT update GitHub check status.

--add-multi-gpu-test (OPTIONAL) : Force run the multi-GPU tests in addition to running L0 pre-merge pipeline.

--post-merge (OPTIONAL) : Run the L0 post-merge pipeline instead of the ordinary L0 pre-merge pipeline.

--extra-stage "H100_PCIe-TensorRT-Post-Merge-1, xxx" (OPTIONAL) : Run the ordinary L0 pre-merge pipeline and specified test stages. Examples: --extra-stage "H100_PCIe-TensorRT-Post-Merge-1, xxx".

--detailed-log (OPTIONAL) : Enable flushing out all logs to the Jenkins console. This will significantly increase the log volume and may slow down the job.

--debug (OPTIONAL) : Experimental feature. Enable access to the CI container for debugging purpose. Note: Specify exactly one stage in the stage-list parameter to access the appropriate container environment. Note: Does NOT update GitHub check status.

For guidance on mapping tests to stage names, see docs/source/reference/ci-overview.md
and the scripts/test_to_stage_mapping.py helper.

kill

kill

Kill all running builds associated with pull request.

skip

skip --comment COMMENT

Skip testing for latest commit on pull request. --comment "Reason for skipping build/test" is required. IMPORTANT NOTE: This is dangerous since lack of user care and validation can cause top of tree to break.

reuse-pipeline

reuse-pipeline

Reuse a previous pipeline to validate current commit. This action will also kill all currently running builds associated with the pull request. IMPORTANT NOTE: This is dangerous since lack of user care and validation can cause top of tree to break.

[ZhanruiSunCh]

/bot run --stage-list "Build-Docker-Images"

[coderabbitai]

📝 Walkthrough

Walkthrough

Consolidates multiple COPY and cleanup steps in docker/Dockerfile.multi into fewer batched COPY operations and a single install invocation per group. Adjusts script ordering/grouping, adds broader docker directory COPY into the wheel stage, and includes additional script/requirements copies in later stages.

Changes

Cohort / File(s)	Summary
Dockerfile COPY/Install Consolidation docker/Dockerfile.multi	Replaced numerous per-script COPY and rm lines with grouped COPYs and single install invocations; batched Triton-related scripts (install_triton.sh, UCX, etc.); added top-level COPY of docker/ into wheel stage; included extra copies (gitmodules, setup, requirements) in wheel/release stages; adjusted installation ordering implicitly by batching.

Sequence Diagram(s)

sequenceDiagram
  autonumber
  participant Builder as Docker Build
  participant Base as Base Stage
  participant Deps as Deps/Tools Stage
  participant Triton as Triton Stage
  participant Wheel as Wheel Stage
  participant Release as Release Stage

  Builder->>Base: COPY batched scripts
  Note right of Base: Multiple scripts copied in one layer
  Base->>Base: Run grouped install.sh

  Builder->>Deps: COPY batched setup scripts
  Deps->>Deps: Single install invocation

  Builder->>Triton: COPY triton/ucx scripts (batched)
  Triton->>Triton: install_triton.sh (single run)

  Builder->>Wheel: COPY docker/ directory (broad)
  Builder->>Wheel: COPY gitmodules, setup, requirements (batched)
  Wheel->>Wheel: Build wheels

  Builder->>Release: COPY artifacts and scripts (batched)
  Release->>Release: Finalize image

Loading

Estimated code review effort

🎯 3 (Moderate) | ⏱️ ~20 minutes

Pre-merge checks and finishing touches

❌ Failed checks (1 warning)

Check name	Status	Explanation	Resolution
Description Check	⚠️ Warning	The pull request description consists primarily of unedited template placeholders and a one-line summary, but it lacks a properly formatted title, a filled Description section, Test Coverage details, and PR Checklist completion as required by the repository template.	Please update the PR to include a title in the “[ticket][type] Summary” format, complete the Description section with a brief explanation of the issue and solution, list relevant tests under Test Coverage, and address the PR Checklist items.

✅ Passed checks (2 passed)

Check name	Status	Explanation
Title Check	✅ Passed	The pull request title uses the NVBugs link and the [infra] type and succinctly describes the primary change of reducing Docker image layers, which aligns directly with the batching of COPY commands introduced in the Dockerfile.multi.
Docstring Coverage	✅ Passed	No functions found in the changes. Docstring coverage check skipped.

✨ Finishing touches

• 📝 Generate docstrings

🧪 Generate unit tests (beta)

• Create PR with unit tests
• Post copyable unit tests in a comment

---

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

• X
• Mastodon
• Reddit
• LinkedIn

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

[coderabbitai]

Actionable comments posted: 1

📜 Review details

Configuration used: Path: .coderabbit.yaml

Review profile: CHILL

Plan: Pro

📥 Commits

Reviewing files that changed from the base of the PR and between ea640a1 and d0a2c8c.

📒 Files selected for processing (1)

• docker/Dockerfile.multi (2 hunks)

🧰 Additional context used

🧠 Learnings (2)

📓 Common learnings

Learnt from: dbari
PR: NVIDIA/TensorRT-LLM#7095
File: docker/Dockerfile.multi:168-168
Timestamp: 2025-08-20T15:04:42.885Z
Learning: In docker/Dockerfile.multi, wildcard COPY for benchmarks (${CPP_BUILD_DIR}/benchmarks/*Benchmark) is intentionally used instead of directory copy because the benchmarks directory contains various other build artifacts during C++ builds, and only specific benchmark executables should be copied to the final image.

📚 Learning: 2025-08-20T15:04:42.885Z

Learnt from: dbari
PR: NVIDIA/TensorRT-LLM#7095
File: docker/Dockerfile.multi:168-168
Timestamp: 2025-08-20T15:04:42.885Z
Learning: In docker/Dockerfile.multi, wildcard COPY for benchmarks (${CPP_BUILD_DIR}/benchmarks/*Benchmark) is intentionally used instead of directory copy because the benchmarks directory contains various other build artifacts during C++ builds, and only specific benchmark executables should be copied to the final image.

Applied to files:

• docker/Dockerfile.multi

⏰ Context from checks skipped due to timeout of 90000ms. You can increase the timeout in your CodeRabbit configuration to a maximum of 15 minutes (900000ms). (1)

• GitHub Check: Pre-commit Check

[coderabbitai]

⚠️ Potential issue | 🔴 Critical

Restore opencv/protobuf helper scripts
Line 74 still runs install.sh --opencv / --protobuf, and those code paths execute ./install_opencv.sh and ./install_protobuf.sh. With the batched COPY we no longer stage those helpers, so the build now fails at runtime (./install_opencv.sh: No such file or directory). Please add them back into the COPY list before this lands.

 COPY docker/common/install_polygraphy.sh \
      docker/common/install_mpi4py.sh \
      docker/common/install_pytorch.sh \
+     docker/common/install_opencv.sh \
+     docker/common/install_protobuf.sh \
      ./

📝 Committable suggestion

‼️ IMPORTANT
Carefully review the code before committing. Ensure that it accurately replaces the highlighted code, contains no missing lines, and has no issues with indentation. Thoroughly test & benchmark the code to ensure it meets the requirements.

Suggested change

	# Copy all installation scripts at once to reduce layers
	COPY docker/common/install.sh \
	docker/common/install_base.sh \
	docker/common/install_cmake.sh \
	docker/common/install_ccache.sh \
	docker/common/install_cuda_toolkit.sh \
	docker/common/install_tensorrt.sh \
	docker/common/install_polygraphy.sh \
	docker/common/install_mpi4py.sh \
	docker/common/install_pytorch.sh \
	./
	# Copy all installation scripts at once to reduce layers
	COPY docker/common/install.sh \
	docker/common/install_base.sh \
	docker/common/install_cmake.sh \
	docker/common/install_ccache.sh \
	docker/common/install_cuda_toolkit.sh \
	docker/common/install_tensorrt.sh \
	docker/common/install_polygraphy.sh \
	docker/common/install_mpi4py.sh \
	docker/common/install_pytorch.sh \
	docker/common/install_opencv.sh \
	docker/common/install_protobuf.sh \
	./

🤖 Prompt for AI Agents

In docker/Dockerfile.multi around lines 33 to 43, the batched COPY removed
helper scripts needed by install.sh when invoked with --opencv or --protobuf,
causing runtime failures like "./install_opencv.sh: No such file or directory";
update the COPY list to also include docker/common/install_opencv.sh and
docker/common/install_protobuf.sh so those helper scripts are staged into the
image alongside the other install_*.sh files, ensuring the --opencv/--protobuf
code paths can call the helper scripts successfully.

[tensorrt-cicd]

PR_Github #20947 [ run ] triggered by Bot

[ZhanruiSunCh]

/bot run --stage-list "Build-Docker-Images"

[tensorrt-cicd]

PR_Github #20972 [ run ] triggered by Bot

[tensorrt-cicd]

PR_Github #20947 [ run ] completed with state ABORTED
LLM/release-1.1/L0_MergeRequest_PR #58 (Blue Ocean) completed with status: ABORTED

[ZhanruiSunCh]

/bot run

[tensorrt-cicd]

PR_Github #21006 [ run ] triggered by Bot

[tensorrt-cicd]

PR_Github #20972 [ run ] completed with state ABORTED
LLM/release-1.1/L0_MergeRequest_PR #66 (Blue Ocean) completed with status: ABORTED

[tensorrt-cicd]

PR_Github #21006 [ run ] completed with state SUCCESS
/LLM/release-1.1/L0_MergeRequest_PR pipeline #75 completed with status: 'FAILURE'