#22050: Speed up docker cold start time by 6.3x.

## Summary | Metric | Baseline | Optimized | Improvement | |---------|-----------|-----------|-------------| | Min | 17,230ms | 2,806ms | 83.7% | | Max | 18,838ms | 2,834ms | 85.0% | | Mean | 17,661ms | 2,819ms | 84.0% | | Median | 17,318ms | 2,821ms | 83.7% | | Success | 5/5 | 5/5 | - | **Problem:** Current docker cold start time until `openclaw` is available is very slow (17+ seconds). **Why it matters:** For containerized (perhaps multi-tenant) deployments of `openclaw`, cold boot time is important. Users can now get `openclaw` docker up and running and ready to serve requests much faster. **What changed:** The primary fixes are to the `jiti` cache, specifically, sidecar containers took 16-17 seconds to start before. The `jiti` cache previously did not work correctly when dockerized, and also we now warm the `jiti` cache when building the dockerfile. `gateway` command is also exposed as a fast route that bypasses Commander (skips building Command program tree). In addition, we make the following small improvements gated via env vars (enabled in Dockerfile). - `OPENCLAW_NO_RESPAWN` : skip process respawn that re-executes node with `--disable-warning=ExperimentalWarning` (saves around 200ms). - `OPENCLAW_DISABLE_BONJOUR` : disable Bonjour / mDNS discovery inside a docker container (serves no purpose in this context). - `OPENCLAW_SKIP_CANVAS_HOST` : skip the canvas host server startup probe. - `NODE_COMPILE_CACHE` : cache v8 bytecode to disk (set `.node-compile-cache` location to use). A benchmark test is added for benchmarking startup time. ## Change Type (select all) - [ ] Bug fix - [ ] Feature - [ ] Refactor - [ ] Docs - [ ] Security hardening - [ ] Chore/infra - [x] Optimization ## Scope (select all touched areas) - [x] Gateway / orchestration - [ ] Skills / tool execution - [ ] Auth / tokens - [ ] Memory / storage - [ ] Integrations - [ ] API / contracts - [ ] UI / DX - [ ] CI/CD / infra ## User-visible / Behavior Changes None. ## Security Impact (required) - New permissions/capabilities? **NO**. - Secrets/tokens handling changed? **NO**. - New/changed network calls? **NO**. - Command/tool execution surface changed? **NO**. - Data access scope changed? **NO**. ## Repro + Verification Use the included benchmark script. ``` bash scripts/bench-docker-cold-start.sh --image openclaw:optimized --runs 5 ``` ### Environment - OS: Ubuntu 25.10 - Runtime/container: Docker. - Model/provider: AMD x86 CPU. ## Evidence Attach at least one: - [ ] Failing test/log before + passing after - [ ] Trace/log snippets - [ ] Screenshot/recording - [x] Perf numbers (if relevant) ``` ✦ ❯ bash scripts/bench-docker-cold-start.sh --image openclaw:baseline --runs 5 === Docker Cold Start Benchmark === Image: openclaw:baseline Runs: 5 Endpoint: / Timeout: 60s Run 1/5 ... 17314ms Run 2/5 ... 17318ms Run 3/5 ... 17230ms Run 4/5 ... 18838ms Run 5/5 ... 17608ms === Results === Min: 17230ms Max: 18838ms Mean: 17661ms Median: 17318ms Success: 5/5 ``` ``` ❯ bash scripts/bench-docker-cold-start.sh --image openclaw:optimized --runs 5 === Docker Cold Start Benchmark === Image: openclaw:optimized Runs: 5 Endpoint: / Timeout: 60s Run 1/5 ... 2806ms Run 2/5 ... 2814ms Run 3/5 ... 2824ms Run 4/5 ... 2821ms Run 5/5 ... 2834ms === Results === Min: 2806ms Max: 2834ms Mean: 2819ms Median: 2821ms Success: 5/5 ``` ## Human Verification (required) ``` ./docker-setup.sh ``` - Paired and sent a few messages in web-ui to verify basic functionality. ## Compatibility / Migration - Backward compatible? **YES**. - Config/env changes? **YES**. - Migration needed? **NO**. ## Failure Recovery (if this breaks) - How to disable/revert this change quickly: Just revert this PR. ## Risks and Mitigations None. <!-- greptile_comment --> <h3>Greptile Summary</h3> Optimizes Docker cold start time by 84% (from ~17s to ~3s) through systematic performance improvements: - **Jiti cache optimization**: Fixes jiti filesystem cache to persist in `node_modules/.cache/jiti` instead of ephemeral `/tmp`, and pre-warms cache during Docker build (eliminates ~16s transpilation overhead) - **Fast-path gateway route**: Adds direct `gateway` command route bypassing Commander.js program tree construction - **Compile cache**: Enables `NODE_COMPILE_CACHE` and pre-warms Node.js v8 bytecode cache during build - **Docker-specific flags**: Skips process respawn (~200ms), disables Bonjour/mDNS discovery (unnecessary in containers), and skips canvas host startup probe via environment variables - **Build fix**: Resolves circular dependency by moving `OWNER_ONLY_TOOL_ERROR` from `tools/common.ts` to `tool-policy.ts` (using `import type` to prevent runtime cycle) - **Benchmark tooling**: Adds comprehensive cold start benchmark script with detailed metrics <h3>Confidence Score: 4/5</h3> - Safe to merge with low risk - well-tested performance optimization with proper fallbacks - Score reflects targeted Docker-specific optimizations with minimal surface area changes. The jiti cache fix resolves a real bug, environment variables are properly gated, and the circular dependency fix is architecturally sound. Comprehensive benchmarking validates the improvements. Minor deduction because the changes span multiple subsystems and introduce new Docker-specific code paths that need monitoring in production. - No files require special attention - all changes are well-structured and properly scoped _{Last reviewed commit: 532b356} <!-- greptile_other_comments_section --> _{(2/5) Greptile learns from your feedback when you react with thumbs up/down!} <!-- /greptile_comment -->