How to speed up infrastructure startups by early Bake Docker mirroring

This article describes how to preheat Docker mirroring to reduce infrastructure startup time, such as using the Ansible tool, deleting key.json files and Docker PID files, and so on.

I outlined the way to speed up the AWS infrastructure startup. The method described in this article can be further reduced by about 50% of the time, that is, pre-bake (pre-bake) required services before running the application.

Our micro service application is hosted on a Docker container and can be pulled from a Docker repository or a private warehouse. Unlike the use of bash scripts on Ubuntu servers for installation and configuration, the independent Docker images corresponding to each application can be copied separately to the desired instance. This means that instances can be added quickly when handling large loads, and if this approach works, it is worth promoting application in the organization.

The first thing the user experience is the presentation process, showing how the application creates an environment for the team's Github branch. We created a separate image for the application demo in EC2 AMI. In this way, we only start the Docker container for the user who needs to run the application.

Extensible IT automation tools Ansible can do most of the work. We use it to run a variety of simple tasks, such as updating the server host file, generate a certificate, pull the required Docker image. For example, we can run the specified command and use the specified variable in the Ansible YAML settings file. In the bake mirror, Ansible pull Docker mirror method is as follows:

  - name: pulling docker images 
Becomes: true
Command: docker pull {{item}}
With_items:
- "registry.runnable.com/runnable/image-builder: {{IMAGE_BUILDER_VERSION}}"
- "swarm: {{SWARM_VERSION}}"
- "google / cadvisor: {{CADVISOR_VERSION}}"

Taking into account the bake to EC2 mirror things must be unique, otherwise if each mirror has the same logo file, there is no way to distinguish. To install Docker to AMI and bake the container to AMI, we need to remove the Docker key.json file and the Docker pid file. Docker will also generate these files at the next boot, so it does not matter.

Instances must be linked to the user so that we can assist their application and determine the amount of resources they use. In order to make the instance more personalized after the deployment, we will Amazon Amazon SSM proxy bake to the mirror, so that you can achieve the first time to interact with the instance. The faster the allocation and configuration of instances for users, the faster the internal DNS and routing configuration allows application access.

For the pre-bake Docker mirror to Amazon AMI this practice, although the current reason to support it is still relatively limited, but still worthy of promotion to almost all of the architecture. In particular, Runnable, an instance of this can correspond to a variety of applications, databases and services, as long as you know what kind of deployment needs, you can use the above method. You can use multiple AMIs to fill all roles, or only one instance with multiple Docker mirrors that are not running and no resources are consumed. This approach is very helpful for the expansion of highly available infrastructure and can be shortened to a few seconds.

Need to run what to bake what, this approach is very simple to understand. Due to the duplication of the problem, we can not do pre-emptive preparation of the certificate and the specified configuration, but these are not counting the small process of waiting time. Network transfers, and possibly disk I / O, typically take more time in the process of creating and starting new Docker containers, so reducing this time consumption can significantly increase startup speed. In addition, these considerations are not specific to specific products. Creating a pre-bake AMI This approach saves time waiting for any team to create new instances.

Source: How We Pre-Bake Docker Images to Reduce Infrastructure Spin-Up Time (Translation: Ma Yuanzheng)

Heads up! This alert needs your attention, but it's not super important.