In typical scenarios where you run a container by using an image, you must download and decompress the package of the image. To start the container, all the resources of the image must be loaded. This usually takes a long time. However, you can reduce the start time by loading only essential resources to start the container. You can use Container Registry Enterprise Edition to deploy an accelerated version of the container image in your business. The accelerated version loads only the essential resource. You can decompress the image package online without the need to download the image package. This accelerates the distribution of application artifacts and provides high elasticity. This topic describes how to load resources of a container image on demand.

Prerequisites

  • A Container Service for Kubernetes (ACK) cluster is created. For more information, see Create a managed kubernetes cluster.
    Note Accelerated images can be used only in managed and dedicated clusters whose version is 1.16.9 or later. When you create clusters, set the Container Runtime parameter to Docker 19.03.5. In addition, select Aliyun Linux 2.1903 or CentOS 7.7 as the operating system.
  • A Container Registry Enterprise Edition instance is created. For more information, see Create a Container Registry Enterprise Edition instance.
  • The ACK cluster and the Container Registry Enterprise Edition instance are deployed in the same virtual private cloud (VPC). Accelerated images must be used in VPCs. For more information, see Configure access over VPCs.

Background information

You can use Container Registry Enterprise Edition to deploy an accelerated version of the container image in your business. The accelerated version loads only the essential resource. You can decompress the image package online without the need to download the image package. This accelerates the distribution of application artifacts and provides high elasticity. Image acceleration depends on factors such as the image size and the network of image repository. In the actual test, the application takes 36s to start based on the NodeBB image (1.34 GB) of Docker Hub during the image pull. In total, the application takes 38s to start. The application takes 4s to start during the image pull based on image acceleration. In total, the application takes 9s to start.

Enable image acceleration

You can enable image acceleration for a repository. This way, each image pushed to the repository is automatically converted to an accelerated image. The time required to convert an original image to an accelerated image depends on the size of the original image. The conversion does not affect the original image.
Note The accelerated image resides in the same namespace and repository as the original image. The tag of the accelerated image is the same as the original image, but is suffixed by _accelerated.
  1. Log on to the Container Registry console.
  2. In the top navigation bar, select a region.
  3. In the left-side navigation pane, choose Enterprise Instances > Instances.
  4. On the Instance page, click the name of the Container Registry Enterprise Edition instance or click Manage in the Actions column for the instance.
  5. On the management page of the instance, choose Repositories > Repositories in the left-side navigation pane.
  6. On the page that appears, find the repository for which you want to enable image acceleration. Click the name of the repository or click Manage in the Actions column.
  7. On the Details page, click Modify Settings in the upper-right corner.
  8. In the Modify Settings dialog box, select Enable for the Accelerated Image parameter and click Ok.
    After you enable image acceleration for the repository, each image that you push to the repository is automatically converted to an accelerated image. If you want to be notified every time an image is converted to an accelerated image, you can configure an expression-based webhook for the repository. For example, the expression can be _accelerated$. For more information, see Webhook management.

Install the aliyun-acr-acceleration-suite component

To start a container that is created by using an accelerated image, you must install the aliyun-acr-acceleration-suite component on the worker nodes in the ACK cluster.

  1. Add image acceleration labels to nodes.
    When you create worker nodes, you can add the alibabacloud.com/image-accelerate-enabled: true image acceleration label to enable image acceleration when nodes are initialized. After the image acceleration label is configured, the image storage plug-in is automatically installed when nodes are initialized.
    Note Accelerated containers must be run on accelerated nodes. Accelerated nodes support both common containers and accelerated containers.
    • Add image acceleration labels when you create the cluster.

      You can set the Label to alibabacloud.com/image-accelerate-enabled: true when you create a cluster. For more information, see Create a managed kubernetes cluster.

    • Add image acceleration labels when nodes are scaled out.
      You can set Node Label to alibabacloud.com/image-accelerate-enabled: true when you scale out nodes. For more information, see Scale out a node pool.
      Note You can create a separate node pool to manage the nodes that have accelerate images.
    • Add image acceleration labels when existing nodes are added.

      You can set Label to alibabacloud.com/image-accelerate-enabled: true when you add existing nodes. For more information, see Add existing ECS instances to an ACK cluster.

  2. Install the aliyun-acr-acceleration-suite component.
    1. Log on to the ACK console.
    2. In the left-side navigation pane, click Clusters.
    3. In the left-side navigation pane, click Clusters. On the Clusters page, find the cluster that you want to manage, and choose More > Manage System Components in the Actions column.
    4. On the Optional Add-ons page, find the optional component aliyun-acr-acceleration-suite and click Install.
    5. In the Note message, click OK.
      On the management page of the cluster, click Workload in the left-side navigation pane. On the page that appears, click the DaemonSets tab. On the DaemonSets tab, find the DaemonSet of the aliyun-acr-acceleration-suite component and check the number of available pods in the Pods column. If all the pods are available, the installation of the component is complete.

Uninstall the aliyun-acr-acceleration-suite component

Note Before you uninstall the aliyun-acr-acceleration-suite component, make sure that no container that is created by using an accelerated image is running.
  1. Log on to the ACK console.
  2. On the Clusters page, click the name of a cluster or click Details in the Actions column. The details page of the cluster appears.
  3. In the left-side navigation pane, choose Operations > Add-ons.
  4. On the Add-ons page, find the optional component aliyun-acr-acceleration-suite and click Uninstall.
  5. In the Note message, click OK.

Deploy an accelerated image

  1. Configure access to the repository where the accelerated image resides.
    • Configure access to the repository by using the aliyun-acr-credential-helper component.
      • If the aliyun-acr-credential-helper component is configured for the ACK cluster, you can skip this step.
      • If the aliyun-acr-credential-helper component is not configured for the ACK cluster, you can configure the component for the cluster. For more information, see Use aliyun-acr-credential-helper to pull images without a password.
    • Create a Secret on the command line.
      Run the following command to create a Secret whose type is kubernetes.io/dockerconfigjson and whose name starts with acr-credential-.
      kubectl create secret docker-registry acr-credential-test --docker-server=RegistryVpcDomain --docker-username=UserName --docker-password=Password
  2. Add image acceleration labels to namespaces.
    • Add image acceleration labels by using the console.
      1. Log on to the ACK console.
      2. In the left-side navigation pane, click Clusters.
      3. On the Clusters page, find the cluster that you want to manage, and click the cluster name or click Details in the Actions column. The Cluster Information page appears.
      4. In the left-side navigation pane of the cluster management page, click Namespaces.
      5. On the Namespaces page, find the required namespace and click Edit in the Actions column.
      6. In the Label section of the Edit Namespace dialog box, set Variable Key to alibabacloud.com/image-accelerate-enabled and Variable Value to true, and click OK.
    • Add image acceleration labels by using command lines.
      kubectl label namespaces default alibabacloud.com/image-accelerate-enabled=true
    Assume that the image is converted to an accelerated image after you configure the image acceleration label. When you create or update a pod in the namespace, the acceleration component automatically replaces the address of the original image of the pod with the address of the accelerated image, adds nodeSelector, and then schedules the pod to the accelerated nodes.