All Products
Search
Document Center

Container Service for Kubernetes:Custom images for scaling optimization

Last Updated:Jun 18, 2026

Build custom OS images with Alicloud Image Builder to speed up node provisioning in ACK node pools.

Prerequisites

Why use custom images for scaling

ACK node pools support auto scaling with built-in OS images, such as Alibaba Cloud Linux and CentOS, that cover most use cases. For scenarios that require pre-installed software or high-performance configurations, use Alicloud Image Builder to build custom OS images.

Submit the image build task to the cluster as a Job or CronJob.

Build a custom image with an ACK Job

The following examples use a ConfigMap named build-config and a Job named build.

Step 1: Configure build parameters

Create a ConfigMap named build-config to configure the image build parameters.

  1. Create a file named build-config.yaml with the following YAML content.

    View details

    apiVersion: v1
    kind: ConfigMap
    metadata:
      name: build-config
    data:
      ack.json: |-
    
        {
          "variables": {
            "image_name": "ack-optimized_image-1.30-{{timestamp}}",
            "source_image": <source_image>,
            "instance_type": <instance_type>,
            "region": "{{env `ALICLOUD_REGION`}}",
            "access_key": "{{env `ALICLOUD_ACCESS_KEY`}}",
            "secret_key": "{{env `ALICLOUD_SECRET_KEY`}}"
          },
          "builders": [
            {
              "type": "alicloud-ecs",
              "system_disk_mapping": {    
                        "disk_size": 120
                        },   # Specifies the system disk size for the image in GB. The default is 40 GB.
              "access_key": "{{user `access_key`}}",
              "secret_key": "{{user `secret_key`}}",
              "region": "{{user `region`}}",
              "image_name": "{{user `image_name`}}",
              "source_image": "{{user `source_image`}}",
              "ssh_username": "root",
              "vpc_id": "",  # If you do not specify vpc_id, the process creates a temporary virtual private cloud (VPC) and automatically deletes it after completion.
              "vswitch_id": "",  # If you do not specify vswitch_id, the process creates a temporary vSwitch and automatically deletes it after completion.
              "security_group_id": "",   # If you do not specify security_group_id, the process creates a temporary security group and automatically deletes it after completion.
              "instance_type": "{{user `instance_type`}}",
              "skip_image_validation": "true",
              "io_optimized": "true"
            }
          ],
          "provisioners": [{
           "type": "file",
           "source": "scripts/ack-optimized-os-all.sh",    # Applies only to Alibaba Cloud Linux 2 images.
           "destination": "/root/"
            },
            {
           "type": "shell",
           "inline": [
             "export RUNTIME=containerd",    # Specify the container runtime.
             "export RUNTIME_VERSION=1.6.28",
             "export SKIP_SECURITY_FIX=true",
             "export KUBE_VERSION=1.30.1-aliyun.1",
             "export OS_ARCH=amd64",    # Specify amd64 or arm64 based on your requirements.
             "bash /root/ack-optimized-os-all.sh"
          ]
          }]
        }

    The following tables list the YAML parameters.

    Table 1. Parameters in the Alicloud Image Builder configuration file

    Parameter

    Example

    Description

    variables{"<variable1>":"<value>"}

    variables{"access_key":"{{env ALICLOUD_ACCESS_KEY}}"}

    The variables for Alicloud Image Builder.

    Note

    Hard-coding sensitive information such as access_key and secret_key in the configuration file poses a security risk. Define them as variables that receive values at runtime.

    builders{"type":"<value>"}

    builders{"type":"alicloud-ecs"}

    The image builder (builders). When type is alicloud-ecs, a temporary ECS instance is created to build the image and released afterward.

    provisioners{"type":"<value>"}

    provisioners{"type":"shell"}

    The image provisioner (provisioners) that defines operations on the temporary instance. When type is shell, a shell script runs automatically on the instance. For example, yum install redis.x86_64 -y installs Redis.

    See Provisioner configuration.

    Table 2. Image build parameters

    Parameter

    Example

    Description

    Required

    access_key

    yourAccessKeyID

    The AccessKey pair ID. See Obtain an AccessKey pair.

    Yes

    secret_key

    yourAccessKeySecret

    The AccessKey pair secret.

    Yes

    region

    cn-beijing

    The custom image region.

    Yes

    image_name

    ack-custom_image

    The custom image name. Must be unique across existing images.

    Yes

    source_image

    aliyun_2_1903_x64_20G_alibase_20200904.vhd

    The Alibaba Cloud public image ID with the matching OS. See OS images supported by ACK.

    Yes

    instance_type

    ecs.c6.xlarge

    The ECS instance type for the temporary build instance. Specify a GPU-accelerated type for GPU images.

    Yes

    RUNTIME

    containerd

    The container runtime. Valid values: docker and containerd.

    Yes

    RUNTIME_VERSION

    1.6.28

    • If the container runtime is docker, the default RUNTIME_VERSION is 19.03.15.

    • If the container runtime is containerd, the default RUNTIME_VERSION is 1.6.20.

    Yes

    SKIP_SECURITY_FIX

    true

    Specifies whether to skip security updates.

    Yes

    KUBE_VERSION

    1.30.1-aliyun.1

    The cluster version.

    Yes

    PRESET_GPU

    true

    Specifies whether to pre-install the GPU driver to accelerate startup.

    No

    NVIDIA_DRIVER_VERSION

    460.91.03

    The GPU driver version to pre-install. Default value: 460.91.03.

    No

    OS_ARCH

    amd64

    The CPU architecture. Valid values: amd64 and arm64.

    Yes

    MOUNT_RUNTIME_DATADISK

    true

    Set to true if the custom image has cached application images and a data disk needs to be mounted to the ECS instance during use.

    No

    Important
    • Before assigning a custom image to a node pool, ensure the node pool configuration (cluster version, region, container runtime, GPU instance type) matches the image build settings. Otherwise, the node cannot join the cluster.

    • To validate, add the image to a regular node pool with matching parameters and verify your workloads run as expected.

  2. Deploy Alicloud Image Builder to the cluster:

    kubectl apply -f build-config.yaml

Step 2: Create a build Job

  1. Grant the required permissions to the AccessKey pair with the following policy.

    View details

    {
      "Version": "1",
      "Statement": [
        {
          "Action": [
            "ecs:DeleteInstance",
            "ecs:StartInstance",
            "ecs:StopInstance",
            "ecs:DescribeInstances"
          ],
          "Resource": "*",
          "Effect": "Allow"
        },
        {
          "Action": [
            "ecs:CreateInstance",
            "ecs:DescribeImages",
            "ecs:CreateImage",
            "ecs:ModifyImageSharePermission",
            "ecs:CreateKeyPair",
            "ecs:DeleteKeyPairs",
            "ecs:DetachKeyPair",
            "ecs:AttachKeyPair",
            "ecs:CreateSecurityGroup",
            "ecs:DeleteSecurityGroup",
            "ecs:AuthorizeSecurityGroupEgress",
            "ecs:AuthorizeSecurityGroup",
            "ecs:CreateSnapshot",
            "ecs:AttachDisk",
            "ecs:DetachDisk",
            "ecs:DescribeDisks",
            "ecs:CreateDisk",
            "ecs:DeleteDisk",
            "ecs:CreateNetworkInterface",
            "ecs:DescribeNetworkInterfaces",
            "ecs:AttachNetworkInterface",
            "ecs:DetachNetworkInterface",
            "ecs:DeleteNetworkInterface",
            "ecs:DescribeInstanceAttribute"
          ],
          "Resource": "*",
          "Effect": "Allow"
        },
        {
          "Action": [
            "vpc:DescribeVpcs",
            "vpc:DescribeVSwitches",
            "vpc:AllocateEipAddress",
            "vpc:AssociateEipAddress",
            "vpc:UnassociateEipAddress",
            "vpc:DescribeEipAddresses",
            "vpc:ReleaseEipAddress",
            "vpc:CreateVpc",
            "vpc:DeleteVpc",
            "vpc:DescribeVpcs",
            "vpc:CreateVSwitch",
            "vpc:DeleteVSwitch",
            "vpc:DescribeVSwitches",
            "vpc:CreateRouteTable",
            "vpc:DeleteRouteTable",
            "vpc:DescribeRouteTables",
            "vpc:CreateNatGateway",
            "vpc:DeleteNatGateway",
            "vpc:DescribeNatGateways",
            "vpc:CreateSnatEntry",
            "vpc:DeleteSnatEntry",
            "vpc:DescribeSnatTableEntries"
          ],
          "Resource": "*",
          "Effect": "Allow"
        }
      ]
    }
  2. Generate Base64-encoded strings for your AccessKey pair:

    echo -n "yourAccessKeyID" | base64
    echo -n "yourAccessKeySecret" | base64
  3. Create a Secret named my-secret with the following YAML.

    apiVersion: v1
    kind: Secret
    metadata:
      name: my-secret
      namespace: default
    type: Opaque
    data:
      ALICLOUD_ACCESS_KEY: TFRI**************** # The Base64-encoded string from the previous step.
      ALICLOUD_SECRET_KEY: a0zY****************
  4. Create a file named build.yaml with the following YAML content.

    The Job creates a temporary ECS instance from the source_image, runs the provisioners scripts, then creates a custom image and pushes it to the specified region.

    View details

    apiVersion: batch/v1
    kind: Job
    metadata:
      name: image-builder
      namespace: default
    spec:
      template:
        metadata:
          name: image-builder
        spec:
          containers:
            - name: image-builder
              image: "registry-cn-hangzhou.ack.aliyuncs.com/acs/image-builder:v3.3"
              imagePullPolicy: Always
              env:
                - name: ALICLOUD_ACCESS_KEY
                  valueFrom:
                    secretKeyRef:
                      name: my-secret
                      key: ALICLOUD_ACCESS_KEY
                - name: ALICLOUD_SECRET_KEY
                  valueFrom:
                    secretKeyRef:
                      name: my-secret
                      key: ALICLOUD_SECRET_KEY
                - name: ALICLOUD_REGION
                  value: cn-hangzhou
              command: ["packer"] 
              args: ["build", "/config/ack.json"]
              volumeMounts:
                - name: config
                  mountPath: /config
          volumes:
            - name: config
              configMap:
                name: build-config
                items:
                  - key: ack.json
                    path: ack.json
          restartPolicy: Never
  5. Deploy the Job to start the image build.

    kubectl apply -f build.yaml

Step 3: (Optional) View build logs

The build process generates logs that record steps such as parameter validation, temporary resource creation, software pre-installation, and cleanup.

  1. Log on to the ACK console. In the left navigation pane, click Clusters.

  2. On the Clusters page, click the name of your cluster. In the left navigation pane, click Workloads > Jobs.

  3. In the Jobs list, find the Job that you created. In the Actions column, click Details, then click the Logs tab to view the build logs.

Provisioner configuration

A provisioner installs and configures software on a running machine before capturing it as an OS image. Typical use cases:

  • Install software packages.

  • Patch the kernel.

  • Create users.

  • Download application code.

  • Build a custom Alibaba Cloud Linux 3 image.

Run shell scripts

  "provisioners": [{
      "type": "shell",
      "script": "script.sh"
  }]

Run Ansible playbooks

  "provisioners": [
    {
    "type": "ansible",
    "playbook_file": "./playbook.yml"
    }
  ]

Install CPFS client

CPFS client installation requires many packages and on-the-fly compilation, which can be slow. A custom image reduces installation cost at scale.

View details

    {
      "variables": {
        "region": "{{env `ALICLOUD_REGION`}}",
        "image_name": "ack-custom_image",
        "source_image": "centos_7_04_64_20G_alibase_201701015.vhd",
        "access_key": "{{env `ALICLOUD_ACCESS_KEY`}}",
        "instance_type": "ecs.c6.xlarge",
        "secret_key": "{{env `ALICLOUD_SECRET_KEY`}}"
      },
    "builders": [
        {
          "type": "alicloud-ecs",
          "access_key": "{{user `access_key`}}",
          "secret_key": "{{user `secret_key`}}",
          "region": "{{user `region`}}",
          "image_name": "{{user `image_name`}}",
          "source_image": "{{user `source_image`}}",
          "ssh_username": "root",
          "instance_type": "{{user `instance_type`}}",
          "skip_image_validation": "true",
          "io_optimized": "true"
        }
      ],
   "provisioners": [{
        "type": "shell",
        "inline": [
            "cd $HOME",
            "wget https://cpfs-client.oss-cn-beijing.aliyuncs.com/kernel/kernel-devel-`uname -r`.rpm",
            "rpm -ivh --replacefiles kernel-devel-`uname -r`.rpm"
        ]
      }
    ]
  }

Build a custom image for Arm architecture

View details

{
      "variables": {
        "region": "{{env `ALICLOUD_REGION`}}",
        "image_name": "ack-custom_image",
        "source_image": "aliyun_3_arm64_20G_alibase_20240528.vhd",
        "instance_type": "ecs.r8y.xlarge",   # Specify an instance type for the Arm architecture.
        "access_key": "{{env `ALICLOUD_ACCESS_KEY`}}",
        "secret_key": "{{env `ALICLOUD_SECRET_KEY`}}"
      },
    "builders": [
        {
          "type": "alicloud-ecs",
          "access_key": "{{user `access_key`}}",
          "secret_key": "{{user `secret_key`}}",
          "region": "{{user `region`}}",
          "image_name": "{{user `image_name`}}",
          "source_image": "{{user `source_image`}}",
          "instance_type": "{{user `instance_type`}}",
          "ssh_username": "root",
          "skip_image_validation": "true",
          "io_optimized": "true"
        }
      ],
   "provisioners": [
        {
            "type": "file",
            "source": "scripts/ack-optimized-os-linux3-all.sh",
            "destination": "/root/"
        },
        {
            "type": "shell",
            "inline": [
                "export RUNTIME=containerd",
                "export RUNTIME_VERSION=2.1.6",
                "export SKIP_SECURITY_FIX=true",
                "export KUBE_VERSION=1.28.9-aliyun.1",
                "export OS_ARCH=arm64",
                "bash /root/ack-optimized-os-linux3-all.sh"
            ]
        }
      ]
    }

Build a GPU node OS image

Important

Custom GPU images and custom CPU images cannot be used together.

View details

{
      "variables": {
        "region": "{{env `ALICLOUD_REGION`}}",
        "image_name": "ack-custom_image",
        "source_image": "aliyun_2_1903_x64_20G_alibase_20221102.vhd",
        "instance_type": "ecs.gn6i-c4g1.xlarge",   # To pre-install a GPU driver, set this parameter to a GPU-accelerated instance type.
        "access_key": "{{env `ALICLOUD_ACCESS_KEY`}}",
        "secret_key": "{{env `ALICLOUD_SECRET_KEY`}}"
      },
    "builders": [
        {
          "type": "alicloud-ecs",
          "access_key": "{{user `access_key`}}",
          "secret_key": "{{user `secret_key`}}",
          "region": "{{user `region`}}",
          "image_name": "{{user `image_name`}}",
          "source_image": "{{user `source_image`}}",
          "instance_type": "{{user `instance_type`}}",
          "ssh_username": "root",
          "skip_image_validation": "true",
          "io_optimized": "true"
        }
      ],
   "provisioners": [
        {
            "type": "file",
            "source": "scripts/ack-optimized-os-all.sh",
            "destination": "/root/"
        },
        {
            "type": "shell",
            "inline": [
                "export RUNTIME=containerd",
                "export RUNTIME_VERSION=1.6.36",
                "export SKIP_SECURITY_FIX=true",
                "export PRESET_GPU=true",          # To pre-install a GPU driver, set PRESET_GPU to true. If you do not want to pre-install a GPU driver, leave this parameter empty or set it to false.
                "export NVIDIA_DRIVER_VERSION=510.47.03",         # Specify the GPU driver version. If you leave this parameter empty, the builder installs version 460.91.03 by default.
                "export KUBE_VERSION=1.22.3-aliyun.1",
                "export OS_ARCH=amd64",
                "bash /root/ack-optimized-os-all.sh"
            ]
        }
      ]
    }

Cache application images

View details

{
      "variables": {
        "image_name": "ack-custom_image",
        "source_image": "aliyun_3_x64_20G_alibase_20240528.vhd",
        "instance_type": "ecs.c6.xlarge",
        "access_key": "{{env `ALICLOUD_ACCESS_KEY`}}",
        "region": "{{env `ALICLOUD_REGION`}}",
        "secret_key": "{{env `ALICLOUD_SECRET_KEY`}}"
      },
    "builders": [
        {
          "type": "alicloud-ecs",
          "access_key": "{{user `access_key`}}",
          "secret_key": "{{user `secret_key`}}",
          "region": "{{user `region`}}",
          "image_name": "{{user `image_name`}}",
          "source_image": "{{user `source_image`}}",
          "instance_type": "{{user `instance_type`}}",
          "ssh_username": "root",
          "skip_image_validation": "true",
          "io_optimized": "true"
        }
      ],
   "provisioners": [
        {
            "type": "file",
            "source": "scripts/ack-optimized-os-linux3-all.sh",
            "destination": "/root/"
        },
        {
            "type": "shell",
            "inline": [
                "export RUNTIME=containerd",
                "export RUNTIME_VERSION=2.1.6",
                "export SKIP_SECURITY_FIX=true",
                "export KUBE_VERSION=1.30.1-aliyun.1",
                "export OS_ARCH=amd64",
                "bash /root/ack-optimized-os-linux3-all.sh",
                "ctr -n k8s.io i pull registry-cn-hangzhou-vpc.ack.aliyuncs.com/acs/pause:3.9"        # Bake application images into the OS image.
            ]
        }
      ]
    }

Adding an ECS instance with an attached data disk to a node pool initializes the data disk, removing pre-cached application images. To preserve them, create a data disk snapshot when building the custom image.

{
      "variables": {
        "image_name": "ack-custom_image",
        "source_image": "aliyun_3_x64_20G_alibase_20240528.vhd",
        "instance_type": "ecs.c6.xlarge",
        "access_key": "{{env `ALICLOUD_ACCESS_KEY`}}",
        "region": "{{env `ALICLOUD_REGION`}}",
        "secret_key": "{{env `ALICLOUD_SECRET_KEY`}}"
      },
    "builders": [
        {
          "type": "alicloud-ecs",
          "system_disk_mapping": {    
                    "disk_size": 120,
                    "disk_category": "cloud_essd"
                    },
          "image_disk_mappings": {
                    "disk_size": 40,
                    "disk_category": "cloud_auto"
                    },     # Configure a data disk when you build the custom image. After building the image, the process automatically creates a snapshot of the data disk.
          "access_key": "{{user `access_key`}}",
          "secret_key": "{{user `secret_key`}}",
          "region": "{{user `region`}}",
          "image_name": "{{user `image_name`}}",
          "source_image": "{{user `source_image`}}",
          "instance_type": "{{user `instance_type`}}",
          "ssh_username": "root",
          "skip_image_validation": "true",
          "io_optimized": "true"
        }
      ],
   "provisioners": [
        {
            "type": "file",
            "source": "scripts/ack-optimized-os-linux3-all.sh",
            "destination": "/root/"
        },
        {
            "type": "shell",
            "inline": [
                "export RUNTIME=containerd",
                "export RUNTIME_VERSION=2.1.6",
                "export SKIP_SECURITY_FIX=true",
                "export KUBE_VERSION=1.30.1-aliyun.1",
                "export OS_ARCH=amd64",
                "export MOUNT_RUNTIME_DATADISK=true",     # Mount container runtime file paths to the data disk.
                "bash /root/ack-optimized-os-linux3-all.sh",
                "ctr -n k8s.io i pull registry-cn-hangzhou-vpc.ack.aliyuncs.com/acs/pause:3.9",        # Bake the application image into the OS image.
                "mv /var/lib/containerd /var/lib/container/containerd"       # Move the image files to the data disk.
            ]
        }
      ]
    }

When configuring a node pool, select a custom image with a data disk snapshot. The system prompts that a data disk snapshot is automatically loaded, with the disk type set to ESSD AutoPL, capacity of 120 GiB, and options for burst performance and release-with-instance. The disk is initialized in the container runtime format using ext4. If you modify the data disk capacity, you must manually expand the partition and file system after the ECS instance is created.

image

Pull from a private registry (Docker)

docker login <image_address> -u user -p password
docker pull nginx

Pull from a private registry (containerd)

ctr -n k8s.io i pull --user=username:password nginx

Pull from a private registry during build

  1. On a Linux machine with Docker installed, run docker login to generate credentials.

    docker login --username=zhongwei.***@aliyun-test.com --password xxxxxxxxxx registry.cn-beijing.aliyuncs.com

    A successful docker login creates config.json in the /root/.docker directory.96

  2. Create a ConfigMap from the generated config.json.

    apiVersion: v1
    kind: ConfigMap
    metadata:
      name: docker-config
    data:
      config.json: |-
    
        {
            "auths": {
                    "registry.cn-beijing.aliyuncs.com": {
                            "auth": "xxxxxxxxxxxxxx"
                    }
            },
            "HttpHeaders": {
                    "User-Agent": "Docker-Client/19.03.15 (linux)"
            }
    
        }
  3. Modify the Job YAML to mount the ConfigMap into the Pod.95

    View details

    apiVersion: batch/v1
    kind: Job
    metadata:
      name: image-builder
      namespace: default
    spec:
      template:
        metadata:
          name: image-builder
        spec:
          containers:
            - name: image-builder
              image: "registry.cn-hangzhou.aliyuncs.com/acs/image-builder:v2.9"
              imagePullPolicy: Always
              env:
                - name: ALICLOUD_ACCESS_KEY
                  value: yourAccessKeyID
                - name: ALICLOUD_SECRET_KEY
                  value: yourAccessKeySecret
                - name: ALICLOUD_REGION
                  value: cn-heyuan
              command: ["packer"]
              args:  ["build","/config/ack.json"]
              volumeMounts:
                - name: config
                  mountPath: /config
                - name: docker
                  mountPath: /dockerconfig
          volumes:
            - name: config
              configMap:
                name: build-config
                items:
                  - key: ack.json
                    path: ack.json
            - name: docker
              configMap:
                name: docker-config
                items:
                  - key: config.json
                    path: config.json
          restartPolicy: Never
  4. Modify the build-config file as follows.94

    View details

    apiVersion: v1
    kind: ConfigMap
    metadata:
      name: build-config
    data:
      ack.json: |-
    
        {
          "variables": {
            "image_name": "ack-optimized_image-1.20-{{timestamp}}",
            "source_image": "aliyun_2_1903_x64_20G_alibase_20221102.vhd",
            "instance_type": "ecs.c6.xlarge",
            "region": "{{env `ALICLOUD_REGION`}}",
            "access_key": "{{env `ALICLOUD_ACCESS_KEY`}}",
            "secret_key": "{{env `ALICLOUD_SECRET_KEY`}}"
          },
          "builders": [
            {
              "type": "alicloud-ecs",
              "access_key": "{{user `access_key`}}",
              "secret_key": "{{user `secret_key`}}",
              "region": "{{user `region`}}",
              "image_name": "{{user `image_name`}}",
              "source_image": "{{user `source_image`}}",
              "ssh_username": "root",
              "instance_type": "{{user `instance_type`}}",
              "skip_image_validation": "true",
              "io_optimized": "true"
            }
          ],
          "provisioners": [{
           "type": "file",
           "source": "scripts/ack-optimized-os-all.sh",
           "destination": "/root/"
            },
            {
           "type": "file",
           "source": "dockerconfig/config.json",
           "destination": "/root/"
            },
            {
           "type": "shell",
           "inline": [
             "export OS_ARCH=amd64",
             "export RUNTIME=docker",
             "export SKIP_SECURITY_FIX=true",
             "export KUBE_VERSION=1.22.15-aliyun.1",
             "bash /root/ack-optimized-os-all.sh",
             "mkdir -p /root/.docker",
             "cp /root/config.json /root/.docker",
             "docker pull registry.cn-beijing.aliyuncs.com/ringtail/kruise-game:0.1"
    
          ]
          }]
        }
  5. Run the Job.

Set concurrent image uploads and downloads

  1. Log on to the ACK console. In the left navigation pane, click Clusters.

  2. On the Clusters page, click the name of your cluster. In the left navigation pane, click Nodes > Node Pools.

  3. Click the name of the target node pool. On the Basic Information tab, find the Node Pool Information section and click the link next to Auto Scaling Group.

  4. Click the Instance Configuration Sources tab. Find the target scaling configuration, click Modify in the Actions column, and then click OK.

  5. On the Modify scaling configuration page, expand Advanced Settings and copy the User Data content. Base64-decode the data in the User Data box.

  6. Decode and modify the user data.

    Base64-decode the Instance User Data and append the following code to the script.

    This code installs jq, updates the Docker daemon configuration to increase concurrent downloads and uploads, and restarts Docker.
    yum install -y jq
    echo "$(jq '. += {"max-concurrent-downloads": 20,"max-concurrent-uploads": 20}' /etc/docker/daemon.json)" > /etc/docker/daemon.json
    service docker restart

    image

  7. Re-encode and update the data.

    Base64-encode the modified script. Replace the content in the User Data box with the encoded output and click OK.

Build a custom Alibaba Cloud Linux 3 image

View details

apiVersion: v1
kind: ConfigMap
metadata:
  name: build-config
data:
  ack.json: |-
    
    {
      "variables": {
        "image_name": "ack-optimized_image-1.22-{{timestamp}}",
        "source_image":"aliyun_3_x64_20G_alibase_20230110.vhd",  # Base image for Alibaba Cloud Linux 3.
        "instance_type": "ecs.c6.xlarge",
        "region": "{{env `ALICLOUD_REGION`}}",
        "access_key": "{{env `ALICLOUD_ACCESS_KEY`}}",
        "secret_key": "{{env `ALICLOUD_SECRET_KEY`}}"
      },
      "builders": [
        {
          "type": "alicloud-ecs",
          "access_key": "{{user `access_key`}}",
          "secret_key": "{{user `secret_key`}}",
          "region": "{{user `region`}}",
          "image_name": "{{user `image_name`}}",
          "source_image": "{{user `source_image`}}",
          "ssh_username": "root",  
          "instance_type": "{{user `instance_type`}}",
          "skip_image_validation": "true",
          "io_optimized": "true"
        }
      ],
      "provisioners": [{
       "type": "file",
       "source": "scripts/ack-optimized-os-linux3-all.sh",
       "destination": "/root/"
        },
        {
       "type": "shell",
       "inline": [
         "export RUNTIME=containerd",
         "export SKIP_SECURITY_FIX=true",
         "export OS_ARCH=amd64",
         "export KUBE_VERSION=1.22.3-aliyun.1",
         "bash /root/ack-optimized-os-linux3-all.sh"
      ]
      }]
    }

Build a custom Red Hat Enterprise Linux 9 image

View details

apiVersion: v1
kind: ConfigMap
metadata:
  name: build-config
data:
  ack.json: |-
    
    {
      "variables": {
        "image_name": "ack-optimized_image-1.26-{{timestamp}}",
        "source_image": "m-bp1c7zuf8mcabc99babc",       # Base image for Red Hat Enterprise Linux 9.
        "instance_type": "ecs.c6.xlarge",
        "region": "{{env `ALICLOUD_REGION`}}",
        "access_key": "{{env `ALICLOUD_ACCESS_KEY`}}",
        "secret_key": "{{env `ALICLOUD_SECRET_KEY`}}",
        "runtime": "{{env `RUNTIME`}}",
        "skip_security_fix": "{{env `SKIP_SECURITY_FIX`}}"
      },
      "builders": [
        {
          "type": "alicloud-ecs",
          "access_key": "{{user `access_key`}}",
          "secret_key": "{{user `secret_key`}}",
          "region": "{{user `region`}}",
          "image_name": "{{user `image_name`}}",
          "source_image": "{{user `source_image`}}",
          "ssh_username": "root",
          # "vpc_id": "",
          # "vswitch_id": "",
          # "security_group_id": "",      
          "instance_type": "{{user `instance_type`}}",
          "skip_image_validation": "true",
          "io_optimized": "true"
        }
      ],
      "provisioners": [{
       "type": "file",
       "source": "scripts/ack-optimized-os-rhel9-all.sh",
       "destination": "/root/"
        },
        {
       "type": "shell",
       "inline": [
         "export RUNTIME=containerd",
         "export SKIP_SECURITY_FIX=true",
         "export OS_ARCH=amd64",
         "export KUBE_VERSION=1.26.3-aliyun.1",
         "bash /root/ack-optimized-os-rhel9-all.sh"
      ]
      }]
    }

Next steps