All things docker Archive: https://archive.sweetops.com/docker/
Does anyone have experience with using instance storage vice EBS for EC2 instances in ECS? If so, was there any noticeable performance gain?
Can’t speak for ECS specifically, but for K8S we noticed for machines pulling down docker images when new news came on line would max out the IOPS
using an EBS volume with provisioned iops eliminated these bottlenecks (but new ones - like the speed at which we could download docker images surfaced)
it was well over a year ago, so don’t recall the exact performance gains.
yeah we’ve had issues with iops so we were exploring using instance storage
but… amazon linux 2 doesn’t let you modify which volume docker uses
Have you tried `
mount --bind /big-ebs-volume/ /var/lib/docker/
that way you use the same folder structure and everything else keeps working
the key is you need to do this before the docker daemon starts or it will be corrupted
We previously did this on CoreOS and it worked. Came down to getting the systemd units dependency ordering correct.
Instance store will be faster than EBS. Much much faster. EBS is network constrained and provisioned IOPS cost much while instance store provides tens of thousands of IOPS for smaller instances up to millions. EBS is persistant storage though.
Can someone explain the reasoning why all the buildspec.yml examples I see for AWS CodeBuild/CodePipeline have you push up 2 docker images to ECR?
- echo Build completed on
- echo Pushing the Docker images…
- docker push $REPOSITORY_URI:latest
- docker push $REPOSITORY_URI:$IMAGE_TAG
I’m probably missing something basic here…
Its the same image, just tagged twice
once with the evil latest tag, another with your image_tag
is there a better way to do it? All the examples I’ve seen use latest, but i’m open to a better way?
latest tag is good for examples and samples, but when you want to run something stable in production you shouldn’t use
latest. You should pin to a specific tag.
that makes sense. So should I just cut out the latest tag in the buildspec and just use the HASH?
It is fine to still push a latest tag, just make sure you are always pushing an explicit version tag too
The risk is on the user whether to use the latest tag, not the developer
cool, thanks for the advice
sry, I’m just in the habit of calling latest == evil as part of my smear campaign against the latest tag. There is a place for it though for certain
You can pass the tag in the imagedefinitions.json
So you don’t have to use the latest tag. More info in https://docs.aws.amazon.com/codepipeline/latest/userguide/file-reference.html
Reference for definitions files used by job workers in container source and deploy actions