#docker (2020-04)
All things docker
Archive: https://archive.sweetops.com/docker/
2020-04-08
![Shawn Petersen avatar](https://secure.gravatar.com/avatar/fd363e16adb4696efdaee2a18edffb4a.jpg?s=72&d=https%3A%2F%2Fa.slack-edge.com%2Fdf10d%2Fimg%2Favatars%2Fava_0016-72.png)
Can someone explain the reasoning why all the buildspec.yml examples I see for AWS CodeBuild/CodePipeline have you push up 2 docker images to ECR?
like this:
post_build:
commands:
- echo Build completed on date
- echo Pushing the Docker images…
#
- docker push $REPOSITORY_URI:latest
- docker push $REPOSITORY_URI:$IMAGE_TAG
I’m probably missing something basic here…
![Zachary Loeber avatar](https://avatars.slack-edge.com/2020-05-13/1115475485942_e68ae4d6556df390de70_72.jpg)
Its the same image, just tagged twice
![Zachary Loeber avatar](https://avatars.slack-edge.com/2020-05-13/1115475485942_e68ae4d6556df390de70_72.jpg)
once with the evil latest tag, another with your image_tag
![Shawn Petersen avatar](https://secure.gravatar.com/avatar/fd363e16adb4696efdaee2a18edffb4a.jpg?s=72&d=https%3A%2F%2Fa.slack-edge.com%2Fdf10d%2Fimg%2Favatars%2Fava_0016-72.png)
is there a better way to do it? All the examples I’ve seen use latest, but i’m open to a better way?
![roth.andy avatar](https://avatars.slack-edge.com/2019-09-18/753707271651_6f58c1cbab3c77754f58_72.jpg)
The latest
tag is good for examples and samples, but when you want to run something stable in production you shouldn’t use latest
. You should pin to a specific tag.
![Shawn Petersen avatar](https://secure.gravatar.com/avatar/fd363e16adb4696efdaee2a18edffb4a.jpg?s=72&d=https%3A%2F%2Fa.slack-edge.com%2Fdf10d%2Fimg%2Favatars%2Fava_0016-72.png)
that makes sense. So should I just cut out the latest tag in the buildspec and just use the HASH?
![roth.andy avatar](https://avatars.slack-edge.com/2019-09-18/753707271651_6f58c1cbab3c77754f58_72.jpg)
It is fine to still push a latest tag, just make sure you are always pushing an explicit version tag too
![roth.andy avatar](https://avatars.slack-edge.com/2019-09-18/753707271651_6f58c1cbab3c77754f58_72.jpg)
The risk is on the user whether to use the latest tag, not the developer
![Shawn Petersen avatar](https://secure.gravatar.com/avatar/fd363e16adb4696efdaee2a18edffb4a.jpg?s=72&d=https%3A%2F%2Fa.slack-edge.com%2Fdf10d%2Fimg%2Favatars%2Fava_0016-72.png)
cool, thanks for the advice
![Zachary Loeber avatar](https://avatars.slack-edge.com/2020-05-13/1115475485942_e68ae4d6556df390de70_72.jpg)
sry, I’m just in the habit of calling latest == evil as part of my smear campaign against the latest tag. There is a place for it though for certain
![vFondevilla avatar](https://avatars.slack-edge.com/2020-07-20/1264409839361_95bd4eea5ea6f16d291a_72.jpg)
You can pass the tag in the imagedefinitions.json
![vFondevilla avatar](https://avatars.slack-edge.com/2020-07-20/1264409839361_95bd4eea5ea6f16d291a_72.jpg)
So you don’t have to use the latest tag. More info in https://docs.aws.amazon.com/codepipeline/latest/userguide/file-reference.html
Reference for definitions files used by job workers in container source and deploy actions
2020-04-09
2020-04-20
![Gabe avatar](https://avatars.slack-edge.com/2018-09-18/438189792083_bdb8f075d8d0a1246f88_72.jpg)
Does anyone have experience with using instance storage vice EBS for EC2 instances in ECS? If so, was there any noticeable performance gain?
![Erik Osterman (Cloud Posse) avatar](https://secure.gravatar.com/avatar/88c480d4f73b813904e00a5695a454cb.jpg?s=72&d=https%3A%2F%2Fa.slack-edge.com%2Fdf10d%2Fimg%2Favatars%2Fava_0023-72.png)
Can’t speak for ECS specifically, but for K8S we noticed for machines pulling down docker images when new news came on line would max out the IOPS
![Erik Osterman (Cloud Posse) avatar](https://secure.gravatar.com/avatar/88c480d4f73b813904e00a5695a454cb.jpg?s=72&d=https%3A%2F%2Fa.slack-edge.com%2Fdf10d%2Fimg%2Favatars%2Fava_0023-72.png)
using an EBS volume with provisioned iops eliminated these bottlenecks (but new ones - like the speed at which we could download docker images surfaced)
![Erik Osterman (Cloud Posse) avatar](https://secure.gravatar.com/avatar/88c480d4f73b813904e00a5695a454cb.jpg?s=72&d=https%3A%2F%2Fa.slack-edge.com%2Fdf10d%2Fimg%2Favatars%2Fava_0023-72.png)
it was well over a year ago, so don’t recall the exact performance gains.
![Gabe avatar](https://avatars.slack-edge.com/2018-09-18/438189792083_bdb8f075d8d0a1246f88_72.jpg)
yeah we’ve had issues with iops so we were exploring using instance storage
![Gabe avatar](https://avatars.slack-edge.com/2018-09-18/438189792083_bdb8f075d8d0a1246f88_72.jpg)
but… amazon linux 2 doesn’t let you modify which volume docker uses
![Erik Osterman (Cloud Posse) avatar](https://secure.gravatar.com/avatar/88c480d4f73b813904e00a5695a454cb.jpg?s=72&d=https%3A%2F%2Fa.slack-edge.com%2Fdf10d%2Fimg%2Favatars%2Fava_0023-72.png)
No problemo
![Erik Osterman (Cloud Posse) avatar](https://secure.gravatar.com/avatar/88c480d4f73b813904e00a5695a454cb.jpg?s=72&d=https%3A%2F%2Fa.slack-edge.com%2Fdf10d%2Fimg%2Favatars%2Fava_0023-72.png)
Have you tried `
mount --bind /big-ebs-volume/ /var/lib/docker/
![Erik Osterman (Cloud Posse) avatar](https://secure.gravatar.com/avatar/88c480d4f73b813904e00a5695a454cb.jpg?s=72&d=https%3A%2F%2Fa.slack-edge.com%2Fdf10d%2Fimg%2Favatars%2Fava_0023-72.png)
that way you use the same folder structure and everything else keeps working
![Erik Osterman (Cloud Posse) avatar](https://secure.gravatar.com/avatar/88c480d4f73b813904e00a5695a454cb.jpg?s=72&d=https%3A%2F%2Fa.slack-edge.com%2Fdf10d%2Fimg%2Favatars%2Fava_0023-72.png)
the key is you need to do this before the docker daemon starts or it will be corrupted
![Erik Osterman (Cloud Posse) avatar](https://secure.gravatar.com/avatar/88c480d4f73b813904e00a5695a454cb.jpg?s=72&d=https%3A%2F%2Fa.slack-edge.com%2Fdf10d%2Fimg%2Favatars%2Fava_0023-72.png)
We previously did this on CoreOS and it worked. Came down to getting the systemd units dependency ordering correct.
![this](/assets/images/custom_emojis/this.png)
![Marcin Brański avatar](https://secure.gravatar.com/avatar/7f3c56304d6e3adb7658889af56cd171.jpg?s=72&d=https%3A%2F%2Fa.slack-edge.com%2Fdf10d%2Fimg%2Favatars%2Fava_0001-72.png)
Instance store will be faster than EBS. Much much faster. EBS is network constrained and provisioned IOPS cost much while instance store provides tens of thousands of IOPS for smaller instances up to millions. EBS is persistant storage though.