lazy distribution of container images
play

Lazy distribution of container images Current implementation status - PowerPoint PPT Presentation

Oct 23, 2023 •222 likes •579 views

FOSDEM (February 1, 2020) Lazy distribution of container images Current implementation status of containerd remote snapshotter Akihiro Suda Credit to Kohei Tokunaga (NTT) for containerd impl. & benchmark scripts Summary Run containers

  1. FOSDEM (February 1, 2020) Lazy distribution of container images Current implementation status of containerd remote snapshotter Akihiro Suda Credit to Kohei Tokunaga (NTT) for containerd impl. & benchmark scripts

  2. Summary • Run containers before completion of downloading the images • Lots of alternative image formats are proposed to support this • stargz is getting wide adoption (containerd & Podman) 2

  3. Demo: Lazy distribution of docker.io/library/ python:3.7

  4. The problems of the current Docker / OCI format

  5. Current Docker / OCI format • Open Containers Initiative (OCI) defines the standard specifications for containers – Docker/Moby, Podman, Kubernetes (containerd, CRI-O, …), Singularity… • OCI Image Spec : defines the tar ball structure and the JSON metadata format – Based on Docker Image Manifest V2 Schema 2 • OCI Distribution Spec : defines the API for distributing images via HTTP – Based on Docker Registry HTTP API • Focuses on legacy rather than on innovation ☹ 5

  6. TAR: Tape ARchiver • Appeared in 1970s • Originally designed for magnetic tapes • No random access https://en.wikipedia.org/wiki/PDP-11 6

  7. Problem 1: Requires scanning the whole "tape" • Without scanning the whole "tape“, file metadata cannot be listed up → Can't be mounted as a filesystem Metadata 0 File 0 Metadata 1 File 1 ... File name, permission, ... Metadata {n-1} File {n-1} Content Terminal zero bytes 7

  8. Problem 1: Requires scanning the whole "tape" • Having an external index file can solve the problem? → No, because gzip can’t be seek - ed (discussed later) Metadata 0 File 0 Metadata 1 File 1 Index file ... Metadata 0 Metadata {n-1} Metadata 1 File {n-1} … Metadata {n-1} Terminal zero bytes 8

  9. Problem 2: No deduplication • A registry might contain very similar images – Different versions – Different architectures – Different configuration files • Tar balls of these images are likely to waste the storage for identical/similar files • But not a serious issue when you have enough budget for the cloud storage 9

  10. Problems of Docker / OCI image format 1. Requires scanning the whole "tape" The main focus towards lazy 2. No deduplication distribution https://en.wikipedia.org/wiki/Magnetic_tape 10

  11. Why do we want lazy distribution? • “pulling packages accounts for 76% of container start time, but only 6.4% of that data is read.” – Harter, Tyler, et al. "Slacker: Fast Distribution with Lazy Docker Containers." FAST 2016 11

  12. Expected use-cases • “dev stage” images of multi-stage Dockerfiles – No need to consider tolerance against remote registry failures (because ` RUN apt-get install ` instructions are already flaky anyway) FROM example.com/heavy-dev-env:lazy AS dev RUN apt-get update && \ apt-get install -y some-additional-libs COPY src . RUN ./configure && \ make static && \ cp bin/foo /foo # the stage switches here FROM scratch COPY --from=dev /foo /foo ENTRYPOINT /foo 12

  13. Expected use-cases • Other use-cases are also valid, but mind fault tolerance (until the image gets 100% cached locally) – Kubernetes readinessProbe • FaaS • Web apps with huge number of HTML files and graphic files • Jupyter Notebooks with big data samples included • Full GNOME/KDE desktop – Will 2020 be the year of the containerized Linux desktop? 13

  14. Our first attempt (2017)

  15. Our first attempt (2017) … and post-mortem

  16. Our first attempt : FILEgrain (2017) • No tar balls • Composed of a protobuf index file (continuity manifest) + content-addressable blob files 16

  17. Our first attempt : FILEgrain (2017) • No tar balls • Composed of a protobuf index file (continuity manifest) + content-addressable blob files message Metadata { repeated string path; int64 uid; int64 gid; uint32 mode; uint64 size; repeated string sha256Digest; ... } blobs/sha256/deadbeef … Metadata 0 Metadata 1 blobs/sha256/cafebabe … … Metadata {n-1} 17

  18. FILEgrain post-mortem • Incompatibility with legacy tar balls • Chicken-and-egg: hard to finalize the spec when no implementation exists; hard to promote implementation when the spec is not finalized • Use-cases were unclear; didn’t need to focus on deduplication • Performance overhead due to huge numbers of HTTP requests for reading small files 18

  19. The solution in 2020: stargz

  20. stargz: seekable tar.gz • Proposed by Brad Fitzpatrick (Google, at that time) for accelerating the CI of the Go language project • No focus on data deduplication legacy tar.gz stargz Metadata 0 Metadata 0 gzip File 0 File 0 Metadata 1 Metadata 1 gzip File 1 File 1 gzip ... ... Metadata {n-1} Metadata {n-1} gzip File {n-1} File {n-1} Metadata for s.i.j. Terminal zero bytes gzip stargz.index.json (Metadata 0…{n-1}) Terminal zero bytes gzip empty stream 20

  21. stargz: seekable tar.gz • Fully compatible with legacy tar.gz • But contains extra “stargz.index.json” entry legacy tar.gz stargz Metadata 0 Metadata 0 gzip File 0 File 0 Metadata 1 Metadata 1 gzip File 1 File 1 gzip ... ... Metadata {n-1} Metadata {n-1} gzip File {n-1} File {n-1} Metadata for s.i.j. Terminal zero bytes gzip stargz.index.json (Metadata 0…{n-1}) Terminal zero bytes gzip empty stream 21

  22. stargz: seekable tar.gz • Only stargz.index.json is required for mounting the image • Actual files in the archive can be fetched on demand (when HTTP Range Requests are supported) stargz Metadata 0 gzip File 0 Metadata 1 gzip File 1 ... Metadata {n-1} gzip File {n-1} Metadata for s.i.j. gzip stargz.index.json This gzip header contains pointer (Metadata 0…{n-1}) for stargz.index.json Terminal zero bytes gzip empty stream 22

  23. stargz adoption in the ecosystem • containerd : https://github.com/ktock/stargz-snapshotter – By Kohei Tokunaga (NTT) – Implemented as a containerd snapshotter plugin – stargz archives are mounted as read-only FUSE filesystems – OverlayFS is used for supporting writing – Supports more aggressive optimization (discussed later) • Podman : https://github.com/giuseppe/crfs-plugin – By Giuseppe Scrivano (Red Hat) – Implemented as a fuse-overlayfs plugin 23

  24. stargz optimizer for containerd • Profiles actual file access patterns by running an equivalent of docker run – Future: static analysis using ldd (-ish) ? Machine learning? • Reorders file entries in the archive so that relevant files can be prefetched in a single HTTP request /app.py /bin/ls /bin/vi /usr/bin/python3 /lib/libc.so /lib/libc.so /lib/libjpeg.so /usr/lib/python3/.../foo /usr/bin/python3 /usr/lib/python3/.../bar /usr/bin/apt-get /bin/ls /usr/lib/python3/.../foo /bin/vi ... ... /usr/lib/python3/.../bar /lib/libjpeg.so /app.py /usr/bin/apt-get 24

  25. Benchmark results • Registry : Docker Hub ( docker.io ) • containerd host location : EC2 Oregon • Benchmark : execute typical base images with “compile hello world” command 25

  26. Benchmark results 26 Credit to Kohei Tokunaga (NTT) for containerd impl. & benchmark scripts

  27. Benchmark results 27 Credit to Kohei Tokunaga (NTT) for containerd impl. & benchmark scripts

  28. Benchmark results 28 Credit to Kohei Tokunaga (NTT) for containerd impl. & benchmark scripts

  29. Benchmark results 29 Credit to Kohei Tokunaga (NTT) for containerd impl. & benchmark scripts

  30. More optimizations are to come • Impl: Parallelize HTTP operations across image layers – https://github.com/ktock/stargz-snapshotter/issues/37 • Spec : Use zstd instead of gzip (“starzstd”?) – Proposed by Giuseppe https://github.com/golang/go/issues/30829#issuecomment-541532402 – Suitable for images with many small files – Not compatible with OCI Image Spec v1.0.1 – Compatible with OCI Image Spec v.Next 30

  31. stargz integration for BuildKit • BuildKit : modern OCI image builder – Concurrent execution – Efficient caching – Rootless – (pseudo-)daemonless – Clustering on Kubernetes – And a lot of innovative features • stargz support is on our plan, stay tuned! – Producing stargz images – Consuming stargz images as base images 31

  32. Other post-OCI formats • CernVM-FS – Not compatible with OCI tar balls – Has been already widely deployed in CERN and their friends – Implementation available for containerd: https://github.com/ktock/remote-snapshotter/pull/27 • Unofficial “OCI v2” – Proposed by Aleksa Sarai (SUSE) – Not compatible with OCI v1 tarballs – Focuses on deduplication, using Restic algorithm – WIP implementation available for umoci (image manipulation tool): https://github.com/openSUSE/umoci/tree/experimental/ociv2 – No runtime implementation seems to exist 32

  33. Other post-OCI formats • IPCS – Proposed by Edgar Lee (Netflix) – Built on IPFS (P2P CAS) protocol – Not compatible with OCI tar balls – Implementation available for containerd: https://github.com/hinshun/ipcs • Azure Container Registry “Project Teleport” – Built on SMB protocol and VHD images – Not FLOSS 33

  34. Recap • Lots of alternative image formats are proposed for lazy distribution, but compatibility matters • stargz is getting wide adoption (containerd & Podman) • containerd supports sort+prefetch optimization for stargz https://github.com/ktock/stargz-snapshotter 34

Recommend

Electric Fields from Ion Distribution Images Electric Fields from Ion Distribution Images on

Electric Fields from Ion Distribution Images Electric Fields from Ion Distribution Images on

Electric Fields from Ion Distribution Images Electric Fields from Ion Distribution Images on Swarm on Swarm David Knudsen University of Calgary, Alberta, Canada Contributors: Johnathan Burchill , NRCan, Ottawa Laureline Sangalli , PhD Student,

1.02k views • 25 slides
Advanced Techniques for Building Container Images Adrian Mouat @adrianmouat

Advanced Techniques for Building Container Images Adrian Mouat @adrianmouat

Advanced Techniques for Building Container Images Adrian Mouat @adrianmouat info@container-solutions.com www.container-solutions.com Photo by Kevin Wood Docker Build, Ship, Run Build overshadowed by orchestration Recent focus

1.01k views • 44 slides
DISASTER RELIEF CENTER 2x Accommodation Container 2x Sanitary Container 1x

DISASTER RELIEF CENTER 2x Accommodation Container 2x Sanitary Container 1x

DISASTER RELIEF CENTER 2x Accommodation Container 2x Sanitary Container 1x Galley Container 1x Medical Container 1x Feed Water Container 1x Water Treatment Container 2x Generator Container 1x

569 views • 8 slides
Docker Review Basic Commands docker image ls # list images currently present locally docker

Docker Review Basic Commands docker image ls # list images currently present locally docker

Docker Review Basic Commands docker image ls # list images currently present locally docker container ls # list running containers docker run <image_name> # run an image as a container docker exec <container> <command> # run a

1.1k views • 6 slides
Imagine for a moment @trentmwillis Lazy Loading Engines: Anything But Lazy Engines allow

Imagine for a moment @trentmwillis Lazy Loading Engines: Anything But Lazy Engines allow

Imagine for a moment @trentmwillis Lazy Loading Engines: Anything But Lazy Engines allow multiple logical applications to be composed together into a single application from the users perspective. - Engine RFC Lazy Loading Engines.

1.44k views • 78 slides
Next Generation Tools for container technology Dan Walsh @rhatdan Please Stand Please read out

Next Generation Tools for container technology Dan Walsh @rhatdan Please Stand Please read out

Next Generation Tools for container technology Dan Walsh @rhatdan Please Stand Please read out loud all text in RED I Promise To say Container Registries Rather than Docker registries I Promise To say Container Images Rather than

1.36k views • 86 slides
diskimage-builder: Building Linux Images for Cloud / Virtualization / Container Lets start

diskimage-builder: Building Linux Images for Cloud / Virtualization / Container Lets start

diskimage-builder: Building Linux Images for Cloud / Virtualization / Container Lets start with a little bit of history: Once upon a time... About the Author Andreas Florath andreas@florath.net Mathematician (RWTH Aachen) Currently

902 views • 27 slides
Can We Represent Infinite Lists? Lazy Evaluation Amtoft Motivation Lazy Lists Conversions

Can We Represent Infinite Lists? Lazy Evaluation Amtoft Motivation Lazy Lists Conversions

Can We Represent Infinite Lists? Lazy Evaluation Amtoft Motivation Lazy Lists Conversions to/from Certain collections are infinite, like the set of all natural Standard Lists Higher-Order Functions numbers. We may try Merging Lazy Lists

556 views • 13 slides
Container Library and FUSE Container File System Softwarepraktikum f ur Fortgeschrittene

Container Library and FUSE Container File System Softwarepraktikum f ur Fortgeschrittene

Introduction Container Library Container Tools FUSE Container File System Evaluation Container Library and FUSE Container File System Softwarepraktikum f ur Fortgeschrittene Michael Kuhn Parallele und Verteilte Systeme Institut f ur

353 views • 22 slides
Container Deposits The story so far, and why doesn t everyone do this? Container Deposit

Container Deposits The story so far, and why doesn t everyone do this? Container Deposit

Plastic Bags Ban and Container Deposits The story so far, and why doesn t everyone do this? Container Deposit Legislation Remember 1975? Source: Adelaide Now Adelaide Oval Cricket test 1973 Football Grand Final 1973Adelaide Cans

658 views • 18 slides
A Series Of Unfortunate Container Events Netflixs container platform lessons learned About the

A Series Of Unfortunate Container Events Netflixs container platform lessons learned About the

A Series Of Unfortunate Container Events Netflixs container platform lessons learned About the speakers and team Follow along - @sargun @tomaszbak_ca @fabiokung @aspyker @amit_joshee @anwleung 2 Netflixs container management platform

808 views • 44 slides
Lazy Modules Keiko Nakata Institute of Cybernetics at Tallinn University of Technology

Lazy Modules Keiko Nakata Institute of Cybernetics at Tallinn University of Technology

Lazy Modules Keiko Nakata Institute of Cybernetics at Tallinn University of Technology Constrained lazy initialization for modules Plan of my talk Lazy initialization in practice Constrained laziness Or, hybrid strategies between

595 views • 40 slides
Lazy Exact Deduplication Jingwei Ma, Rebecca J. Stones , Yuxiang Ma, Jingui Wang, Junjie Ren, Gang

Lazy Exact Deduplication Jingwei Ma, Rebecca J. Stones , Yuxiang Ma, Jingui Wang, Junjie Ren, Gang

Lazy Exact Deduplication Jingwei Ma, Rebecca J. Stones , Yuxiang Ma, Jingui Wang, Junjie Ren, Gang Wang, Xiaoguang Liu College of Computer and Control Engineering, Nankai University, China. 5 May 2016 Lazy exact deduplication Lazy exact

461 views • 34 slides
Lazy v. Yield Incremental, Linear Pretty-printing Oleg Kiselyov Simon Peyton-Jones Amr Sabry

Lazy v. Yield Incremental, Linear Pretty-printing Oleg Kiselyov Simon Peyton-Jones Amr Sabry

Lazy v. Yield Incremental, Linear Pretty-printing Oleg Kiselyov Simon Peyton-Jones Amr Sabry APLAS 2012 Kyoto, Japan Dec 12, 2012 Incremental stream processing, pervasive in practice, makes the best case for lazy evaluation. Lazy evaluation

770 views • 58 slides
our container journey @beshippable shippable.com our container journey containers can

our container journey @beshippable shippable.com our container journey containers can

our container journey @beshippable shippable.com our container journey containers can make us way more efficient containers can save us money on hosting containers sound interesting company founded in 2013

848 views • 30 slides
Mini-Bulk/IBC Pesticide Container Collection Program EPA Sponsored California San Joaquin Valley

Mini-Bulk/IBC Pesticide Container Collection Program EPA Sponsored California San Joaquin Valley

Mini-Bulk/IBC Pesticide Container Collection Program EPA Sponsored California San Joaquin Valley Jim Bise Director of Sales Myers Container/CMS jbise@myerscontainer.com 1 Myers Container Myers Container Myers Container, LLC has been

635 views • 8 slides
Finding Predictors: Nearest Neighbor Modern Motivations: Be Lazy! Classification Regression

Finding Predictors: Nearest Neighbor Modern Motivations: Be Lazy! Classification Regression

Finding Predictors: Nearest Neighbor Modern Motivations: Be Lazy! Classification Regression Choosing the right number of neighbors Some Optimizations Other types of lazy algorithms Compendium slides for Guide to Intelligent Data

1.53k views • 109 slides
Lazy abstractions for timed automata F. Herbreteau 1 , B. Srivathsan 2 , I. Walukiewicz 1 LaBRI,

Lazy abstractions for timed automata F. Herbreteau 1 , B. Srivathsan 2 , I. Walukiewicz 1 LaBRI,

Lazy abstractions for timed automata F. Herbreteau 1 , B. Srivathsan 2 , I. Walukiewicz 1 LaBRI, Universit e Bordeaux 1 Software modeling and verification group, RWTH-Aachen MOVES Seminar, March 2013 Lazy abstractions for timed automata -

609 views • 60 slides
Alexandria Container and Cargo Handling Company The Gateway to Egypts Growing Economy THIS

Alexandria Container and Cargo Handling Company The Gateway to Egypts Growing Economy THIS

April 2019 Strictly Private and Confidential Alexandria Container and Cargo Handling Company The Gateway to Egypts Growing Economy THIS PRESENTATION AND ITS CONTENTS ARE CONFIDENTIAL AND ARE NOT FOR RELEASE, PUBLICATION OR DISTRIBUTION, IN

780 views • 25 slides
Alexandria Container and Cargo Handling Company The Gateway to Egypts Growing Economy THIS

Alexandria Container and Cargo Handling Company The Gateway to Egypts Growing Economy THIS

September 2019 Strictly Private and Confidential Alexandria Container and Cargo Handling Company The Gateway to Egypts Growing Economy THIS PRESENTATION AND ITS CONTENTS ARE CONFIDENTIAL AND ARE NOT FOR RELEASE, PUBLICATION OR DISTRIBUTION,

606 views • 28 slides
An Empirical Study on Lazy Multilabel Classification Algorithms Eleftherios Spyromitros,

An Empirical Study on Lazy Multilabel Classification Algorithms Eleftherios Spyromitros,

Introduction Lazy Multilabel Algorithms Experimental Setup Experimental Results Conclusions An Empirical Study on Lazy Multilabel Classification Algorithms Eleftherios Spyromitros, Grigorios Tsoumakas and Ioannis Vlahavas Machine Learning

252 views • 23 slides
1 From Stack Traces to Lazy Rewriting Sequences Stephen Chang , Eli Barzilay, John Clements*,

1 From Stack Traces to Lazy Rewriting Sequences Stephen Chang , Eli Barzilay, John Clements*,

1 From Stack Traces to Lazy Rewriting Sequences Stephen Chang , Eli Barzilay, John Clements*, Matthias Felleisen Northeastern University *California Polytechnic State University 10/5/2011 2 Debugging lazy programs is hard. 3 Freja (Nilsson

976 views • 85 slides
Lazy Abstraction with Interpolants Ken McMillan (CAV06) Based on presentation by Yakir Vizel

Lazy Abstraction with Interpolants Ken McMillan (CAV06) Based on presentation by Yakir Vizel

Lazy Abstraction with Interpolants Ken McMillan (CAV06) Based on presentation by Yakir Vizel Automatic verification, June 26, 2017 Lecture 12 Previous work develops lazy abstraction for hardware Models describe hardware

693 views • 35 slides
1. Normal distribution 2. Geometric distribution 3. Binomial distribution 4.

1. Normal distribution 2. Geometric distribution 3. Binomial distribution 4.

Chapter 3. Distribution of Random Variables Jan 26, 2016 by Huamei Dong 1. Normal distribution 2. Geometric distribution 3. Binomial distribution 4. Negative binomial distribution 5. Poisson distribution 1.Normal distribution

520 views • 11 slides

More recommend