Chapter 9. Caching images for faster workspace start
This section describes installing the Image Puller on a CodeReady Workspaces cluster to cache images on cluster nodes.
9.1. Image Puller overview
Slow starts of Red Hat CodeReady Workspaces workspaces may be caused by waiting for the underlying cluster to pull images used in workspaces from remote registries. As such, pre-pulling images can improve start times significantly. The Image Puller can be used to pre-pull images and shorten workspace start times.
The Image Puller is an additional deployment that runs alongside Red Hat CodeReady Workspaces. Given a list of images to pre-pull, the application runs inside a cluster and creates a DaemonSet that pulls the images on each node.
The minimal requirement for an image to be pre-pulled is the availability of the sleep command, which means that FROM scratch images (for example, 'che-machine-exec') are currently not supported. Also, images that mount volumes in the dockerfile are not supported for pre-pulling on OpenShift.
The application can be deployed:
- using OperatorHub or installing the Kubernetes Image Puller Operator
- by processing and applying OpenShift templates.
The Image Puller loads its configuration from a ConfigMap with the following available parameters:
Table 9.1. Image Puller default parameters
| Parameter | Usage | Default |
|---|---|---|
|
| Interval, in hours, between checking health of DaemonSets |
|
|
| The memory request for each cached image when the puller is running |
|
|
| The memory limit for each cached image when the puller is running |
|
|
| The CPU request for each cached image when the puller is running |
|
|
| The CPU limit for each cached image when the puller is running |
|
|
| Name of DaemonSet to be created |
|
|
| Namespace where DaemonSet is to be created |
|
|
|
List of images to be cached, in the format | Contains a default list of images. Before deploying, fill this with the images that fit the current requirements |
|
| Node selector applied to the Pods created by the DaemonSet |
|
The default memory requests and limits ensure that the container has enough memory to start. When changing CACHING_MEMORY_REQUEST or CACHING_MEMORY_LIMIT, you will need to consider the total memory allocated to the DaemonSet Pods in the cluster:
(memory limit) * (number of images) * (number of nodes in the cluster)
For example, running the Image Puller that caches 5 images on 20 nodes, with a container memory limit of 20Mi requires 2000Mi of memory.
9.2. Deploying Image Puller using the Operator
The recommended way to deploy the Image Puller is through the Operator.
9.2.1. Installing the Image Puller on OpenShift using OperatorHub
Prerequisites
-
A project in your cluster to host the Image Puller. This document uses the project
image-pulleras an example.
Procedure
- Navigate to your OpenShift cluster console, navigate to Operators → OperatorHub.
-
Use the Filter by keyword box to search for
Kubernetes Image Puller Operator. Click the Kubernetes Image Puller Operator. - Read the description of the Operator. Click Continue → Install.
- Select A specific project on the cluster for the Installation Mode. In the drop-down find the project you created to install the Image Puller. Click Subscribe.
- Wait for the Kubernetes Image Puller Operator to install. Click the KubernetesImagePuller → Create instance.
-
In a redirected window with a YAML editor, make modifications to the
KubernetesImagePullerCustom Resource and click Create. - Navigate to the Workloads and Pods menu in the project and verify that the Image Puller is available.
9.3. Deploying Image Puller using OpenShift templates
The Image Puller repository contains OpenShift templates for deploying on OpenShift.
Prerequisites
- A running OpenShift cluster.
-
The
octool is available.
The following parameters are available to further configure the OpenShift templates:
Table 9.2. Parameters for installing with OpenShift templates
| Value | Usage | Default |
|---|---|---|
|
|
The value of |
|
|
|
Image used for the |
|
|
| The image tag to pull |
|
|
| The name of the ServiceAccount used by the deployment (created as part of installation) |
|
|
|
The value of |
|
|
|
The value of |
|
|
|
The value of |
|
|
|
The value of |
|
See Table 9.1, “Image Puller default parameters” for more information about configuration values, such as DAEMONSET_NAME, CACHING_INTERVAL_HOURS, and CACHING_MEMORY_REQUEST.
Table 9.3. List of recommended images to pre-pull
| Image | URL | Tag |
|---|---|---|
| theia-rhel8 | codeready-workspaces/theia-rhel8 | 2.5 |
| theia-endpoint-rhel8 | theia-endpoint-image | 2.5 |
| pluginbroker-metadata-rhel8 | registry.redhat.io/codeready-workspaces/pluginbroker-metadata-rhel8:2.5 | 2.5 |
| pluginbroker-artifacts-rhel8 | registry.redhat.io/codeready-workspaces/pluginbroker-artifacts-rhel8:2.5 | 2.5 |
| plugin-java8-rhel8 | registry.redhat.io/codeready-workspaces/plugin-java8-rhel8:2.5 | 2.5 |
| plugin-java11-rhel8 | registry.redhat.io/codeready-workspaces/plugin-java11-rhel8:2.5 | 2.5 |
| plugin-kubernetes-rhel8 | registry.redhat.io/codeready-workspaces/plugin-kubernetes-rhel8:2.5 | 2.5 |
| plugin-openshift-rhel8 | registry.redhat.io/codeready-workspaces/plugin-openshift-rhel8:2.5 | 2.5 |
| stacks-cpp-rhel8 | registry.redhat.io/codeready-workspaces/stacks-cpp-rhel8:2.5 | 2.5 |
| stacks-dotnet-rhel8 | registry.redhat.io/codeready-workspaces/stacks-dotnet-rhel8:2.5 | 2.5 |
| stacks-golang-rhel8 | registry.redhat.io/codeready-workspaces/stacks-golang-rhel8:2.5 | 2.5 |
| stacks-php-rhel8 | registry.redhat.io/codeready-workspaces/stacks-php-rhel8:2.5 | 2.5 |
See Table 9.1, “Image Puller default parameters” for more information about configuration values, such as DAEMONSET_NAME, CACHING_INTERVAL_HOURS, and CACHING_MEMORY_REQUEST.
Procedure
Installing
Clone the Kubernetes Image Puller repository:
$ git clone https://github.com/che-incubator/kubernetes-image-puller $ cd kubernetes-image-puller
Create a new OpenShift project to deploy the puller into:
$ oc new-project k8s-image-puller
Process and apply the templates to deploy the puller:
In CodeReady Workspaces you must use custom values to deploy the image puller. To set custom values, add to the
oc processan option:-p <parameterName>=<value>:$ oc process -f deploy/openshift/serviceaccount.yaml \ | oc apply -f - $ oc process -f deploy/openshift/configmap.yaml \ -p IMAGES='plugin-java8-rhel8=registry.redhat.io/codeready-workspaces/plugin-java8-rhel8:2.5;\ theia-rhel8=registry.redhat.io/codeready-workspaces/theia-rhel8:2.5;\ stacks-golang-rhel8=registry.redhat.io/codeready-workspaces/stacks-golang-rhel8:2.5;\ plugin-java11-rhel8=registry.redhat.io/codeready-workspaces/plugin-java11-rhel8:2.5;\ theia-endpoint-rhel8=registry.redhat.io/codeready-workspaces/theia-rhel8:2.5;\ pluginbroker-metadata-rhel8=registry.redhat.io/codeready-workspaces/pluginbroker-metadata-rhel8:2.5;\ pluginbroker-artifacts-rhel8=registry.redhat.io/codeready-workspaces/pluginbroker-artifacts-rhel8:2.5;' \ | oc apply -f - $ oc process -f deploy/openshift/app.yaml \ -p IMAGE=registry.redhat.io/codeready-workspaces/imagepuller-rhel8 \ -p IMAGE_TAG='2.5' \ | oc apply -f -
Verifying the installation
Confirm that a new deployment,
kubernetes-image-puller, and a DaemonSet (named based on the value of theDAEMONSET_NAMEparameter) exist. The DaemonSet needs to have a Pod for each node in the cluster:$ oc get deployment,daemonset,pod --namespace k8s-image-puller deployment.extensions/kubernetes-image-puller 1/1 1 1 2m19s NAME DESIRED CURRENT READY UP-TO-DATE AVAILABLE NODE SELECTOR AGE daemonset.extensions/kubernetes-image-puller 1 1 1 1 1 <none> 2m10s NAME READY STATUS RESTARTS AGE pod/kubernetes-image-puller-5495f46497-mkd4p 1/1 Running 0 2m18s pod/kubernetes-image-puller-n8bmf 3/3 Running 0 2m10s
Check that the
ConfigMapnamedk8s-image-pullerhas the values you specified in your parameter substitution, or that they contain the default values:$ oc get configmap k8s-image-puller --output yaml apiVersion: v1 data: CACHING_INTERVAL_HOURS: "1" CACHING_MEMORY_LIMIT: 20Mi CACHING_MEMORY_REQUEST: 10Mi DAEMONSET_NAME: kubernetes-image-puller IMAGES: | theia-rhel8=registry.redhat.io/codeready-workspaces/theia-rhel8:{prod-ver}; theia-endpoint-rhel8=registry.redhat.io/codeready-workspaces/theia-rhel8:{prod-ver}; pluginbroker-metadata-rhel8=registry.redhat.io/codeready-workspaces/pluginbroker-metadata-rhel8:{prod-ver}; pluginbroker-artifacts-rhel8=registry.redhat.io/codeready-workspaces/pluginbroker-artifacts-rhel8:{prod-ver}; plugin-java8-rhel8=registry.redhat.io/codeready-workspaces/plugin-java8-rhel8:{prod-ver}; plugin-java11-rhel8=registry.redhat.io/codeready-workspaces/plugin-java11-rhel8:{prod-ver}; stacks-golang-rhel8=registry.redhat.io/codeready-workspaces/stacks-golang-rhel8:{prod-ver}; NAMESPACE: k8s-image-puller NODE_SELECTOR: '{}' kind: ConfigMap metadata: annotations: kubectl.kubernetes.io/last-applied-configuration: | {"apiVersion":"v1","data":{"CACHING_INTERVAL_HOURS":"1","CACHING_MEMORY_LIMIT":"20Mi","CACHING_MEMORY_REQUEST":"10Mi","DAEMONSET_NAME":"kubernetes-image-puller","IMAGES":"theia-rhel8=registry.redhat.io/codeready-workspaces/theia-rhel8:{prod-ver}; theia-endpoint-rhel8=registry.redhat.io/codeready-workspaces/theia-rhel8:{prod-ver}; pluginbroker-metadata-rhel8=registry.redhat.io/codeready-workspaces/pluginbroker-metadata-rhel8:{prod-ver}; pluginbroker-artifacts-rhel8=registry.redhat.io/codeready-workspaces/pluginbroker-artifacts-rhel8:{prod-ver}; plugin-java8-rhel8=registry.redhat.io/codeready-workspaces/plugin-java8-rhel8:{prod-ver}; plugin-java11-rhel8=registry.redhat.io/codeready-workspaces/plugin-java11-rhel8:{prod-ver}; stacks-golang-rhel8=registry.redhat.io/codeready-workspaces/stacks-golang-rhel8:{prod-ver};\n","NAMESPACE":"k8s-image-puller","NODE_SELECTOR":"{}"},"kind":"ConfigMap","metadata":{"annotations":{},"name":"k8s-image-puller","namespace":"k8s-image-puller"},"type":"Opaque"} creationTimestamp: 2020-02-17T22:40:13Z name: k8s-image-puller namespace: k8s-image-puller resourceVersion: "72250" selfLink: /api/v1/namespaces/k8s-image-puller/configmaps/k8s-image-puller uid: 76430ed6-51d6-11ea-9c19-52fdfc072182
