You can use the P2P acceleration feature in edge clusters to accelerate image pulling and reduce the time used to deploy applications. This topic describes how to use the P2P acceleration feature in an edge cluster.
Prerequisites
A Container Registry Enterprise Edition instance is created. The Container Registry Enterprise Edition instance must be of the standard or advanced edition. For more information, see Create a Container Registry Enterprise Edition instance.
The Container Registry Enterprise Edition instance is configured to allow access from the edge cluster over the Internet and the whitelist is configured for the instance. For more information, see Configure access over the Internet.
Step 1: Obtain the ID of the Container Registry instance
Log on to the Container Registry console.
In the top navigation bar, select a region.
In the left-side navigation pane, click Instances.
On the Instances page, click the Enterprise Edition instance that you want to manage.
View the ID of the Container Registry instance in the upper-left corner of the Overview page.
Step 2: Install the P2P component
Log on to the ACK console.
In the left-side navigation pane of the ACK console, choose .
On the App Catalog page, search for the ack-edge-acr-acceleration-p2p component. After the ack-edge-acr-acceleration-p2p component is found, click the card of the component.
In the Deploy pane, select an edge cluster.
ImportantYou must select an edge cluster before you set parameters. If you set parameters before you select an edge cluster, the parameter settings become invalid.
On the Parameters tab of the component details page, set the registryInstances parameter to the Container Registry instance ID that you obtained in Step 1.
If multiple Container Registry instances are used, separate the instance IDs with commas (,) when you set the registryInstances parameter.
NoteBy default, the P2P component uses port 65001 on nodes. If port 65001 has been used by another component, change the port used by the P2P component based on your business requirements.
p2p: ... # Port of P2P Agent in host network port: 65001 # Id of ACR registry instances, support multi, e.g. "cri-xxx,cri-yyy" registryInstances: <ACR instance Id>
Set the
plusMode
parameter so that one or more node pools of the edge cluster can use the P2P component for P2P acceleration.NoteFor more information about how to view the name and ID of a node pool, see View the name and ID of a node pool in the edge cluster.
p2p: plusMode: # Valid values: p2p and source. # A value of p2p indicates that images are downloaded in P2P mode. # A value of source indicates that images are downloaded from the registry-mirror component or a registry in the cloud. If you set the parameter to source, the scheduler component is not deployed to your cluster. downloadPattern: "p2p" # The retention period of the data cached by the registry-mirror component. cacheTTL: 24h # The path to which the data is cached by the registry-mirror component on the host. # If this parameter is not specified, the cache will be lost when the registry-mirror container restarts. cacheHostPath: "" # Specify one or more node pools in the edge cluster. You can obtain the name and ID of each node pool in the Container Service for Kubernetes (ACK) console. # name: the name of a node pool in the edge cluster. # id: the ID of the node pool. edgeNodePools: - name: "" id: "" # If you set the parameter to true, the transfer acceleration feature of Object Storage Service (OSS) is enabled during the pull from origin over the Internet. This feature is applicable to scenarios where the Internet is unstable. For example, you can enable this feature when images are pulled across regions over the Internet. # Before the configuration, make sure that the transfer acceleration feature is enabled in the OSS console. ossInternetAccelerate: false # If you set the parameter to true, the scheduler and registry-mirror components are deployed on a specified node. # Before the configuration, you must add the following label to the node: k8s.aliyun.com/p2p-plus-node=true. nodeSelectorEnable: false
Optional: If your cluster and the Container Registry Enterprise Edition instance are in different regions, set the region parameter to the region of the Container Registry Enterprise Edition instance.
# Your cluster and the Container Registry Enterprise Edition instance are in different regions. Specify the region of the Container Registry Enterprise Edition instance. region: ""
Optional: If you want to specify the upper limit of the total bandwidth for uploading and downloading by the P2P component, set the ratelimit parameter. The default value is 5 MB/s. You can specify a value based on the bandwidth of nodes.
p2p: # Total net rate limit (MBytes/s) for uploading and downloading ratelimit: "5M"
In the Deploy pane, click Create.
Step 3: Enable P2P acceleration
You can add the P2P acceleration label to workloads such as pods and Deployments to enable P2P acceleration for these workloads. You can also add the P2P acceleration label to a namespace in your ACK cluster. This way, P2P acceleration is enabled for all workloads that meet acceleration conditions in this namespace. This way, you do not need to modify the YAML files of specific workloads to enable P2P acceleration. Select a method to add the P2P acceleration label based on your business requirements.
The name of the P2P acceleration label is k8s.aliyun.com/image-accelerate-mode
and the value is p2p
.
Add the P2P acceleration label to a workload
In this example, add the P2P acceleration label to a Deployment. Run the following command to edit the YAML file of the Deployment:
kubectl edit deploy <Deployment name>
Add the label
k8s.aliyun.com/image-accelerate-mode: p2p
to the YAML file of the Deployment.apiVersion: apps/v1 kind: Deployment metadata: name: test labels: app: nginx spec: replicas: 1 selector: matchLabels: app: nginx template: metadata: labels: # enable P2P k8s.aliyun.com/image-accelerate-mode: p2p app: nginx spec: # your ACR instacne image pull secret imagePullSecrets: - name: test-registry containers: # your ACR instacne image - image: test-registry-vpc.cn-hangzhou.cr.aliyuncs.com/docker-builder/nginx:latest name: test command: ["sleep", "3600"]
Add the P2P acceleration label to a namespace
Add the P2P acceleration label to a namespace in the ACK console
Log on to the ACK console.
In the left-side navigation pane, click Clusters.
On the Clusters page, find the cluster that you want to manage and click the cluster name or click Details in the Actions column.
In the left-side navigation pane, click Namespaces and Quotas.
On the Namespace page, find the namespace that you want to configure and click Edit in the Actions column.
In the Label section of the Edit Namespace dialog box, set the Variable Key parameter to
k8s.aliyun.com/image-accelerate-mode
and the Variable Value parameter top2p
, and click OK.
Add the P2P acceleration label to a namespace by using kubectl
kubectl label namespaces <your-namespace> k8s.aliyun.com/image-accelerate-mode=p2p
Verify P2P acceleration
After P2P acceleration is enabled for a pod, the P2P component automatically adds P2P-related information to the YAML file of the pod. The information includes P2P-related annotations, the address of the P2P-accelerated image, and the Secret for pulling the P2P-accelerated image.
The Secret for pulling a P2P-accelerated image and the Secret for pulling the original image are different only in the domain name of the image repository. Other configurations of the two Secrets are the same. If the user information is invalid in the Secret for pulling the original image, the P2P-accelerated image also fails to be pulled.
Run the following command to view the YAML file of the pod:
kubectl get po <Pod name> -oyaml
Expected output:
apiVersion: v1
kind: Pod
metadata:
annotations:
# inject p2p-annotations automatically
k8s.aliyun.com/image-accelerate-mode: p2p
k8s.aliyun.com/p2p-config: '...'
spec:
containers:
# inject image to p2p endpoint
- image: test-registry-vpc.distributed.cn-hangzhou.cr.aliyuncs.com:65001/docker-builder/nginx:latest
imagePullSecrets:
- name: test-registry
# inject image pull secret for p2p endpoint
- name: acr-credential-test-registry-p2p
If P2P-related annotations, the address of the P2P-accelerated image, and the Secret for pulling the P2P-accelerated image exist in the YAML file, P2P acceleration is enabled.
View the name and ID of a node pool in the edge cluster
Log on to the ACK console.
In the left-side navigation pane of the ACK console, click Clusters.
On the Clusters page, find the cluster that you want to manage and click the name of the cluster or click Details in the Actions column. The details page of the cluster appears.
In the left-side navigation pane of the details page, choose .
On the Node Pools page, view the names of all node pools. Click the name of the node pool whose ID you want to view.
In the Node Pool Information section of the node pool details page, view the node pool ID.