Faster Container Startup in AWS Fargate with Seekable OCI

InfoQ Homepage News Faster Container Startup in AWS Fargate with Seekable OCI

Aug 03, 2023 2 min read

by

Nsikan Essien

AWS recently announced support for Seekable Open Container Initiative (SOCI) with AWS Fargate. SOCI enables lazy-loading of images which reduces container start-up times on Amazon Elastic Container Service (ECS). In addition, AWS released two tools, SOCI Index Builder and SOCI Snapshotter, to help its customers take advantage of this new functionality.

SOCI is an open-source technology released by AWS in 2022. It was developed to enable the lazy-loading of Open Container Initiative (OCI) image layers but without modifying the final image artifact. SOCI works by outputting a separate index artifact, the SOCI Index, alongside the built OCI image to an OCI-compatible registry. The SOCI Index contains a table of contents for the compressed layers that allow their contents to be independently retrieved through a ranged request to a registry, enabling container runtimes to access specific files without downloading the entire layer. To facilitate the creation of SOCI Indexes, AWS also released the SOCI Snapshotter.

Relationship between the Container Image Manifest and the SOCI Index Manifest (Source: AWS News blog post)

The SOCI Snapshotter is a containerd snapshotter plugin. Containerd is a runtime that manages the lifecycle of a container, and it utilizes snapshotters to manage container file systems. In contrast to the default snapshotter, OverlayFS, the SOCI snapshotter downloads a SOCI Index and uses it to download specific sections, called spans, from the compressed image layer. To take advantage of this functionality, customers must be using Amazon ECS and AWS Fargate.

How the SOCI snapshotter interacts with containerd (Source: AWS News blog post)

As of the release, Amazon ECS tasks on AWS Fargate using Linux platform version 1.4.0 and on X86_64 architectures will automatically default to using the SOCI Snapshotter if all images within a task have SOCI indexes. In addition, the images must be stored in a registry where SOCI Indexes are supported, which is currently restricted to Amazon ECR private registries. With Amazon ECR, SOCI Indexes can be added simultaneously with the original OCI image artifact, via a CLI, or created asynchronously after the original artifact has been uploaded via the AWS SOCI Index Builder tool.

The AWS SOCI Index Builder is a pre-configured AWS Cloudformation Stack that listens for Amazon ECR push events via EventBridge and asynchronously generates a SOCI Index for the original uploaded image.

Architecture of the AWS SOCI Index Builder (Source: CFN AWS SOCI Index Builder Deployment Guide)

Given that SOCI Indexes are currently only supported by private ECR registries, the benefits of the capability are limited to the AWS ecosystem and only for images greater than 250MB. Alternatives to the SOCI Snapshotter for lazy-loadable OCI images outside AWS are Nydus, OverlayBD and Stargz. The aforementioned plugins are established containerd non-core projects, with Stargz laying the foundations for the SOCI Snapshotter project.

The improvements enabled by SOCI Indexes have been welcomed by the community, with a comment in the r/aws community saying:

For us, it reduced the startup time from 50s to 14s.

However, another comment in the same thread suggested an increased startup time:

... if it tries to use blocks that weren’t there when it starts up, you end up having to wait for those to be downloaded. The app I tried it with started slower. .

Finally, further information on SOCI indexes and their utilization within AWS ECS can be found in the AWS Fargate User Guide.

Redis Enterprise. The ideal caching and asynchronous messaging solution for microservice-based applications. Download the Solution Brief Now.

Writing for InfoQ has opened many doors and increased career opportunities for me. I was able to deeply engage with experts and thought leaders to learn more about the topics I covered. And I can also disseminate my learnings to the wider tech community and understand how the technologies are used in the real world.

I discovered InfoQ’s contributor program earlier this year and have enjoyed it since then! In addition to providing me with a platform to share learning with a global community of software developers, InfoQ’s peer-to-peer review system has significantly improved my writing. If you’re searching for a place to share your software expertise, start contributing to InfoQ.

I started writing news for the InfoQ .NET queue as a way of keeping up to date with technology, but I got so much more out of it. I met knowledgeable people, got global visibility, and improved my writing skills.

Becoming an editor for InfoQ was one of the best decisions of my career. It has challenged me and helped me grow in so many ways. We'd love to have more people join our team.

InfoQ seeks a full-time Editor-in-Chief to join C4Media's international, always remote team. Join us to cover the most innovative technologies of our time, collaborate with the world's brightest software practitioners, and help more than 1.6 million dev teams adopt new technologies and practices that push the boundaries of what software and teams can deliver!

A round-up of last week’s content on InfoQ sent out every Tuesday. Join a community of over 250,000 senior developers. View an example

We protect your privacy.

You need to Register an InfoQ account or Login or login to post comments. But there's so much more behind being registered.

Get the most out of the InfoQ experience.

Allowed html: a,b,br,blockquote,i,li,pre,u,ul,p

by Kelvin Meeks,

by Nsikan Essien,

by Kelvin Meeks,

Your message is awaiting moderation. Thank you for participating in the discussion.

Here's the link to the English version aws.amazon.com/about-aws/whats-new/2022/09/intr...

by Nsikan Essien,

Your message is awaiting moderation. Thank you for participating in the discussion.

Hi Kelvin, thanks for that, the link has now been updated in the article. The one you've included in this comment isn't quite right.

Allowed html: a,b,br,blockquote,i,li,pre,u,ul,p

Allowed html: a,b,br,blockquote,i,li,pre,u,ul,p