I tried to set up a VPC endpoint for ECR, to speed up my deployments on ECS. I have 3 endpoints:
com.amazonaws.us-east-2.s3(Gateway)com.amazonaws.us-east-2.ecr.dkr(Interface)com.amazonaws.us-east-2.ecr.api(Interface)
When I pull my images from an EC2 instance in this VPC, here are the pull timers:
- Time of the docker pull without private endpoint:
real 2m15.751s - Time of the docker pull with the endpoints:
real 2m12.833s
Isn't the private endpoint supposed to speed up the docker images pull from my private ECR ?
A dig to the ECR registry shows that it indeed points to the internal network:
$ dig XXXXXXXX.dkr.ecr.us-east-2.amazonaws.com
; <<>> DiG 9.11.4-P2-RedHat-9.11.4-26.P2.amzn2.13.1 <<>> XXXXXXXX.dkr.ecr.us-east-2.amazonaws.com
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 2478
;; flags: qr rd ra; QUERY: 1, ANSWER: 3, AUTHORITY: 0, ADDITIONAL: 1
;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;XXXXXXXX.dkr.ecr.us-east-2.amazonaws.com. IN A
;; ANSWER SECTION:
XXXXXXXX.dkr.ecr.us-east-2.amazonaws.com. 60 IN A 10.24.34.215
XXXXXXXX.dkr.ecr.us-east-2.amazonaws.com. 60 IN A 10.24.41.209
XXXXXXXX.dkr.ecr.us-east-2.amazonaws.com. 60 IN A 10.24.38.246
;; Query time: 2 msec
;; SERVER: 10.24.0.2#53(10.24.0.2)
;; WHEN: Wed Aug 23 10:06:09 UTC 2023
;; MSG SIZE rcvd: 121
Is there a reason why the download speed from ECR didn't change ? Am I missing something ?
