SlideShare uma empresa Scribd logo

RKT

Yutaka Matsubara
Yutaka Matsubara

Rocket CoreOS Meetup Tokyo #1

Software
1 de 36
Baixar para ler offline
rkt Yutaka Matsubara April 9, 2015 CoreOS Meetup Tokyo #1
who ? Yutaka Matsubara Abby CTO twitter @mopemope github @mopemope 1
rkt
what is rkt ? App Container Runtime 3
rkt rkt implements the two runtime components of the App Container specification ∙ Application Container Executor (ACE) ∙ Metadata Service 4
app container
what is app container ? App Container is a specification of an image format runtime, and discovery protocol for running applications in containers. 6
app container spec ∙ Building App Container ∙ Validating App Container ∙ Validating App Container Executors ∙ Discovery App Container Image Discovery 7
goal The core goals of the specification ∙ Designing for fast downloads and starts of App Containers ∙ Ensuring images are cryptographically verifiable and highly cacheable ∙ Designing for composability and independent implementations ∙ Using common technologies for cryptography, archiving, compression and transport ∙ Using the DNS namespace to name and discover images 8
keyword ∙ App Container Image ∙ App Container Image Discovery ∙ App Container Pod ∙ App Container Executor 9
manifest App Container Manifest is json format 10
image manifest { ”acKind”: ”ImageManifest”, ”acVersion”: ”0.5.1”, ”name”: ”xxxxx/xxxxxx”, ”app”: { ”exec”: [ ”/usr/bin/reduce-worker”, ”--quiet” ], ”user”: ”100”, ”group”: ”300”, ”workingDirectory”: ”/opt/work”, ”environment”: [ { ”name”: ”REDUCE_WORKER_DEBUG”, ”value”: ”true” } ], }, } 11
pod manifest { ”acVersion”: ”0.5.1”, ”acKind”: ”PodManifest”, ”apps”: [ { ”name”: ”main”, ”image”: { ”name”: ”example.com/xxxxxx”, }, ”app”: { ”exec”: [ ], }, }, { ”name”: ”backup”, ”image”: { ”name”: ”example.com/zzzzzzzz”, }, 12
diffrence docker
what is difference between rkt and docker? ∙ Composable ∙ Security ∙ Image disribution ∙ Open 14
composable ∙ central daemon ∙ pull image docker format ∙ push image docker format ∙ monolithic binary ∙ no daemon ∙ download common format ∙ upload common format ∙ independent and composable 15
security ∙ central daemon ∙ docker spec ∙ https certificate ∙ isolation ∙ crypto ∙ image auditing 16
image distribution ∙ docker spec ∙ docker hub ∙ docker registry ∙ standard and open spec ∙ simple ∙ without registry 17
open ∙ developed by a community ∙ docker spec ... ∙ developed by a community ∙ format and runtime specification 18
detail rkt
rkt ∙ Download ACI and Docker Image ∙ Verify Signatures ∙ Launching Container and Pod ∙ Enter Container ∙ Private Network ∙ Metadata Service 20
rkt Architecture 21
trust Get trusted key $ sudo rkt trust --prefix storage.coreos.com 22
fetch Download Container Image and Verify ∙ Localfile ∙ HTTP, HTTPS ∙ Docker Image 23
fetch $ sudo rkt --insecure-skip-verify fetch docker://httpd docker://mysql rkt: fetching image from docker://httpd sha512-73e53da5b22e08e3ebf5eeb47d8c3113 rkt: fetching image from docker://mysql sha512-8ea09fa7718553967e8b6fe50b72df68 24
prepare Holding an exclusive lock on the pod directory $ sudo rkt --insecure-skip-verify prepare docker://httpd rkt: fetching image from docker://httpd ea5cf47a-6b5b-4118-be9d-91d50e7258cb 25
prepare $ rkt list UUID ACI STATE NETWORKS ea5cf47a index.docker.io/httpd prepared 26
run Run Container run run container (prepare and run) run-prepared run prepared container ∙ set and override environment ∙ run interactively ∙ mount volume ∙ setup container network 27
run $ sudo rkt --insecure-skip-verify --debug run --private-net docker://httpd rkt: fetching image from file:///home/ma2/bin/stage1.aci rkt: fetching image from docker://httpd ... AH00557: httpd: apr_sockaddr_info_get() failed for rkt-50beacf8-d43d-4a79-8d40-a5938d71ddba AH00558: httpd: Could not reliably determine the server’s fully qualified domain name, using 127.0.0.1. Set the ’ServerName’ directive globally to suppress this message AH00557: httpd: apr_sockaddr_info_get() failed for rkt-50beacf8-d43d-4a79-8d40-a5938d71ddba AH00558: httpd: Could not reliably determine the server’s fully qualified domain name, using 127.0.0.1. Set the ’ServerName’ directive globally to suppress this message [Wed Apr 08 06:17:15.107888 2015] [mpm_event:notice] [pid 5:tid 139942464178048] AH00489: Apache/2.4.12 (Unix) configured -- resuming normal operations [Wed Apr 08 06:17:15.107956 2015] [core:notice] [pid 5:tid 139942464178048] AH00094: Command l D FOREGROUND’ 28
run $ rkt list UUID ACI STATE NETWORKS 50beacf8 index.docker.io/httpd running default:ip4=172.16.28.3 29
private network Support Private Network (only static) ∙ private (NAT) ∙ bridge ∙ macvlan 30
port forward Exposing container ports on the host ”ports”: [ { ”name”: ”http”, ”port”: 80, ”protocol”: ”tcp” } ] 31
port forward Exposing container ports on the host $ sudo rkt --insecure-skip-verify run --port=http:8888 --private-net docker://httpd 32
demo
DEMO 34
Questions? 35

Recomendados

Docker 進階實務班
Docker 進階實務班Docker 進階實務班
Docker 進階實務班Philip Zheng
 
Cloud Foundry V2 | Intermediate Deep Dive
Cloud Foundry V2 | Intermediate Deep DiveCloud Foundry V2 | Intermediate Deep Dive
Cloud Foundry V2 | Intermediate Deep DiveKazuto Kusama
 
Introduction to Project atomic (CentOS Dojo Bangalore)
Introduction to Project atomic (CentOS Dojo Bangalore)Introduction to Project atomic (CentOS Dojo Bangalore)
Introduction to Project atomic (CentOS Dojo Bangalore)Lalatendu Mohanty
 
Using docker to develop NAS applications
Using docker to develop NAS applicationsUsing docker to develop NAS applications
Using docker to develop NAS applicationsTerry Chen
 
猿でもわかるコンテナ
猿でもわかるコンテナ猿でもわかるコンテナ
猿でもわかるコンテナTsuyoshi Miyake
 
Windows Server Containers- How we hot here and architecture deep dive
Windows Server Containers- How we hot here and architecture deep diveWindows Server Containers- How we hot here and architecture deep dive
Windows Server Containers- How we hot here and architecture deep diveDocker, Inc.
 
桃園市教育局Docker技術入門與實作
桃園市教育局Docker技術入門與實作桃園市教育局Docker技術入門與實作
桃園市教育局Docker技術入門與實作Philip Zheng
 
[DockerCon 2019] Hardening Docker daemon with Rootless mode
[DockerCon 2019] Hardening Docker daemon with Rootless mode[DockerCon 2019] Hardening Docker daemon with Rootless mode
[DockerCon 2019] Hardening Docker daemon with Rootless modeAkihiro Suda
 

Recomendados

Docker 進階實務班
Docker 進階實務班Docker 進階實務班
Docker 進階實務班Philip Zheng
 
Cloud Foundry V2 | Intermediate Deep Dive
Cloud Foundry V2 | Intermediate Deep DiveCloud Foundry V2 | Intermediate Deep Dive
Cloud Foundry V2 | Intermediate Deep DiveKazuto Kusama
 
Introduction to Project atomic (CentOS Dojo Bangalore)
Introduction to Project atomic (CentOS Dojo Bangalore)Introduction to Project atomic (CentOS Dojo Bangalore)
Introduction to Project atomic (CentOS Dojo Bangalore)Lalatendu Mohanty
 
Using docker to develop NAS applications
Using docker to develop NAS applicationsUsing docker to develop NAS applications
Using docker to develop NAS applicationsTerry Chen
 
猿でもわかるコンテナ
猿でもわかるコンテナ猿でもわかるコンテナ
猿でもわかるコンテナTsuyoshi Miyake
 
Windows Server Containers- How we hot here and architecture deep dive
Windows Server Containers- How we hot here and architecture deep diveWindows Server Containers- How we hot here and architecture deep dive
Windows Server Containers- How we hot here and architecture deep diveDocker, Inc.
 
桃園市教育局Docker技術入門與實作
桃園市教育局Docker技術入門與實作桃園市教育局Docker技術入門與實作
桃園市教育局Docker技術入門與實作Philip Zheng
 
[DockerCon 2019] Hardening Docker daemon with Rootless mode
[DockerCon 2019] Hardening Docker daemon with Rootless mode[DockerCon 2019] Hardening Docker daemon with Rootless mode
[DockerCon 2019] Hardening Docker daemon with Rootless modeAkihiro Suda
 
Docker & GitLab
Docker & GitLabDocker & GitLab
Docker & GitLabPhilip Zheng
 
Docker研習營
Docker研習營Docker研習營
Docker研習營Philip Zheng
 
DCSF 19 Deploying Rootless buildkit on Kubernetes
DCSF 19 Deploying Rootless buildkit on KubernetesDCSF 19 Deploying Rootless buildkit on Kubernetes
DCSF 19 Deploying Rootless buildkit on KubernetesDocker, Inc.
 
What’s New in Docker - Victor Vieux, Docker
What’s New in Docker - Victor Vieux, DockerWhat’s New in Docker - Victor Vieux, Docker
What’s New in Docker - Victor Vieux, DockerDocker, Inc.
 
Securing Containers, One Patch at a Time - Michael Crosby, Docker
Securing Containers, One Patch at a Time - Michael Crosby, DockerSecuring Containers, One Patch at a Time - Michael Crosby, Docker
Securing Containers, One Patch at a Time - Michael Crosby, DockerDocker, Inc.
 
Docker - Demo on PHP Application deployment
Docker - Demo on PHP Application deployment Docker - Demo on PHP Application deployment
Docker - Demo on PHP Application deployment Arun prasath
 
How to easy deploy app into any cloud
How to easy deploy app into any cloudHow to easy deploy app into any cloud
How to easy deploy app into any cloudLadislav Prskavec
 
From dev to prod: Kubernetes on AWS (short ver.)
From dev to prod: Kubernetes on AWS (short ver.)From dev to prod: Kubernetes on AWS (short ver.)
From dev to prod: Kubernetes on AWS (short ver.)佑介 九岡
 
容器與資料科學應用
容器與資料科學應用容器與資料科學應用
容器與資料科學應用Philip Zheng
 
Docker 1.11
Docker 1.11Docker 1.11
Docker 1.11Maciej Lasyk
 
Microservices at scale with docker and kubernetes - AMS JUG 2017
Microservices at scale with docker and kubernetes - AMS JUG 2017Microservices at scale with docker and kubernetes - AMS JUG 2017
Microservices at scale with docker and kubernetes - AMS JUG 2017Arjen Wassink
 
Docker on Google App Engine
Docker on Google App EngineDocker on Google App Engine
Docker on Google App EngineDocker, Inc.
 
Docker 101 @KACST Saudi HPC 2016
Docker 101 @KACST Saudi HPC 2016Docker 101 @KACST Saudi HPC 2016
Docker 101 @KACST Saudi HPC 2016Walid Shaari
 
Dockerin10mins
Dockerin10minsDockerin10mins
Dockerin10minsDawood M.S
 
Kubernetes laravel and kubernetes
Kubernetes laravel and kubernetesKubernetes laravel and kubernetes
Kubernetes laravel and kubernetesWilliam Stewart
 
DockerCon EU 2015: The Glue is the Hard Part: Making a Production-Ready PaaS
DockerCon EU 2015: The Glue is the Hard Part: Making a Production-Ready PaaSDockerCon EU 2015: The Glue is the Hard Part: Making a Production-Ready PaaS
DockerCon EU 2015: The Glue is the Hard Part: Making a Production-Ready PaaSDocker, Inc.
 
Using Containers for Continuous Integration and Continuous Delivery
Using Containers for Continuous Integration and Continuous DeliveryUsing Containers for Continuous Integration and Continuous Delivery
Using Containers for Continuous Integration and Continuous DeliveryCarlos Sanchez
 
Introduction to CRI and OCI
Introduction to CRI and OCIIntroduction to CRI and OCI
Introduction to CRI and OCIHungWei Chiu
 
Automatically Renew Certificated In Your Kubernetes Cluster
Automatically Renew Certificated In Your Kubernetes ClusterAutomatically Renew Certificated In Your Kubernetes Cluster
Automatically Renew Certificated In Your Kubernetes ClusterHungWei Chiu
 
On-Demand Image Resizing from Part of the monolith to Containerized Microserv...
On-Demand Image Resizing from Part of the monolith to Containerized Microserv...On-Demand Image Resizing from Part of the monolith to Containerized Microserv...
On-Demand Image Resizing from Part of the monolith to Containerized Microserv...Docker, Inc.
 
Spring on Kubernetes
Spring on KubernetesSpring on Kubernetes
Spring on KubernetesJay Lee
 
Dockerizing Ruby Applications - The Best Practices
Dockerizing Ruby Applications - The Best PracticesDockerizing Ruby Applications - The Best Practices
Dockerizing Ruby Applications - The Best PracticesKontena, Inc.
 

Mais conteúdo relacionado

Mais procurados

DCSF 19 Deploying Rootless buildkit on Kubernetes
DCSF 19 Deploying Rootless buildkit on KubernetesDCSF 19 Deploying Rootless buildkit on Kubernetes
DCSF 19 Deploying Rootless buildkit on KubernetesDocker, Inc.
 
What’s New in Docker - Victor Vieux, Docker
What’s New in Docker - Victor Vieux, DockerWhat’s New in Docker - Victor Vieux, Docker
What’s New in Docker - Victor Vieux, DockerDocker, Inc.
 
Securing Containers, One Patch at a Time - Michael Crosby, Docker
Securing Containers, One Patch at a Time - Michael Crosby, DockerSecuring Containers, One Patch at a Time - Michael Crosby, Docker
Securing Containers, One Patch at a Time - Michael Crosby, DockerDocker, Inc.
 
Docker - Demo on PHP Application deployment
Docker - Demo on PHP Application deployment Docker - Demo on PHP Application deployment
Docker - Demo on PHP Application deployment Arun prasath
 
How to easy deploy app into any cloud
How to easy deploy app into any cloudHow to easy deploy app into any cloud
How to easy deploy app into any cloudLadislav Prskavec
 
From dev to prod: Kubernetes on AWS (short ver.)
From dev to prod: Kubernetes on AWS (short ver.)From dev to prod: Kubernetes on AWS (short ver.)
From dev to prod: Kubernetes on AWS (short ver.)佑介 九岡
 
容器與資料科學應用
容器與資料科學應用容器與資料科學應用
容器與資料科學應用Philip Zheng
 
Microservices at scale with docker and kubernetes - AMS JUG 2017
Microservices at scale with docker and kubernetes - AMS JUG 2017Microservices at scale with docker and kubernetes - AMS JUG 2017
Microservices at scale with docker and kubernetes - AMS JUG 2017Arjen Wassink
 
Docker on Google App Engine
Docker on Google App EngineDocker on Google App Engine
Docker on Google App EngineDocker, Inc.
 
Docker 101 @KACST Saudi HPC 2016
Docker 101 @KACST Saudi HPC 2016Docker 101 @KACST Saudi HPC 2016
Docker 101 @KACST Saudi HPC 2016Walid Shaari
 
Dockerin10mins
Dockerin10minsDockerin10mins
Dockerin10minsDawood M.S
 
Kubernetes laravel and kubernetes
Kubernetes laravel and kubernetesKubernetes laravel and kubernetes
Kubernetes laravel and kubernetesWilliam Stewart
 
DockerCon EU 2015: The Glue is the Hard Part: Making a Production-Ready PaaS
DockerCon EU 2015: The Glue is the Hard Part: Making a Production-Ready PaaSDockerCon EU 2015: The Glue is the Hard Part: Making a Production-Ready PaaS
DockerCon EU 2015: The Glue is the Hard Part: Making a Production-Ready PaaSDocker, Inc.
 
Using Containers for Continuous Integration and Continuous Delivery
Using Containers for Continuous Integration and Continuous DeliveryUsing Containers for Continuous Integration and Continuous Delivery
Using Containers for Continuous Integration and Continuous DeliveryCarlos Sanchez
 
Introduction to CRI and OCI
Introduction to CRI and OCIIntroduction to CRI and OCI
Introduction to CRI and OCIHungWei Chiu
 
Automatically Renew Certificated In Your Kubernetes Cluster
Automatically Renew Certificated In Your Kubernetes ClusterAutomatically Renew Certificated In Your Kubernetes Cluster
Automatically Renew Certificated In Your Kubernetes ClusterHungWei Chiu
 
On-Demand Image Resizing from Part of the monolith to Containerized Microserv...
On-Demand Image Resizing from Part of the monolith to Containerized Microserv...On-Demand Image Resizing from Part of the monolith to Containerized Microserv...
On-Demand Image Resizing from Part of the monolith to Containerized Microserv...Docker, Inc.
 

Mais procurados (20)

Docker & GitLab
Docker & GitLabDocker & GitLab
Docker & GitLab
 
Docker研習營
Docker研習營Docker研習營
Docker研習營
 
DCSF 19 Deploying Rootless buildkit on Kubernetes
DCSF 19 Deploying Rootless buildkit on KubernetesDCSF 19 Deploying Rootless buildkit on Kubernetes
DCSF 19 Deploying Rootless buildkit on Kubernetes
 
What’s New in Docker - Victor Vieux, Docker
What’s New in Docker - Victor Vieux, DockerWhat’s New in Docker - Victor Vieux, Docker
What’s New in Docker - Victor Vieux, Docker
 
Securing Containers, One Patch at a Time - Michael Crosby, Docker
Securing Containers, One Patch at a Time - Michael Crosby, DockerSecuring Containers, One Patch at a Time - Michael Crosby, Docker
Securing Containers, One Patch at a Time - Michael Crosby, Docker
 
Docker - Demo on PHP Application deployment
Docker - Demo on PHP Application deployment Docker - Demo on PHP Application deployment
Docker - Demo on PHP Application deployment
 
How to easy deploy app into any cloud
How to easy deploy app into any cloudHow to easy deploy app into any cloud
How to easy deploy app into any cloud
 
From dev to prod: Kubernetes on AWS (short ver.)
From dev to prod: Kubernetes on AWS (short ver.)From dev to prod: Kubernetes on AWS (short ver.)
From dev to prod: Kubernetes on AWS (short ver.)
 
容器與資料科學應用
容器與資料科學應用容器與資料科學應用
容器與資料科學應用
 
Docker 1.11
Docker 1.11Docker 1.11
Docker 1.11
 
Microservices at scale with docker and kubernetes - AMS JUG 2017
Microservices at scale with docker and kubernetes - AMS JUG 2017Microservices at scale with docker and kubernetes - AMS JUG 2017
Microservices at scale with docker and kubernetes - AMS JUG 2017
 
Docker on Google App Engine
Docker on Google App EngineDocker on Google App Engine
Docker on Google App Engine
 
Docker 101 @KACST Saudi HPC 2016
Docker 101 @KACST Saudi HPC 2016Docker 101 @KACST Saudi HPC 2016
Docker 101 @KACST Saudi HPC 2016
 
Dockerin10mins
Dockerin10minsDockerin10mins
Dockerin10mins
 
Kubernetes laravel and kubernetes
Kubernetes laravel and kubernetesKubernetes laravel and kubernetes
Kubernetes laravel and kubernetes
 
DockerCon EU 2015: The Glue is the Hard Part: Making a Production-Ready PaaS
DockerCon EU 2015: The Glue is the Hard Part: Making a Production-Ready PaaSDockerCon EU 2015: The Glue is the Hard Part: Making a Production-Ready PaaS
DockerCon EU 2015: The Glue is the Hard Part: Making a Production-Ready PaaS
 
Using Containers for Continuous Integration and Continuous Delivery
Using Containers for Continuous Integration and Continuous DeliveryUsing Containers for Continuous Integration and Continuous Delivery
Using Containers for Continuous Integration and Continuous Delivery
 
Introduction to CRI and OCI
Introduction to CRI and OCIIntroduction to CRI and OCI
Introduction to CRI and OCI
 
Automatically Renew Certificated In Your Kubernetes Cluster
Automatically Renew Certificated In Your Kubernetes ClusterAutomatically Renew Certificated In Your Kubernetes Cluster
Automatically Renew Certificated In Your Kubernetes Cluster
 
On-Demand Image Resizing from Part of the monolith to Containerized Microserv...
On-Demand Image Resizing from Part of the monolith to Containerized Microserv...On-Demand Image Resizing from Part of the monolith to Containerized Microserv...
On-Demand Image Resizing from Part of the monolith to Containerized Microserv...
 

Semelhante a RKT

Spring on Kubernetes
Spring on KubernetesSpring on Kubernetes
Spring on KubernetesJay Lee
 
Dockerizing Ruby Applications - The Best Practices
Dockerizing Ruby Applications - The Best PracticesDockerizing Ruby Applications - The Best Practices
Dockerizing Ruby Applications - The Best PracticesKontena, Inc.
 
Docker Enterprise Workshop - Technical
Docker Enterprise Workshop - TechnicalDocker Enterprise Workshop - Technical
Docker Enterprise Workshop - TechnicalPatrick Chanezon
 
Experts Live Switzerland 2017 - Automatisierte Docker Release Pipeline mit VS...
Experts Live Switzerland 2017 - Automatisierte Docker Release Pipeline mit VS...Experts Live Switzerland 2017 - Automatisierte Docker Release Pipeline mit VS...
Experts Live Switzerland 2017 - Automatisierte Docker Release Pipeline mit VS...Marc Müller
 
ОЛЕГ МАЦЬКІВ «Crash course on Operator Framework» Lviv DevOps Conference 2019
ОЛЕГ МАЦЬКІВ «Crash course on Operator Framework» Lviv DevOps Conference 2019ОЛЕГ МАЦЬКІВ «Crash course on Operator Framework» Lviv DevOps Conference 2019
ОЛЕГ МАЦЬКІВ «Crash course on Operator Framework» Lviv DevOps Conference 2019UA DevOps Conference
 
Dev opsec dockerimage_patch_n_lifecyclemanagement_
Dev opsec dockerimage_patch_n_lifecyclemanagement_Dev opsec dockerimage_patch_n_lifecyclemanagement_
Dev opsec dockerimage_patch_n_lifecyclemanagement_kanedafromparis
 
Successful K8S Platforms in Airgapped Environments
Successful K8S Platforms in Airgapped EnvironmentsSuccessful K8S Platforms in Airgapped Environments
Successful K8S Platforms in Airgapped EnvironmentsKubernetesCommunityD
 
from Docker to Moby and back. what changed ?
from Docker to Moby and back. what changed ?from Docker to Moby and back. what changed ?
from Docker to Moby and back. what changed ?strikr .
 
containerD
containerDcontainerD
containerDstrikr .
 
Docker Azure Friday OSS March 2017 - Developing and deploying Java & Linux on...
Docker Azure Friday OSS March 2017 - Developing and deploying Java & Linux on...Docker Azure Friday OSS March 2017 - Developing and deploying Java & Linux on...
Docker Azure Friday OSS March 2017 - Developing and deploying Java & Linux on...Patrick Chanezon
 
Docker engine - Indroduc
Docker engine - IndroducDocker engine - Indroduc
Docker engine - IndroducAl Gifari
 
Docker Timisoara: Dockercon19 recap slides, 23 may 2019
Docker Timisoara: Dockercon19 recap slides, 23 may 2019Docker Timisoara: Dockercon19 recap slides, 23 may 2019
Docker Timisoara: Dockercon19 recap slides, 23 may 2019Radulescu Adina-Valentina
 
Docker New York Meetup May 2015 - The Docker Orchestration Ecosystem on Azure
Docker New York Meetup May 2015 - The Docker Orchestration Ecosystem on Azure Docker New York Meetup May 2015 - The Docker Orchestration Ecosystem on Azure
Docker New York Meetup May 2015 - The Docker Orchestration Ecosystem on Azure Patrick Chanezon
 
Docker for Java Developers
Docker for Java DevelopersDocker for Java Developers
Docker for Java DevelopersImesh Gunaratne
 
Docker and SDL Web/Tridion - SDL UK User Group April 2017
Docker and SDL Web/Tridion - SDL UK User Group April 2017Docker and SDL Web/Tridion - SDL UK User Group April 2017
Docker and SDL Web/Tridion - SDL UK User Group April 2017rsleggett
 
Docker Seattle Meetup April 2015 - The Docker Orchestration Ecosystem on Azure
Docker Seattle Meetup April 2015 - The Docker Orchestration Ecosystem on AzureDocker Seattle Meetup April 2015 - The Docker Orchestration Ecosystem on Azure
Docker Seattle Meetup April 2015 - The Docker Orchestration Ecosystem on AzurePatrick Chanezon
 
Build, Publish, Deploy and Test Docker images and containers with Jenkins Wor...
Build, Publish, Deploy and Test Docker images and containers with Jenkins Wor...Build, Publish, Deploy and Test Docker images and containers with Jenkins Wor...
Build, Publish, Deploy and Test Docker images and containers with Jenkins Wor...Docker, Inc.
 
Digital Forensics and Incident Response in The Cloud Part 3
Digital Forensics and Incident Response in The Cloud Part 3Digital Forensics and Incident Response in The Cloud Part 3
Digital Forensics and Incident Response in The Cloud Part 3Velocidex Enterprises
 
Docker 1.11 Presentation
Docker 1.11 PresentationDocker 1.11 Presentation
Docker 1.11 PresentationSreenivas Makam
 

Semelhante a RKT (20)

Spring on Kubernetes
Spring on KubernetesSpring on Kubernetes
Spring on Kubernetes
 
Dockerizing Ruby Applications - The Best Practices
Dockerizing Ruby Applications - The Best PracticesDockerizing Ruby Applications - The Best Practices
Dockerizing Ruby Applications - The Best Practices
 
Docker Enterprise Workshop - Technical
Docker Enterprise Workshop - TechnicalDocker Enterprise Workshop - Technical
Docker Enterprise Workshop - Technical
 
Experts Live Switzerland 2017 - Automatisierte Docker Release Pipeline mit VS...
Experts Live Switzerland 2017 - Automatisierte Docker Release Pipeline mit VS...Experts Live Switzerland 2017 - Automatisierte Docker Release Pipeline mit VS...
Experts Live Switzerland 2017 - Automatisierte Docker Release Pipeline mit VS...
 
ОЛЕГ МАЦЬКІВ «Crash course on Operator Framework» Lviv DevOps Conference 2019
ОЛЕГ МАЦЬКІВ «Crash course on Operator Framework» Lviv DevOps Conference 2019ОЛЕГ МАЦЬКІВ «Crash course on Operator Framework» Lviv DevOps Conference 2019
ОЛЕГ МАЦЬКІВ «Crash course on Operator Framework» Lviv DevOps Conference 2019
 
Docker Kubernetes Istio
Docker Kubernetes IstioDocker Kubernetes Istio
Docker Kubernetes Istio
 
Dev opsec dockerimage_patch_n_lifecyclemanagement_
Dev opsec dockerimage_patch_n_lifecyclemanagement_Dev opsec dockerimage_patch_n_lifecyclemanagement_
Dev opsec dockerimage_patch_n_lifecyclemanagement_
 
Successful K8S Platforms in Airgapped Environments
Successful K8S Platforms in Airgapped EnvironmentsSuccessful K8S Platforms in Airgapped Environments
Successful K8S Platforms in Airgapped Environments
 
from Docker to Moby and back. what changed ?
from Docker to Moby and back. what changed ?from Docker to Moby and back. what changed ?
from Docker to Moby and back. what changed ?
 
containerD
containerDcontainerD
containerD
 
Docker Azure Friday OSS March 2017 - Developing and deploying Java & Linux on...
Docker Azure Friday OSS March 2017 - Developing and deploying Java & Linux on...Docker Azure Friday OSS March 2017 - Developing and deploying Java & Linux on...
Docker Azure Friday OSS March 2017 - Developing and deploying Java & Linux on...
 
Docker engine - Indroduc
Docker engine - IndroducDocker engine - Indroduc
Docker engine - Indroduc
 
Docker Timisoara: Dockercon19 recap slides, 23 may 2019
Docker Timisoara: Dockercon19 recap slides, 23 may 2019Docker Timisoara: Dockercon19 recap slides, 23 may 2019
Docker Timisoara: Dockercon19 recap slides, 23 may 2019
 
Docker New York Meetup May 2015 - The Docker Orchestration Ecosystem on Azure
Docker New York Meetup May 2015 - The Docker Orchestration Ecosystem on Azure Docker New York Meetup May 2015 - The Docker Orchestration Ecosystem on Azure
Docker New York Meetup May 2015 - The Docker Orchestration Ecosystem on Azure
 
Docker for Java Developers
Docker for Java DevelopersDocker for Java Developers
Docker for Java Developers
 
Docker and SDL Web/Tridion - SDL UK User Group April 2017
Docker and SDL Web/Tridion - SDL UK User Group April 2017Docker and SDL Web/Tridion - SDL UK User Group April 2017
Docker and SDL Web/Tridion - SDL UK User Group April 2017
 
Docker Seattle Meetup April 2015 - The Docker Orchestration Ecosystem on Azure
Docker Seattle Meetup April 2015 - The Docker Orchestration Ecosystem on AzureDocker Seattle Meetup April 2015 - The Docker Orchestration Ecosystem on Azure
Docker Seattle Meetup April 2015 - The Docker Orchestration Ecosystem on Azure
 
Build, Publish, Deploy and Test Docker images and containers with Jenkins Wor...
Build, Publish, Deploy and Test Docker images and containers with Jenkins Wor...Build, Publish, Deploy and Test Docker images and containers with Jenkins Wor...
Build, Publish, Deploy and Test Docker images and containers with Jenkins Wor...
 
Digital Forensics and Incident Response in The Cloud Part 3
Digital Forensics and Incident Response in The Cloud Part 3Digital Forensics and Incident Response in The Cloud Part 3
Digital Forensics and Incident Response in The Cloud Part 3
 
Docker 1.11 Presentation
Docker 1.11 PresentationDocker 1.11 Presentation
Docker 1.11 Presentation
 

Último

Try MyIntelliAccount Cloud Accounting Software As A Service Solution Risk Fre...
Try MyIntelliAccount Cloud Accounting Software As A Service Solution Risk Fre...Try MyIntelliAccount Cloud Accounting Software As A Service Solution Risk Fre...
Try MyIntelliAccount Cloud Accounting Software As A Service Solution Risk Fre...MyIntelliSource, Inc.
 
Active Directory Penetration Testing, cionsystems.com.pdf
Active Directory Penetration Testing, cionsystems.com.pdfActive Directory Penetration Testing, cionsystems.com.pdf
Active Directory Penetration Testing, cionsystems.com.pdfCionsystems
 
5 Signs You Need a Fashion PLM Software.pdf
5 Signs You Need a Fashion PLM Software.pdf5 Signs You Need a Fashion PLM Software.pdf
5 Signs You Need a Fashion PLM Software.pdfWave PLM
 
SyndBuddy AI 2k Review 2024: Revolutionizing Content Syndication with AI
SyndBuddy AI 2k Review 2024: Revolutionizing Content Syndication with AISyndBuddy AI 2k Review 2024: Revolutionizing Content Syndication with AI
SyndBuddy AI 2k Review 2024: Revolutionizing Content Syndication with AIABDERRAOUF MEHENNI
 
Diamond Application Development Crafting Solutions with Precision
Diamond Application Development Crafting Solutions with PrecisionDiamond Application Development Crafting Solutions with Precision
Diamond Application Development Crafting Solutions with PrecisionSolGuruz
 
Building a General PDE Solving Framework with Symbolic-Numeric Scientific Mac...
Building a General PDE Solving Framework with Symbolic-Numeric Scientific Mac...Building a General PDE Solving Framework with Symbolic-Numeric Scientific Mac...
Building a General PDE Solving Framework with Symbolic-Numeric Scientific Mac...stazi3110
 
A Secure and Reliable Document Management System is Essential.docx
A Secure and Reliable Document Management System is Essential.docxA Secure and Reliable Document Management System is Essential.docx
A Secure and Reliable Document Management System is Essential.docxComplianceQuest1
 
(Genuine) Escort Service Lucknow | Starting ₹,5K To @25k with A/C 🧑🏽‍❤️‍🧑🏻 89...
(Genuine) Escort Service Lucknow | Starting ₹,5K To @25k with A/C 🧑🏽‍❤️‍🧑🏻 89...(Genuine) Escort Service Lucknow | Starting ₹,5K To @25k with A/C 🧑🏽‍❤️‍🧑🏻 89...
(Genuine) Escort Service Lucknow | Starting ₹,5K To @25k with A/C 🧑🏽‍❤️‍🧑🏻 89...gurkirankumar98700
 
How To Use Server-Side Rendering with Nuxt.js
How To Use Server-Side Rendering with Nuxt.jsHow To Use Server-Side Rendering with Nuxt.js
How To Use Server-Side Rendering with Nuxt.jsAndolasoft Inc
 
HR Software Buyers Guide in 2024 - HRSoftware.com
HR Software Buyers Guide in 2024 - HRSoftware.comHR Software Buyers Guide in 2024 - HRSoftware.com
HR Software Buyers Guide in 2024 - HRSoftware.comFatema Valibhai
 
TECUNIQUE: Success Stories: IT Service provider
TECUNIQUE: Success Stories: IT Service providerTECUNIQUE: Success Stories: IT Service provider
TECUNIQUE: Success Stories: IT Service providermohitmore19
 
Building Real-Time Data Pipelines: Stream & Batch Processing workshop Slide
Building Real-Time Data Pipelines: Stream & Batch Processing workshop SlideBuilding Real-Time Data Pipelines: Stream & Batch Processing workshop Slide
Building Real-Time Data Pipelines: Stream & Batch Processing workshop SlideChristina Lin
 
Hand gesture recognition PROJECT PPT.pptx
Hand gesture recognition PROJECT PPT.pptxHand gesture recognition PROJECT PPT.pptx
Hand gesture recognition PROJECT PPT.pptxbodapatigopi8531
 
DNT_Corporate presentation know about us
DNT_Corporate presentation know about usDNT_Corporate presentation know about us
DNT_Corporate presentation know about usDynamic Netsoft
 
Steps To Getting Up And Running Quickly With MyTimeClock Employee Scheduling ...
Steps To Getting Up And Running Quickly With MyTimeClock Employee Scheduling ...Steps To Getting Up And Running Quickly With MyTimeClock Employee Scheduling ...
Steps To Getting Up And Running Quickly With MyTimeClock Employee Scheduling ...MyIntelliSource, Inc.
 
Cloud Management Software Platforms: OpenStack
Cloud Management Software Platforms: OpenStackCloud Management Software Platforms: OpenStack
Cloud Management Software Platforms: OpenStackVICTOR MAESTRE RAMIREZ
 
Learn the Fundamentals of XCUITest Framework_ A Beginner's Guide.pdf
Learn the Fundamentals of XCUITest Framework_ A Beginner's Guide.pdfLearn the Fundamentals of XCUITest Framework_ A Beginner's Guide.pdf
Learn the Fundamentals of XCUITest Framework_ A Beginner's Guide.pdfkalichargn70th171
 
Adobe Marketo Engage Deep Dives: Using Webhooks to Transfer Data
Adobe Marketo Engage Deep Dives: Using Webhooks to Transfer DataAdobe Marketo Engage Deep Dives: Using Webhooks to Transfer Data
Adobe Marketo Engage Deep Dives: Using Webhooks to Transfer DataBradBedford3
 

Último (20)

Vip Call Girls Noida ➡️ Delhi ➡️ 9999965857 No Advance 24HRS Live
Vip Call Girls Noida ➡️ Delhi ➡️ 9999965857 No Advance 24HRS LiveVip Call Girls Noida ➡️ Delhi ➡️ 9999965857 No Advance 24HRS Live
Vip Call Girls Noida ➡️ Delhi ➡️ 9999965857 No Advance 24HRS Live
 
Try MyIntelliAccount Cloud Accounting Software As A Service Solution Risk Fre...
Try MyIntelliAccount Cloud Accounting Software As A Service Solution Risk Fre...Try MyIntelliAccount Cloud Accounting Software As A Service Solution Risk Fre...
Try MyIntelliAccount Cloud Accounting Software As A Service Solution Risk Fre...
 
Active Directory Penetration Testing, cionsystems.com.pdf
Active Directory Penetration Testing, cionsystems.com.pdfActive Directory Penetration Testing, cionsystems.com.pdf
Active Directory Penetration Testing, cionsystems.com.pdf
 
5 Signs You Need a Fashion PLM Software.pdf
5 Signs You Need a Fashion PLM Software.pdf5 Signs You Need a Fashion PLM Software.pdf
5 Signs You Need a Fashion PLM Software.pdf
 
SyndBuddy AI 2k Review 2024: Revolutionizing Content Syndication with AI
SyndBuddy AI 2k Review 2024: Revolutionizing Content Syndication with AISyndBuddy AI 2k Review 2024: Revolutionizing Content Syndication with AI
SyndBuddy AI 2k Review 2024: Revolutionizing Content Syndication with AI
 
Diamond Application Development Crafting Solutions with Precision
Diamond Application Development Crafting Solutions with PrecisionDiamond Application Development Crafting Solutions with Precision
Diamond Application Development Crafting Solutions with Precision
 
Building a General PDE Solving Framework with Symbolic-Numeric Scientific Mac...
Building a General PDE Solving Framework with Symbolic-Numeric Scientific Mac...Building a General PDE Solving Framework with Symbolic-Numeric Scientific Mac...
Building a General PDE Solving Framework with Symbolic-Numeric Scientific Mac...
 
A Secure and Reliable Document Management System is Essential.docx
A Secure and Reliable Document Management System is Essential.docxA Secure and Reliable Document Management System is Essential.docx
A Secure and Reliable Document Management System is Essential.docx
 
(Genuine) Escort Service Lucknow | Starting ₹,5K To @25k with A/C 🧑🏽‍❤️‍🧑🏻 89...
(Genuine) Escort Service Lucknow | Starting ₹,5K To @25k with A/C 🧑🏽‍❤️‍🧑🏻 89...(Genuine) Escort Service Lucknow | Starting ₹,5K To @25k with A/C 🧑🏽‍❤️‍🧑🏻 89...
(Genuine) Escort Service Lucknow | Starting ₹,5K To @25k with A/C 🧑🏽‍❤️‍🧑🏻 89...
 
How To Use Server-Side Rendering with Nuxt.js
How To Use Server-Side Rendering with Nuxt.jsHow To Use Server-Side Rendering with Nuxt.js
How To Use Server-Side Rendering with Nuxt.js
 
HR Software Buyers Guide in 2024 - HRSoftware.com
HR Software Buyers Guide in 2024 - HRSoftware.comHR Software Buyers Guide in 2024 - HRSoftware.com
HR Software Buyers Guide in 2024 - HRSoftware.com
 
TECUNIQUE: Success Stories: IT Service provider
TECUNIQUE: Success Stories: IT Service providerTECUNIQUE: Success Stories: IT Service provider
TECUNIQUE: Success Stories: IT Service provider
 
Building Real-Time Data Pipelines: Stream & Batch Processing workshop Slide
Building Real-Time Data Pipelines: Stream & Batch Processing workshop SlideBuilding Real-Time Data Pipelines: Stream & Batch Processing workshop Slide
Building Real-Time Data Pipelines: Stream & Batch Processing workshop Slide
 
Hand gesture recognition PROJECT PPT.pptx
Hand gesture recognition PROJECT PPT.pptxHand gesture recognition PROJECT PPT.pptx
Hand gesture recognition PROJECT PPT.pptx
 
DNT_Corporate presentation know about us
DNT_Corporate presentation know about usDNT_Corporate presentation know about us
DNT_Corporate presentation know about us
 
Steps To Getting Up And Running Quickly With MyTimeClock Employee Scheduling ...
Steps To Getting Up And Running Quickly With MyTimeClock Employee Scheduling ...Steps To Getting Up And Running Quickly With MyTimeClock Employee Scheduling ...
Steps To Getting Up And Running Quickly With MyTimeClock Employee Scheduling ...
 
Cloud Management Software Platforms: OpenStack
Cloud Management Software Platforms: OpenStackCloud Management Software Platforms: OpenStack
Cloud Management Software Platforms: OpenStack
 
Learn the Fundamentals of XCUITest Framework_ A Beginner's Guide.pdf
Learn the Fundamentals of XCUITest Framework_ A Beginner's Guide.pdfLearn the Fundamentals of XCUITest Framework_ A Beginner's Guide.pdf
Learn the Fundamentals of XCUITest Framework_ A Beginner's Guide.pdf
 
Adobe Marketo Engage Deep Dives: Using Webhooks to Transfer Data
Adobe Marketo Engage Deep Dives: Using Webhooks to Transfer DataAdobe Marketo Engage Deep Dives: Using Webhooks to Transfer Data
Adobe Marketo Engage Deep Dives: Using Webhooks to Transfer Data
 
Exploring iOS App Development: Simplifying the Process
Exploring iOS App Development: Simplifying the ProcessExploring iOS App Development: Simplifying the Process
Exploring iOS App Development: Simplifying the Process
 

RKT

  • 1. rkt Yutaka Matsubara April 9, 2015 CoreOS Meetup Tokyo #1
  • 2. who ? Yutaka Matsubara Abby CTO twitter @mopemope github @mopemope 1
  • 3. rkt
  • 4. what is rkt ? App Container Runtime 3
  • 5. rkt rkt implements the two runtime components of the App Container specification ∙ Application Container Executor (ACE) ∙ Metadata Service 4
  • 7. what is app container ? App Container is a specification of an image format runtime, and discovery protocol for running applications in containers. 6
  • 8. app container spec ∙ Building App Container ∙ Validating App Container ∙ Validating App Container Executors ∙ Discovery App Container Image Discovery 7
  • 9. goal The core goals of the specification ∙ Designing for fast downloads and starts of App Containers ∙ Ensuring images are cryptographically verifiable and highly cacheable ∙ Designing for composability and independent implementations ∙ Using common technologies for cryptography, archiving, compression and transport ∙ Using the DNS namespace to name and discover images 8
  • 10. keyword ∙ App Container Image ∙ App Container Image Discovery ∙ App Container Pod ∙ App Container Executor 9
  • 11. manifest App Container Manifest is json format 10
  • 12. image manifest { ”acKind”: ”ImageManifest”, ”acVersion”: ”0.5.1”, ”name”: ”xxxxx/xxxxxx”, ”app”: { ”exec”: [ ”/usr/bin/reduce-worker”, ”--quiet” ], ”user”: ”100”, ”group”: ”300”, ”workingDirectory”: ”/opt/work”, ”environment”: [ { ”name”: ”REDUCE_WORKER_DEBUG”, ”value”: ”true” } ], }, } 11
  • 13. pod manifest { ”acVersion”: ”0.5.1”, ”acKind”: ”PodManifest”, ”apps”: [ { ”name”: ”main”, ”image”: { ”name”: ”example.com/xxxxxx”, }, ”app”: { ”exec”: [ ], }, }, { ”name”: ”backup”, ”image”: { ”name”: ”example.com/zzzzzzzz”, }, 12
  • 15. what is difference between rkt and docker? ∙ Composable ∙ Security ∙ Image disribution ∙ Open 14
  • 16. composable ∙ central daemon ∙ pull image docker format ∙ push image docker format ∙ monolithic binary ∙ no daemon ∙ download common format ∙ upload common format ∙ independent and composable 15
  • 17. security ∙ central daemon ∙ docker spec ∙ https certificate ∙ isolation ∙ crypto ∙ image auditing 16
  • 18. image distribution ∙ docker spec ∙ docker hub ∙ docker registry ∙ standard and open spec ∙ simple ∙ without registry 17
  • 19. open ∙ developed by a community ∙ docker spec ... ∙ developed by a community ∙ format and runtime specification 18
  • 21. rkt ∙ Download ACI and Docker Image ∙ Verify Signatures ∙ Launching Container and Pod ∙ Enter Container ∙ Private Network ∙ Metadata Service 20
  • 23. trust Get trusted key $ sudo rkt trust --prefix storage.coreos.com 22
  • 24. fetch Download Container Image and Verify ∙ Localfile ∙ HTTP, HTTPS ∙ Docker Image 23
  • 25. fetch $ sudo rkt --insecure-skip-verify fetch docker://httpd docker://mysql rkt: fetching image from docker://httpd sha512-73e53da5b22e08e3ebf5eeb47d8c3113 rkt: fetching image from docker://mysql sha512-8ea09fa7718553967e8b6fe50b72df68 24
  • 26. prepare Holding an exclusive lock on the pod directory $ sudo rkt --insecure-skip-verify prepare docker://httpd rkt: fetching image from docker://httpd ea5cf47a-6b5b-4118-be9d-91d50e7258cb 25
  • 27. prepare $ rkt list UUID ACI STATE NETWORKS ea5cf47a index.docker.io/httpd prepared 26
  • 28. run Run Container run run container (prepare and run) run-prepared run prepared container ∙ set and override environment ∙ run interactively ∙ mount volume ∙ setup container network 27
  • 29. run $ sudo rkt --insecure-skip-verify --debug run --private-net docker://httpd rkt: fetching image from file:///home/ma2/bin/stage1.aci rkt: fetching image from docker://httpd ... AH00557: httpd: apr_sockaddr_info_get() failed for rkt-50beacf8-d43d-4a79-8d40-a5938d71ddba AH00558: httpd: Could not reliably determine the server’s fully qualified domain name, using 127.0.0.1. Set the ’ServerName’ directive globally to suppress this message AH00557: httpd: apr_sockaddr_info_get() failed for rkt-50beacf8-d43d-4a79-8d40-a5938d71ddba AH00558: httpd: Could not reliably determine the server’s fully qualified domain name, using 127.0.0.1. Set the ’ServerName’ directive globally to suppress this message [Wed Apr 08 06:17:15.107888 2015] [mpm_event:notice] [pid 5:tid 139942464178048] AH00489: Apache/2.4.12 (Unix) configured -- resuming normal operations [Wed Apr 08 06:17:15.107956 2015] [core:notice] [pid 5:tid 139942464178048] AH00094: Command l D FOREGROUND’ 28
  • 30. run $ rkt list UUID ACI STATE NETWORKS 50beacf8 index.docker.io/httpd running default:ip4=172.16.28.3 29
  • 31. private network Support Private Network (only static) ∙ private (NAT) ∙ bridge ∙ macvlan 30
  • 32. port forward Exposing container ports on the host ”ports”: [ { ”name”: ”http”, ”port”: 80, ”protocol”: ”tcp” } ] 31
  • 33. port forward Exposing container ports on the host $ sudo rkt --insecure-skip-verify run --port=http:8888 --private-net docker://httpd 32
  • 34. demo