SlideShare ist ein Scribd-Unternehmen logo

RKT

Yutaka Matsubara
Yutaka Matsubara

Rocket CoreOS Meetup Tokyo #1

Software
1 von 36
Downloaden Sie, um offline zu lesen
rkt Yutaka Matsubara April 9, 2015 CoreOS Meetup Tokyo #1
who ? Yutaka Matsubara Abby CTO twitter @mopemope github @mopemope 1
rkt
what is rkt ? App Container Runtime 3
rkt rkt implements the two runtime components of the App Container specification ∙ Application Container Executor (ACE) ∙ Metadata Service 4
app container
what is app container ? App Container is a specification of an image format runtime, and discovery protocol for running applications in containers. 6
app container spec ∙ Building App Container ∙ Validating App Container ∙ Validating App Container Executors ∙ Discovery App Container Image Discovery 7
goal The core goals of the specification ∙ Designing for fast downloads and starts of App Containers ∙ Ensuring images are cryptographically verifiable and highly cacheable ∙ Designing for composability and independent implementations ∙ Using common technologies for cryptography, archiving, compression and transport ∙ Using the DNS namespace to name and discover images 8
keyword ∙ App Container Image ∙ App Container Image Discovery ∙ App Container Pod ∙ App Container Executor 9
manifest App Container Manifest is json format 10
image manifest { ”acKind”: ”ImageManifest”, ”acVersion”: ”0.5.1”, ”name”: ”xxxxx/xxxxxx”, ”app”: { ”exec”: [ ”/usr/bin/reduce-worker”, ”--quiet” ], ”user”: ”100”, ”group”: ”300”, ”workingDirectory”: ”/opt/work”, ”environment”: [ { ”name”: ”REDUCE_WORKER_DEBUG”, ”value”: ”true” } ], }, } 11
pod manifest { ”acVersion”: ”0.5.1”, ”acKind”: ”PodManifest”, ”apps”: [ { ”name”: ”main”, ”image”: { ”name”: ”example.com/xxxxxx”, }, ”app”: { ”exec”: [ ], }, }, { ”name”: ”backup”, ”image”: { ”name”: ”example.com/zzzzzzzz”, }, 12
diffrence docker
what is difference between rkt and docker? ∙ Composable ∙ Security ∙ Image disribution ∙ Open 14
composable ∙ central daemon ∙ pull image docker format ∙ push image docker format ∙ monolithic binary ∙ no daemon ∙ download common format ∙ upload common format ∙ independent and composable 15
security ∙ central daemon ∙ docker spec ∙ https certificate ∙ isolation ∙ crypto ∙ image auditing 16
image distribution ∙ docker spec ∙ docker hub ∙ docker registry ∙ standard and open spec ∙ simple ∙ without registry 17
open ∙ developed by a community ∙ docker spec ... ∙ developed by a community ∙ format and runtime specification 18
detail rkt
rkt ∙ Download ACI and Docker Image ∙ Verify Signatures ∙ Launching Container and Pod ∙ Enter Container ∙ Private Network ∙ Metadata Service 20
rkt Architecture 21
trust Get trusted key $ sudo rkt trust --prefix storage.coreos.com 22
fetch Download Container Image and Verify ∙ Localfile ∙ HTTP, HTTPS ∙ Docker Image 23
fetch $ sudo rkt --insecure-skip-verify fetch docker://httpd docker://mysql rkt: fetching image from docker://httpd sha512-73e53da5b22e08e3ebf5eeb47d8c3113 rkt: fetching image from docker://mysql sha512-8ea09fa7718553967e8b6fe50b72df68 24
prepare Holding an exclusive lock on the pod directory $ sudo rkt --insecure-skip-verify prepare docker://httpd rkt: fetching image from docker://httpd ea5cf47a-6b5b-4118-be9d-91d50e7258cb 25
prepare $ rkt list UUID ACI STATE NETWORKS ea5cf47a index.docker.io/httpd prepared 26
run Run Container run run container (prepare and run) run-prepared run prepared container ∙ set and override environment ∙ run interactively ∙ mount volume ∙ setup container network 27
run $ sudo rkt --insecure-skip-verify --debug run --private-net docker://httpd rkt: fetching image from file:///home/ma2/bin/stage1.aci rkt: fetching image from docker://httpd ... AH00557: httpd: apr_sockaddr_info_get() failed for rkt-50beacf8-d43d-4a79-8d40-a5938d71ddba AH00558: httpd: Could not reliably determine the server’s fully qualified domain name, using 127.0.0.1. Set the ’ServerName’ directive globally to suppress this message AH00557: httpd: apr_sockaddr_info_get() failed for rkt-50beacf8-d43d-4a79-8d40-a5938d71ddba AH00558: httpd: Could not reliably determine the server’s fully qualified domain name, using 127.0.0.1. Set the ’ServerName’ directive globally to suppress this message [Wed Apr 08 06:17:15.107888 2015] [mpm_event:notice] [pid 5:tid 139942464178048] AH00489: Apache/2.4.12 (Unix) configured -- resuming normal operations [Wed Apr 08 06:17:15.107956 2015] [core:notice] [pid 5:tid 139942464178048] AH00094: Command l D FOREGROUND’ 28
run $ rkt list UUID ACI STATE NETWORKS 50beacf8 index.docker.io/httpd running default:ip4=172.16.28.3 29
private network Support Private Network (only static) ∙ private (NAT) ∙ bridge ∙ macvlan 30
port forward Exposing container ports on the host ”ports”: [ { ”name”: ”http”, ”port”: 80, ”protocol”: ”tcp” } ] 31
port forward Exposing container ports on the host $ sudo rkt --insecure-skip-verify run --port=http:8888 --private-net docker://httpd 32
demo
DEMO 34
Questions? 35

Empfohlen

Docker 進階實務班
Docker 進階實務班Docker 進階實務班
Docker 進階實務班Philip Zheng
 
Cloud Foundry V2 | Intermediate Deep Dive
Cloud Foundry V2 | Intermediate Deep DiveCloud Foundry V2 | Intermediate Deep Dive
Cloud Foundry V2 | Intermediate Deep DiveKazuto Kusama
 
Introduction to Project atomic (CentOS Dojo Bangalore)
Introduction to Project atomic (CentOS Dojo Bangalore)Introduction to Project atomic (CentOS Dojo Bangalore)
Introduction to Project atomic (CentOS Dojo Bangalore)Lalatendu Mohanty
 
Using docker to develop NAS applications
Using docker to develop NAS applicationsUsing docker to develop NAS applications
Using docker to develop NAS applicationsTerry Chen
 
猿でもわかるコンテナ
猿でもわかるコンテナ猿でもわかるコンテナ
猿でもわかるコンテナTsuyoshi Miyake
 
Windows Server Containers- How we hot here and architecture deep dive
Windows Server Containers- How we hot here and architecture deep diveWindows Server Containers- How we hot here and architecture deep dive
Windows Server Containers- How we hot here and architecture deep diveDocker, Inc.
 
桃園市教育局Docker技術入門與實作
桃園市教育局Docker技術入門與實作桃園市教育局Docker技術入門與實作
桃園市教育局Docker技術入門與實作Philip Zheng
 
[DockerCon 2019] Hardening Docker daemon with Rootless mode
[DockerCon 2019] Hardening Docker daemon with Rootless mode[DockerCon 2019] Hardening Docker daemon with Rootless mode
[DockerCon 2019] Hardening Docker daemon with Rootless modeAkihiro Suda
 

Empfohlen

Docker 進階實務班
Docker 進階實務班Docker 進階實務班
Docker 進階實務班Philip Zheng
 
Cloud Foundry V2 | Intermediate Deep Dive
Cloud Foundry V2 | Intermediate Deep DiveCloud Foundry V2 | Intermediate Deep Dive
Cloud Foundry V2 | Intermediate Deep DiveKazuto Kusama
 
Introduction to Project atomic (CentOS Dojo Bangalore)
Introduction to Project atomic (CentOS Dojo Bangalore)Introduction to Project atomic (CentOS Dojo Bangalore)
Introduction to Project atomic (CentOS Dojo Bangalore)Lalatendu Mohanty
 
Using docker to develop NAS applications
Using docker to develop NAS applicationsUsing docker to develop NAS applications
Using docker to develop NAS applicationsTerry Chen
 
猿でもわかるコンテナ
猿でもわかるコンテナ猿でもわかるコンテナ
猿でもわかるコンテナTsuyoshi Miyake
 
Windows Server Containers- How we hot here and architecture deep dive
Windows Server Containers- How we hot here and architecture deep diveWindows Server Containers- How we hot here and architecture deep dive
Windows Server Containers- How we hot here and architecture deep diveDocker, Inc.
 
桃園市教育局Docker技術入門與實作
桃園市教育局Docker技術入門與實作桃園市教育局Docker技術入門與實作
桃園市教育局Docker技術入門與實作Philip Zheng
 
[DockerCon 2019] Hardening Docker daemon with Rootless mode
[DockerCon 2019] Hardening Docker daemon with Rootless mode[DockerCon 2019] Hardening Docker daemon with Rootless mode
[DockerCon 2019] Hardening Docker daemon with Rootless modeAkihiro Suda
 
Docker & GitLab
Docker & GitLabDocker & GitLab
Docker & GitLabPhilip Zheng
 
Docker研習營
Docker研習營Docker研習營
Docker研習營Philip Zheng
 
DCSF 19 Deploying Rootless buildkit on Kubernetes
DCSF 19 Deploying Rootless buildkit on KubernetesDCSF 19 Deploying Rootless buildkit on Kubernetes
DCSF 19 Deploying Rootless buildkit on KubernetesDocker, Inc.
 
What’s New in Docker - Victor Vieux, Docker
What’s New in Docker - Victor Vieux, DockerWhat’s New in Docker - Victor Vieux, Docker
What’s New in Docker - Victor Vieux, DockerDocker, Inc.
 
Securing Containers, One Patch at a Time - Michael Crosby, Docker
Securing Containers, One Patch at a Time - Michael Crosby, DockerSecuring Containers, One Patch at a Time - Michael Crosby, Docker
Securing Containers, One Patch at a Time - Michael Crosby, DockerDocker, Inc.
 
Docker - Demo on PHP Application deployment
Docker - Demo on PHP Application deployment Docker - Demo on PHP Application deployment
Docker - Demo on PHP Application deployment Arun prasath
 
How to easy deploy app into any cloud
How to easy deploy app into any cloudHow to easy deploy app into any cloud
How to easy deploy app into any cloudLadislav Prskavec
 
From dev to prod: Kubernetes on AWS (short ver.)
From dev to prod: Kubernetes on AWS (short ver.)From dev to prod: Kubernetes on AWS (short ver.)
From dev to prod: Kubernetes on AWS (short ver.)佑介 九岡
 
容器與資料科學應用
容器與資料科學應用容器與資料科學應用
容器與資料科學應用Philip Zheng
 
Docker 1.11
Docker 1.11Docker 1.11
Docker 1.11Maciej Lasyk
 
Microservices at scale with docker and kubernetes - AMS JUG 2017
Microservices at scale with docker and kubernetes - AMS JUG 2017Microservices at scale with docker and kubernetes - AMS JUG 2017
Microservices at scale with docker and kubernetes - AMS JUG 2017Arjen Wassink
 
Docker on Google App Engine
Docker on Google App EngineDocker on Google App Engine
Docker on Google App EngineDocker, Inc.
 
Docker 101 @KACST Saudi HPC 2016
Docker 101 @KACST Saudi HPC 2016Docker 101 @KACST Saudi HPC 2016
Docker 101 @KACST Saudi HPC 2016Walid Shaari
 
Dockerin10mins
Dockerin10minsDockerin10mins
Dockerin10minsDawood M.S
 
Kubernetes laravel and kubernetes
Kubernetes laravel and kubernetesKubernetes laravel and kubernetes
Kubernetes laravel and kubernetesWilliam Stewart
 
DockerCon EU 2015: The Glue is the Hard Part: Making a Production-Ready PaaS
DockerCon EU 2015: The Glue is the Hard Part: Making a Production-Ready PaaSDockerCon EU 2015: The Glue is the Hard Part: Making a Production-Ready PaaS
DockerCon EU 2015: The Glue is the Hard Part: Making a Production-Ready PaaSDocker, Inc.
 
Using Containers for Continuous Integration and Continuous Delivery
Using Containers for Continuous Integration and Continuous DeliveryUsing Containers for Continuous Integration and Continuous Delivery
Using Containers for Continuous Integration and Continuous DeliveryCarlos Sanchez
 
Introduction to CRI and OCI
Introduction to CRI and OCIIntroduction to CRI and OCI
Introduction to CRI and OCIHungWei Chiu
 
Automatically Renew Certificated In Your Kubernetes Cluster
Automatically Renew Certificated In Your Kubernetes ClusterAutomatically Renew Certificated In Your Kubernetes Cluster
Automatically Renew Certificated In Your Kubernetes ClusterHungWei Chiu
 
On-Demand Image Resizing from Part of the monolith to Containerized Microserv...
On-Demand Image Resizing from Part of the monolith to Containerized Microserv...On-Demand Image Resizing from Part of the monolith to Containerized Microserv...
On-Demand Image Resizing from Part of the monolith to Containerized Microserv...Docker, Inc.
 
Spring on Kubernetes
Spring on KubernetesSpring on Kubernetes
Spring on KubernetesJay Lee
 
Dockerizing Ruby Applications - The Best Practices
Dockerizing Ruby Applications - The Best PracticesDockerizing Ruby Applications - The Best Practices
Dockerizing Ruby Applications - The Best PracticesKontena, Inc.
 

Weitere ähnliche Inhalte

Was ist angesagt?

DCSF 19 Deploying Rootless buildkit on Kubernetes
DCSF 19 Deploying Rootless buildkit on KubernetesDCSF 19 Deploying Rootless buildkit on Kubernetes
DCSF 19 Deploying Rootless buildkit on KubernetesDocker, Inc.
 
What’s New in Docker - Victor Vieux, Docker
What’s New in Docker - Victor Vieux, DockerWhat’s New in Docker - Victor Vieux, Docker
What’s New in Docker - Victor Vieux, DockerDocker, Inc.
 
Securing Containers, One Patch at a Time - Michael Crosby, Docker
Securing Containers, One Patch at a Time - Michael Crosby, DockerSecuring Containers, One Patch at a Time - Michael Crosby, Docker
Securing Containers, One Patch at a Time - Michael Crosby, DockerDocker, Inc.
 
Docker - Demo on PHP Application deployment
Docker - Demo on PHP Application deployment Docker - Demo on PHP Application deployment
Docker - Demo on PHP Application deployment Arun prasath
 
How to easy deploy app into any cloud
How to easy deploy app into any cloudHow to easy deploy app into any cloud
How to easy deploy app into any cloudLadislav Prskavec
 
From dev to prod: Kubernetes on AWS (short ver.)
From dev to prod: Kubernetes on AWS (short ver.)From dev to prod: Kubernetes on AWS (short ver.)
From dev to prod: Kubernetes on AWS (short ver.)佑介 九岡
 
容器與資料科學應用
容器與資料科學應用容器與資料科學應用
容器與資料科學應用Philip Zheng
 
Microservices at scale with docker and kubernetes - AMS JUG 2017
Microservices at scale with docker and kubernetes - AMS JUG 2017Microservices at scale with docker and kubernetes - AMS JUG 2017
Microservices at scale with docker and kubernetes - AMS JUG 2017Arjen Wassink
 
Docker on Google App Engine
Docker on Google App EngineDocker on Google App Engine
Docker on Google App EngineDocker, Inc.
 
Docker 101 @KACST Saudi HPC 2016
Docker 101 @KACST Saudi HPC 2016Docker 101 @KACST Saudi HPC 2016
Docker 101 @KACST Saudi HPC 2016Walid Shaari
 
Dockerin10mins
Dockerin10minsDockerin10mins
Dockerin10minsDawood M.S
 
Kubernetes laravel and kubernetes
Kubernetes laravel and kubernetesKubernetes laravel and kubernetes
Kubernetes laravel and kubernetesWilliam Stewart
 
DockerCon EU 2015: The Glue is the Hard Part: Making a Production-Ready PaaS
DockerCon EU 2015: The Glue is the Hard Part: Making a Production-Ready PaaSDockerCon EU 2015: The Glue is the Hard Part: Making a Production-Ready PaaS
DockerCon EU 2015: The Glue is the Hard Part: Making a Production-Ready PaaSDocker, Inc.
 
Using Containers for Continuous Integration and Continuous Delivery
Using Containers for Continuous Integration and Continuous DeliveryUsing Containers for Continuous Integration and Continuous Delivery
Using Containers for Continuous Integration and Continuous DeliveryCarlos Sanchez
 
Introduction to CRI and OCI
Introduction to CRI and OCIIntroduction to CRI and OCI
Introduction to CRI and OCIHungWei Chiu
 
Automatically Renew Certificated In Your Kubernetes Cluster
Automatically Renew Certificated In Your Kubernetes ClusterAutomatically Renew Certificated In Your Kubernetes Cluster
Automatically Renew Certificated In Your Kubernetes ClusterHungWei Chiu
 
On-Demand Image Resizing from Part of the monolith to Containerized Microserv...
On-Demand Image Resizing from Part of the monolith to Containerized Microserv...On-Demand Image Resizing from Part of the monolith to Containerized Microserv...
On-Demand Image Resizing from Part of the monolith to Containerized Microserv...Docker, Inc.
 

Was ist angesagt? (20)

Docker & GitLab
Docker & GitLabDocker & GitLab
Docker & GitLab
 
Docker研習營
Docker研習營Docker研習營
Docker研習營
 
DCSF 19 Deploying Rootless buildkit on Kubernetes
DCSF 19 Deploying Rootless buildkit on KubernetesDCSF 19 Deploying Rootless buildkit on Kubernetes
DCSF 19 Deploying Rootless buildkit on Kubernetes
 
What’s New in Docker - Victor Vieux, Docker
What’s New in Docker - Victor Vieux, DockerWhat’s New in Docker - Victor Vieux, Docker
What’s New in Docker - Victor Vieux, Docker
 
Securing Containers, One Patch at a Time - Michael Crosby, Docker
Securing Containers, One Patch at a Time - Michael Crosby, DockerSecuring Containers, One Patch at a Time - Michael Crosby, Docker
Securing Containers, One Patch at a Time - Michael Crosby, Docker
 
Docker - Demo on PHP Application deployment
Docker - Demo on PHP Application deployment Docker - Demo on PHP Application deployment
Docker - Demo on PHP Application deployment
 
How to easy deploy app into any cloud
How to easy deploy app into any cloudHow to easy deploy app into any cloud
How to easy deploy app into any cloud
 
From dev to prod: Kubernetes on AWS (short ver.)
From dev to prod: Kubernetes on AWS (short ver.)From dev to prod: Kubernetes on AWS (short ver.)
From dev to prod: Kubernetes on AWS (short ver.)
 
容器與資料科學應用
容器與資料科學應用容器與資料科學應用
容器與資料科學應用
 
Docker 1.11
Docker 1.11Docker 1.11
Docker 1.11
 
Microservices at scale with docker and kubernetes - AMS JUG 2017
Microservices at scale with docker and kubernetes - AMS JUG 2017Microservices at scale with docker and kubernetes - AMS JUG 2017
Microservices at scale with docker and kubernetes - AMS JUG 2017
 
Docker on Google App Engine
Docker on Google App EngineDocker on Google App Engine
Docker on Google App Engine
 
Docker 101 @KACST Saudi HPC 2016
Docker 101 @KACST Saudi HPC 2016Docker 101 @KACST Saudi HPC 2016
Docker 101 @KACST Saudi HPC 2016
 
Dockerin10mins
Dockerin10minsDockerin10mins
Dockerin10mins
 
Kubernetes laravel and kubernetes
Kubernetes laravel and kubernetesKubernetes laravel and kubernetes
Kubernetes laravel and kubernetes
 
DockerCon EU 2015: The Glue is the Hard Part: Making a Production-Ready PaaS
DockerCon EU 2015: The Glue is the Hard Part: Making a Production-Ready PaaSDockerCon EU 2015: The Glue is the Hard Part: Making a Production-Ready PaaS
DockerCon EU 2015: The Glue is the Hard Part: Making a Production-Ready PaaS
 
Using Containers for Continuous Integration and Continuous Delivery
Using Containers for Continuous Integration and Continuous DeliveryUsing Containers for Continuous Integration and Continuous Delivery
Using Containers for Continuous Integration and Continuous Delivery
 
Introduction to CRI and OCI
Introduction to CRI and OCIIntroduction to CRI and OCI
Introduction to CRI and OCI
 
Automatically Renew Certificated In Your Kubernetes Cluster
Automatically Renew Certificated In Your Kubernetes ClusterAutomatically Renew Certificated In Your Kubernetes Cluster
Automatically Renew Certificated In Your Kubernetes Cluster
 
On-Demand Image Resizing from Part of the monolith to Containerized Microserv...
On-Demand Image Resizing from Part of the monolith to Containerized Microserv...On-Demand Image Resizing from Part of the monolith to Containerized Microserv...
On-Demand Image Resizing from Part of the monolith to Containerized Microserv...
 

Ähnlich wie RKT

Spring on Kubernetes
Spring on KubernetesSpring on Kubernetes
Spring on KubernetesJay Lee
 
Dockerizing Ruby Applications - The Best Practices
Dockerizing Ruby Applications - The Best PracticesDockerizing Ruby Applications - The Best Practices
Dockerizing Ruby Applications - The Best PracticesKontena, Inc.
 
Docker Enterprise Workshop - Technical
Docker Enterprise Workshop - TechnicalDocker Enterprise Workshop - Technical
Docker Enterprise Workshop - TechnicalPatrick Chanezon
 
Experts Live Switzerland 2017 - Automatisierte Docker Release Pipeline mit VS...
Experts Live Switzerland 2017 - Automatisierte Docker Release Pipeline mit VS...Experts Live Switzerland 2017 - Automatisierte Docker Release Pipeline mit VS...
Experts Live Switzerland 2017 - Automatisierte Docker Release Pipeline mit VS...Marc Müller
 
ОЛЕГ МАЦЬКІВ «Crash course on Operator Framework» Lviv DevOps Conference 2019
ОЛЕГ МАЦЬКІВ «Crash course on Operator Framework» Lviv DevOps Conference 2019ОЛЕГ МАЦЬКІВ «Crash course on Operator Framework» Lviv DevOps Conference 2019
ОЛЕГ МАЦЬКІВ «Crash course on Operator Framework» Lviv DevOps Conference 2019UA DevOps Conference
 
Dev opsec dockerimage_patch_n_lifecyclemanagement_
Dev opsec dockerimage_patch_n_lifecyclemanagement_Dev opsec dockerimage_patch_n_lifecyclemanagement_
Dev opsec dockerimage_patch_n_lifecyclemanagement_kanedafromparis
 
Successful K8S Platforms in Airgapped Environments
Successful K8S Platforms in Airgapped EnvironmentsSuccessful K8S Platforms in Airgapped Environments
Successful K8S Platforms in Airgapped EnvironmentsKubernetesCommunityD
 
from Docker to Moby and back. what changed ?
from Docker to Moby and back. what changed ?from Docker to Moby and back. what changed ?
from Docker to Moby and back. what changed ?strikr .
 
containerD
containerDcontainerD
containerDstrikr .
 
Docker Azure Friday OSS March 2017 - Developing and deploying Java & Linux on...
Docker Azure Friday OSS March 2017 - Developing and deploying Java & Linux on...Docker Azure Friday OSS March 2017 - Developing and deploying Java & Linux on...
Docker Azure Friday OSS March 2017 - Developing and deploying Java & Linux on...Patrick Chanezon
 
Docker engine - Indroduc
Docker engine - IndroducDocker engine - Indroduc
Docker engine - IndroducAl Gifari
 
Docker Timisoara: Dockercon19 recap slides, 23 may 2019
Docker Timisoara: Dockercon19 recap slides, 23 may 2019Docker Timisoara: Dockercon19 recap slides, 23 may 2019
Docker Timisoara: Dockercon19 recap slides, 23 may 2019Radulescu Adina-Valentina
 
Docker New York Meetup May 2015 - The Docker Orchestration Ecosystem on Azure
Docker New York Meetup May 2015 - The Docker Orchestration Ecosystem on Azure Docker New York Meetup May 2015 - The Docker Orchestration Ecosystem on Azure
Docker New York Meetup May 2015 - The Docker Orchestration Ecosystem on Azure Patrick Chanezon
 
Docker for Java Developers
Docker for Java DevelopersDocker for Java Developers
Docker for Java DevelopersImesh Gunaratne
 
Docker and SDL Web/Tridion - SDL UK User Group April 2017
Docker and SDL Web/Tridion - SDL UK User Group April 2017Docker and SDL Web/Tridion - SDL UK User Group April 2017
Docker and SDL Web/Tridion - SDL UK User Group April 2017rsleggett
 
Docker Seattle Meetup April 2015 - The Docker Orchestration Ecosystem on Azure
Docker Seattle Meetup April 2015 - The Docker Orchestration Ecosystem on AzureDocker Seattle Meetup April 2015 - The Docker Orchestration Ecosystem on Azure
Docker Seattle Meetup April 2015 - The Docker Orchestration Ecosystem on AzurePatrick Chanezon
 
Build, Publish, Deploy and Test Docker images and containers with Jenkins Wor...
Build, Publish, Deploy and Test Docker images and containers with Jenkins Wor...Build, Publish, Deploy and Test Docker images and containers with Jenkins Wor...
Build, Publish, Deploy and Test Docker images and containers with Jenkins Wor...Docker, Inc.
 
Digital Forensics and Incident Response in The Cloud Part 3
Digital Forensics and Incident Response in The Cloud Part 3Digital Forensics and Incident Response in The Cloud Part 3
Digital Forensics and Incident Response in The Cloud Part 3Velocidex Enterprises
 
Docker 1.11 Presentation
Docker 1.11 PresentationDocker 1.11 Presentation
Docker 1.11 PresentationSreenivas Makam
 

Ähnlich wie RKT (20)

Spring on Kubernetes
Spring on KubernetesSpring on Kubernetes
Spring on Kubernetes
 
Dockerizing Ruby Applications - The Best Practices
Dockerizing Ruby Applications - The Best PracticesDockerizing Ruby Applications - The Best Practices
Dockerizing Ruby Applications - The Best Practices
 
Docker Enterprise Workshop - Technical
Docker Enterprise Workshop - TechnicalDocker Enterprise Workshop - Technical
Docker Enterprise Workshop - Technical
 
Experts Live Switzerland 2017 - Automatisierte Docker Release Pipeline mit VS...
Experts Live Switzerland 2017 - Automatisierte Docker Release Pipeline mit VS...Experts Live Switzerland 2017 - Automatisierte Docker Release Pipeline mit VS...
Experts Live Switzerland 2017 - Automatisierte Docker Release Pipeline mit VS...
 
ОЛЕГ МАЦЬКІВ «Crash course on Operator Framework» Lviv DevOps Conference 2019
ОЛЕГ МАЦЬКІВ «Crash course on Operator Framework» Lviv DevOps Conference 2019ОЛЕГ МАЦЬКІВ «Crash course on Operator Framework» Lviv DevOps Conference 2019
ОЛЕГ МАЦЬКІВ «Crash course on Operator Framework» Lviv DevOps Conference 2019
 
Docker Kubernetes Istio
Docker Kubernetes IstioDocker Kubernetes Istio
Docker Kubernetes Istio
 
Dev opsec dockerimage_patch_n_lifecyclemanagement_
Dev opsec dockerimage_patch_n_lifecyclemanagement_Dev opsec dockerimage_patch_n_lifecyclemanagement_
Dev opsec dockerimage_patch_n_lifecyclemanagement_
 
Successful K8S Platforms in Airgapped Environments
Successful K8S Platforms in Airgapped EnvironmentsSuccessful K8S Platforms in Airgapped Environments
Successful K8S Platforms in Airgapped Environments
 
from Docker to Moby and back. what changed ?
from Docker to Moby and back. what changed ?from Docker to Moby and back. what changed ?
from Docker to Moby and back. what changed ?
 
containerD
containerDcontainerD
containerD
 
Docker Azure Friday OSS March 2017 - Developing and deploying Java & Linux on...
Docker Azure Friday OSS March 2017 - Developing and deploying Java & Linux on...Docker Azure Friday OSS March 2017 - Developing and deploying Java & Linux on...
Docker Azure Friday OSS March 2017 - Developing and deploying Java & Linux on...
 
Docker engine - Indroduc
Docker engine - IndroducDocker engine - Indroduc
Docker engine - Indroduc
 
Docker Timisoara: Dockercon19 recap slides, 23 may 2019
Docker Timisoara: Dockercon19 recap slides, 23 may 2019Docker Timisoara: Dockercon19 recap slides, 23 may 2019
Docker Timisoara: Dockercon19 recap slides, 23 may 2019
 
Docker New York Meetup May 2015 - The Docker Orchestration Ecosystem on Azure
Docker New York Meetup May 2015 - The Docker Orchestration Ecosystem on Azure Docker New York Meetup May 2015 - The Docker Orchestration Ecosystem on Azure
Docker New York Meetup May 2015 - The Docker Orchestration Ecosystem on Azure
 
Docker for Java Developers
Docker for Java DevelopersDocker for Java Developers
Docker for Java Developers
 
Docker and SDL Web/Tridion - SDL UK User Group April 2017
Docker and SDL Web/Tridion - SDL UK User Group April 2017Docker and SDL Web/Tridion - SDL UK User Group April 2017
Docker and SDL Web/Tridion - SDL UK User Group April 2017
 
Docker Seattle Meetup April 2015 - The Docker Orchestration Ecosystem on Azure
Docker Seattle Meetup April 2015 - The Docker Orchestration Ecosystem on AzureDocker Seattle Meetup April 2015 - The Docker Orchestration Ecosystem on Azure
Docker Seattle Meetup April 2015 - The Docker Orchestration Ecosystem on Azure
 
Build, Publish, Deploy and Test Docker images and containers with Jenkins Wor...
Build, Publish, Deploy and Test Docker images and containers with Jenkins Wor...Build, Publish, Deploy and Test Docker images and containers with Jenkins Wor...
Build, Publish, Deploy and Test Docker images and containers with Jenkins Wor...
 
Digital Forensics and Incident Response in The Cloud Part 3
Digital Forensics and Incident Response in The Cloud Part 3Digital Forensics and Incident Response in The Cloud Part 3
Digital Forensics and Incident Response in The Cloud Part 3
 
Docker 1.11 Presentation
Docker 1.11 PresentationDocker 1.11 Presentation
Docker 1.11 Presentation
 

Kürzlich hochgeladen

HR Software Buyers Guide in 2024 - HRSoftware.com
HR Software Buyers Guide in 2024 - HRSoftware.comHR Software Buyers Guide in 2024 - HRSoftware.com
HR Software Buyers Guide in 2024 - HRSoftware.comFatema Valibhai
 
OpenChain - The Ramifications of ISO/IEC 5230 and ISO/IEC 18974 for Legal Pro...
OpenChain - The Ramifications of ISO/IEC 5230 and ISO/IEC 18974 for Legal Pro...OpenChain - The Ramifications of ISO/IEC 5230 and ISO/IEC 18974 for Legal Pro...
OpenChain - The Ramifications of ISO/IEC 5230 and ISO/IEC 18974 for Legal Pro...Shane Coughlan
 
The Real-World Challenges of Medical Device Cybersecurity- Mitigating Vulnera...
The Real-World Challenges of Medical Device Cybersecurity- Mitigating Vulnera...The Real-World Challenges of Medical Device Cybersecurity- Mitigating Vulnera...
The Real-World Challenges of Medical Device Cybersecurity- Mitigating Vulnera...ICS
 
Shapes for Sharing between Graph Data Spaces - and Epistemic Querying of RDF-...
Shapes for Sharing between Graph Data Spaces - and Epistemic Querying of RDF-...Shapes for Sharing between Graph Data Spaces - and Epistemic Querying of RDF-...
Shapes for Sharing between Graph Data Spaces - and Epistemic Querying of RDF-...Steffen Staab
 
+971565801893>>SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHAB...
+971565801893>>SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHAB...+971565801893>>SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHAB...
+971565801893>>SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHAB...Health
 
Sector 18, Noida Call girls :8448380779 Model Escorts | 100% verified
Sector 18, Noida Call girls :8448380779 Model Escorts | 100% verifiedSector 18, Noida Call girls :8448380779 Model Escorts | 100% verified
Sector 18, Noida Call girls :8448380779 Model Escorts | 100% verifiedDelhi Call girls
 
LEVEL 5 - SESSION 1 2023 (1).pptx - PDF 123456
LEVEL 5 - SESSION 1 2023 (1).pptx - PDF 123456LEVEL 5 - SESSION 1 2023 (1).pptx - PDF 123456
LEVEL 5 - SESSION 1 2023 (1).pptx - PDF 123456KiaraTiradoMicha
 
Introducing Microsoft’s new Enterprise Work Management (EWM) Solution
Introducing Microsoft’s new Enterprise Work Management (EWM) SolutionIntroducing Microsoft’s new Enterprise Work Management (EWM) Solution
Introducing Microsoft’s new Enterprise Work Management (EWM) SolutionOnePlan Solutions
 
Unveiling the Tech Salsa of LAMs with Janus in Real-Time Applications
Unveiling the Tech Salsa of LAMs with Janus in Real-Time ApplicationsUnveiling the Tech Salsa of LAMs with Janus in Real-Time Applications
Unveiling the Tech Salsa of LAMs with Janus in Real-Time ApplicationsAlberto González Trastoy
 
AI Mastery 201: Elevating Your Workflow with Advanced LLM Techniques
AI Mastery 201: Elevating Your Workflow with Advanced LLM TechniquesAI Mastery 201: Elevating Your Workflow with Advanced LLM Techniques
AI Mastery 201: Elevating Your Workflow with Advanced LLM TechniquesVictorSzoltysek
 
A Secure and Reliable Document Management System is Essential.docx
A Secure and Reliable Document Management System is Essential.docxA Secure and Reliable Document Management System is Essential.docx
A Secure and Reliable Document Management System is Essential.docxComplianceQuest1
 
%in ivory park+277-882-255-28 abortion pills for sale in ivory park
%in ivory park+277-882-255-28 abortion pills for sale in ivory park %in ivory park+277-882-255-28 abortion pills for sale in ivory park
%in ivory park+277-882-255-28 abortion pills for sale in ivory park masabamasaba
 
How To Troubleshoot Collaboration Apps for the Modern Connected Worker
How To Troubleshoot Collaboration Apps for the Modern Connected WorkerHow To Troubleshoot Collaboration Apps for the Modern Connected Worker
How To Troubleshoot Collaboration Apps for the Modern Connected WorkerThousandEyes
 
Learn the Fundamentals of XCUITest Framework_ A Beginner's Guide.pdf
Learn the Fundamentals of XCUITest Framework_ A Beginner's Guide.pdfLearn the Fundamentals of XCUITest Framework_ A Beginner's Guide.pdf
Learn the Fundamentals of XCUITest Framework_ A Beginner's Guide.pdfkalichargn70th171
 
%in kaalfontein+277-882-255-28 abortion pills for sale in kaalfontein
%in kaalfontein+277-882-255-28 abortion pills for sale in kaalfontein%in kaalfontein+277-882-255-28 abortion pills for sale in kaalfontein
%in kaalfontein+277-882-255-28 abortion pills for sale in kaalfonteinmasabamasaba
 
ManageIQ - Sprint 236 Review - Slide Deck
ManageIQ - Sprint 236 Review - Slide DeckManageIQ - Sprint 236 Review - Slide Deck
ManageIQ - Sprint 236 Review - Slide DeckManageIQ
 
call girls in Vaishali (Ghaziabad) 🔝 >༒8448380779 🔝 genuine Escort Service 🔝✔️✔️
call girls in Vaishali (Ghaziabad) 🔝 >༒8448380779 🔝 genuine Escort Service 🔝✔️✔️call girls in Vaishali (Ghaziabad) 🔝 >༒8448380779 🔝 genuine Escort Service 🔝✔️✔️
call girls in Vaishali (Ghaziabad) 🔝 >༒8448380779 🔝 genuine Escort Service 🔝✔️✔️Delhi Call girls
 
Optimizing AI for immediate response in Smart CCTV
Optimizing AI for immediate response in Smart CCTVOptimizing AI for immediate response in Smart CCTV
Optimizing AI for immediate response in Smart CCTVshikhaohhpro
 
8257 interfacing 2 in microprocessor for btech students
8257 interfacing 2 in microprocessor for btech students8257 interfacing 2 in microprocessor for btech students
8257 interfacing 2 in microprocessor for btech studentsHimanshiGarg82
 

Kürzlich hochgeladen (20)

HR Software Buyers Guide in 2024 - HRSoftware.com
HR Software Buyers Guide in 2024 - HRSoftware.comHR Software Buyers Guide in 2024 - HRSoftware.com
HR Software Buyers Guide in 2024 - HRSoftware.com
 
OpenChain - The Ramifications of ISO/IEC 5230 and ISO/IEC 18974 for Legal Pro...
OpenChain - The Ramifications of ISO/IEC 5230 and ISO/IEC 18974 for Legal Pro...OpenChain - The Ramifications of ISO/IEC 5230 and ISO/IEC 18974 for Legal Pro...
OpenChain - The Ramifications of ISO/IEC 5230 and ISO/IEC 18974 for Legal Pro...
 
The Real-World Challenges of Medical Device Cybersecurity- Mitigating Vulnera...
The Real-World Challenges of Medical Device Cybersecurity- Mitigating Vulnera...The Real-World Challenges of Medical Device Cybersecurity- Mitigating Vulnera...
The Real-World Challenges of Medical Device Cybersecurity- Mitigating Vulnera...
 
Shapes for Sharing between Graph Data Spaces - and Epistemic Querying of RDF-...
Shapes for Sharing between Graph Data Spaces - and Epistemic Querying of RDF-...Shapes for Sharing between Graph Data Spaces - and Epistemic Querying of RDF-...
Shapes for Sharing between Graph Data Spaces - and Epistemic Querying of RDF-...
 
+971565801893>>SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHAB...
+971565801893>>SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHAB...+971565801893>>SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHAB...
+971565801893>>SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHAB...
 
Sector 18, Noida Call girls :8448380779 Model Escorts | 100% verified
Sector 18, Noida Call girls :8448380779 Model Escorts | 100% verifiedSector 18, Noida Call girls :8448380779 Model Escorts | 100% verified
Sector 18, Noida Call girls :8448380779 Model Escorts | 100% verified
 
LEVEL 5 - SESSION 1 2023 (1).pptx - PDF 123456
LEVEL 5 - SESSION 1 2023 (1).pptx - PDF 123456LEVEL 5 - SESSION 1 2023 (1).pptx - PDF 123456
LEVEL 5 - SESSION 1 2023 (1).pptx - PDF 123456
 
Introducing Microsoft’s new Enterprise Work Management (EWM) Solution
Introducing Microsoft’s new Enterprise Work Management (EWM) SolutionIntroducing Microsoft’s new Enterprise Work Management (EWM) Solution
Introducing Microsoft’s new Enterprise Work Management (EWM) Solution
 
Unveiling the Tech Salsa of LAMs with Janus in Real-Time Applications
Unveiling the Tech Salsa of LAMs with Janus in Real-Time ApplicationsUnveiling the Tech Salsa of LAMs with Janus in Real-Time Applications
Unveiling the Tech Salsa of LAMs with Janus in Real-Time Applications
 
AI Mastery 201: Elevating Your Workflow with Advanced LLM Techniques
AI Mastery 201: Elevating Your Workflow with Advanced LLM TechniquesAI Mastery 201: Elevating Your Workflow with Advanced LLM Techniques
AI Mastery 201: Elevating Your Workflow with Advanced LLM Techniques
 
A Secure and Reliable Document Management System is Essential.docx
A Secure and Reliable Document Management System is Essential.docxA Secure and Reliable Document Management System is Essential.docx
A Secure and Reliable Document Management System is Essential.docx
 
%in ivory park+277-882-255-28 abortion pills for sale in ivory park
%in ivory park+277-882-255-28 abortion pills for sale in ivory park %in ivory park+277-882-255-28 abortion pills for sale in ivory park
%in ivory park+277-882-255-28 abortion pills for sale in ivory park
 
How To Troubleshoot Collaboration Apps for the Modern Connected Worker
How To Troubleshoot Collaboration Apps for the Modern Connected WorkerHow To Troubleshoot Collaboration Apps for the Modern Connected Worker
How To Troubleshoot Collaboration Apps for the Modern Connected Worker
 
Learn the Fundamentals of XCUITest Framework_ A Beginner's Guide.pdf
Learn the Fundamentals of XCUITest Framework_ A Beginner's Guide.pdfLearn the Fundamentals of XCUITest Framework_ A Beginner's Guide.pdf
Learn the Fundamentals of XCUITest Framework_ A Beginner's Guide.pdf
 
%in kaalfontein+277-882-255-28 abortion pills for sale in kaalfontein
%in kaalfontein+277-882-255-28 abortion pills for sale in kaalfontein%in kaalfontein+277-882-255-28 abortion pills for sale in kaalfontein
%in kaalfontein+277-882-255-28 abortion pills for sale in kaalfontein
 
ManageIQ - Sprint 236 Review - Slide Deck
ManageIQ - Sprint 236 Review - Slide DeckManageIQ - Sprint 236 Review - Slide Deck
ManageIQ - Sprint 236 Review - Slide Deck
 
call girls in Vaishali (Ghaziabad) 🔝 >༒8448380779 🔝 genuine Escort Service 🔝✔️✔️
call girls in Vaishali (Ghaziabad) 🔝 >༒8448380779 🔝 genuine Escort Service 🔝✔️✔️call girls in Vaishali (Ghaziabad) 🔝 >༒8448380779 🔝 genuine Escort Service 🔝✔️✔️
call girls in Vaishali (Ghaziabad) 🔝 >༒8448380779 🔝 genuine Escort Service 🔝✔️✔️
 
Microsoft AI Transformation Partner Playbook.pdf
Microsoft AI Transformation Partner Playbook.pdfMicrosoft AI Transformation Partner Playbook.pdf
Microsoft AI Transformation Partner Playbook.pdf
 
Optimizing AI for immediate response in Smart CCTV
Optimizing AI for immediate response in Smart CCTVOptimizing AI for immediate response in Smart CCTV
Optimizing AI for immediate response in Smart CCTV
 
8257 interfacing 2 in microprocessor for btech students
8257 interfacing 2 in microprocessor for btech students8257 interfacing 2 in microprocessor for btech students
8257 interfacing 2 in microprocessor for btech students
 

RKT

  • 1. rkt Yutaka Matsubara April 9, 2015 CoreOS Meetup Tokyo #1
  • 2. who ? Yutaka Matsubara Abby CTO twitter @mopemope github @mopemope 1
  • 3. rkt
  • 4. what is rkt ? App Container Runtime 3
  • 5. rkt rkt implements the two runtime components of the App Container specification ∙ Application Container Executor (ACE) ∙ Metadata Service 4
  • 7. what is app container ? App Container is a specification of an image format runtime, and discovery protocol for running applications in containers. 6
  • 8. app container spec ∙ Building App Container ∙ Validating App Container ∙ Validating App Container Executors ∙ Discovery App Container Image Discovery 7
  • 9. goal The core goals of the specification ∙ Designing for fast downloads and starts of App Containers ∙ Ensuring images are cryptographically verifiable and highly cacheable ∙ Designing for composability and independent implementations ∙ Using common technologies for cryptography, archiving, compression and transport ∙ Using the DNS namespace to name and discover images 8
  • 10. keyword ∙ App Container Image ∙ App Container Image Discovery ∙ App Container Pod ∙ App Container Executor 9
  • 11. manifest App Container Manifest is json format 10
  • 12. image manifest { ”acKind”: ”ImageManifest”, ”acVersion”: ”0.5.1”, ”name”: ”xxxxx/xxxxxx”, ”app”: { ”exec”: [ ”/usr/bin/reduce-worker”, ”--quiet” ], ”user”: ”100”, ”group”: ”300”, ”workingDirectory”: ”/opt/work”, ”environment”: [ { ”name”: ”REDUCE_WORKER_DEBUG”, ”value”: ”true” } ], }, } 11
  • 13. pod manifest { ”acVersion”: ”0.5.1”, ”acKind”: ”PodManifest”, ”apps”: [ { ”name”: ”main”, ”image”: { ”name”: ”example.com/xxxxxx”, }, ”app”: { ”exec”: [ ], }, }, { ”name”: ”backup”, ”image”: { ”name”: ”example.com/zzzzzzzz”, }, 12
  • 15. what is difference between rkt and docker? ∙ Composable ∙ Security ∙ Image disribution ∙ Open 14
  • 16. composable ∙ central daemon ∙ pull image docker format ∙ push image docker format ∙ monolithic binary ∙ no daemon ∙ download common format ∙ upload common format ∙ independent and composable 15
  • 17. security ∙ central daemon ∙ docker spec ∙ https certificate ∙ isolation ∙ crypto ∙ image auditing 16
  • 18. image distribution ∙ docker spec ∙ docker hub ∙ docker registry ∙ standard and open spec ∙ simple ∙ without registry 17
  • 19. open ∙ developed by a community ∙ docker spec ... ∙ developed by a community ∙ format and runtime specification 18
  • 21. rkt ∙ Download ACI and Docker Image ∙ Verify Signatures ∙ Launching Container and Pod ∙ Enter Container ∙ Private Network ∙ Metadata Service 20
  • 23. trust Get trusted key $ sudo rkt trust --prefix storage.coreos.com 22
  • 24. fetch Download Container Image and Verify ∙ Localfile ∙ HTTP, HTTPS ∙ Docker Image 23
  • 25. fetch $ sudo rkt --insecure-skip-verify fetch docker://httpd docker://mysql rkt: fetching image from docker://httpd sha512-73e53da5b22e08e3ebf5eeb47d8c3113 rkt: fetching image from docker://mysql sha512-8ea09fa7718553967e8b6fe50b72df68 24
  • 26. prepare Holding an exclusive lock on the pod directory $ sudo rkt --insecure-skip-verify prepare docker://httpd rkt: fetching image from docker://httpd ea5cf47a-6b5b-4118-be9d-91d50e7258cb 25
  • 27. prepare $ rkt list UUID ACI STATE NETWORKS ea5cf47a index.docker.io/httpd prepared 26
  • 28. run Run Container run run container (prepare and run) run-prepared run prepared container ∙ set and override environment ∙ run interactively ∙ mount volume ∙ setup container network 27
  • 29. run $ sudo rkt --insecure-skip-verify --debug run --private-net docker://httpd rkt: fetching image from file:///home/ma2/bin/stage1.aci rkt: fetching image from docker://httpd ... AH00557: httpd: apr_sockaddr_info_get() failed for rkt-50beacf8-d43d-4a79-8d40-a5938d71ddba AH00558: httpd: Could not reliably determine the server’s fully qualified domain name, using 127.0.0.1. Set the ’ServerName’ directive globally to suppress this message AH00557: httpd: apr_sockaddr_info_get() failed for rkt-50beacf8-d43d-4a79-8d40-a5938d71ddba AH00558: httpd: Could not reliably determine the server’s fully qualified domain name, using 127.0.0.1. Set the ’ServerName’ directive globally to suppress this message [Wed Apr 08 06:17:15.107888 2015] [mpm_event:notice] [pid 5:tid 139942464178048] AH00489: Apache/2.4.12 (Unix) configured -- resuming normal operations [Wed Apr 08 06:17:15.107956 2015] [core:notice] [pid 5:tid 139942464178048] AH00094: Command l D FOREGROUND’ 28
  • 30. run $ rkt list UUID ACI STATE NETWORKS 50beacf8 index.docker.io/httpd running default:ip4=172.16.28.3 29
  • 31. private network Support Private Network (only static) ∙ private (NAT) ∙ bridge ∙ macvlan 30
  • 32. port forward Exposing container ports on the host ”ports”: [ { ”name”: ”http”, ”port”: 80, ”protocol”: ”tcp” } ] 31
  • 33. port forward Exposing container ports on the host $ sudo rkt --insecure-skip-verify run --port=http:8888 --private-net docker://httpd 32
  • 34. demo