SlideShare une entreprise Scribd logo

RKT

Yutaka Matsubara
Yutaka Matsubara

Rocket CoreOS Meetup Tokyo #1

Logiciels
1  sur  36
Télécharger pour lire hors ligne
rkt Yutaka Matsubara April 9, 2015 CoreOS Meetup Tokyo #1
who ? Yutaka Matsubara Abby CTO twitter @mopemope github @mopemope 1
rkt
what is rkt ? App Container Runtime 3
rkt rkt implements the two runtime components of the App Container specification ∙ Application Container Executor (ACE) ∙ Metadata Service 4
app container
what is app container ? App Container is a specification of an image format runtime, and discovery protocol for running applications in containers. 6
app container spec ∙ Building App Container ∙ Validating App Container ∙ Validating App Container Executors ∙ Discovery App Container Image Discovery 7
goal The core goals of the specification ∙ Designing for fast downloads and starts of App Containers ∙ Ensuring images are cryptographically verifiable and highly cacheable ∙ Designing for composability and independent implementations ∙ Using common technologies for cryptography, archiving, compression and transport ∙ Using the DNS namespace to name and discover images 8
keyword ∙ App Container Image ∙ App Container Image Discovery ∙ App Container Pod ∙ App Container Executor 9
manifest App Container Manifest is json format 10
image manifest { ”acKind”: ”ImageManifest”, ”acVersion”: ”0.5.1”, ”name”: ”xxxxx/xxxxxx”, ”app”: { ”exec”: [ ”/usr/bin/reduce-worker”, ”--quiet” ], ”user”: ”100”, ”group”: ”300”, ”workingDirectory”: ”/opt/work”, ”environment”: [ { ”name”: ”REDUCE_WORKER_DEBUG”, ”value”: ”true” } ], }, } 11
pod manifest { ”acVersion”: ”0.5.1”, ”acKind”: ”PodManifest”, ”apps”: [ { ”name”: ”main”, ”image”: { ”name”: ”example.com/xxxxxx”, }, ”app”: { ”exec”: [ ], }, }, { ”name”: ”backup”, ”image”: { ”name”: ”example.com/zzzzzzzz”, }, 12
diffrence docker
what is difference between rkt and docker? ∙ Composable ∙ Security ∙ Image disribution ∙ Open 14
composable ∙ central daemon ∙ pull image docker format ∙ push image docker format ∙ monolithic binary ∙ no daemon ∙ download common format ∙ upload common format ∙ independent and composable 15
security ∙ central daemon ∙ docker spec ∙ https certificate ∙ isolation ∙ crypto ∙ image auditing 16
image distribution ∙ docker spec ∙ docker hub ∙ docker registry ∙ standard and open spec ∙ simple ∙ without registry 17
open ∙ developed by a community ∙ docker spec ... ∙ developed by a community ∙ format and runtime specification 18
detail rkt
rkt ∙ Download ACI and Docker Image ∙ Verify Signatures ∙ Launching Container and Pod ∙ Enter Container ∙ Private Network ∙ Metadata Service 20
rkt Architecture 21
trust Get trusted key $ sudo rkt trust --prefix storage.coreos.com 22
fetch Download Container Image and Verify ∙ Localfile ∙ HTTP, HTTPS ∙ Docker Image 23
fetch $ sudo rkt --insecure-skip-verify fetch docker://httpd docker://mysql rkt: fetching image from docker://httpd sha512-73e53da5b22e08e3ebf5eeb47d8c3113 rkt: fetching image from docker://mysql sha512-8ea09fa7718553967e8b6fe50b72df68 24
prepare Holding an exclusive lock on the pod directory $ sudo rkt --insecure-skip-verify prepare docker://httpd rkt: fetching image from docker://httpd ea5cf47a-6b5b-4118-be9d-91d50e7258cb 25
prepare $ rkt list UUID ACI STATE NETWORKS ea5cf47a index.docker.io/httpd prepared 26
run Run Container run run container (prepare and run) run-prepared run prepared container ∙ set and override environment ∙ run interactively ∙ mount volume ∙ setup container network 27
run $ sudo rkt --insecure-skip-verify --debug run --private-net docker://httpd rkt: fetching image from file:///home/ma2/bin/stage1.aci rkt: fetching image from docker://httpd ... AH00557: httpd: apr_sockaddr_info_get() failed for rkt-50beacf8-d43d-4a79-8d40-a5938d71ddba AH00558: httpd: Could not reliably determine the server’s fully qualified domain name, using 127.0.0.1. Set the ’ServerName’ directive globally to suppress this message AH00557: httpd: apr_sockaddr_info_get() failed for rkt-50beacf8-d43d-4a79-8d40-a5938d71ddba AH00558: httpd: Could not reliably determine the server’s fully qualified domain name, using 127.0.0.1. Set the ’ServerName’ directive globally to suppress this message [Wed Apr 08 06:17:15.107888 2015] [mpm_event:notice] [pid 5:tid 139942464178048] AH00489: Apache/2.4.12 (Unix) configured -- resuming normal operations [Wed Apr 08 06:17:15.107956 2015] [core:notice] [pid 5:tid 139942464178048] AH00094: Command l D FOREGROUND’ 28
run $ rkt list UUID ACI STATE NETWORKS 50beacf8 index.docker.io/httpd running default:ip4=172.16.28.3 29
private network Support Private Network (only static) ∙ private (NAT) ∙ bridge ∙ macvlan 30
port forward Exposing container ports on the host ”ports”: [ { ”name”: ”http”, ”port”: 80, ”protocol”: ”tcp” } ] 31
port forward Exposing container ports on the host $ sudo rkt --insecure-skip-verify run --port=http:8888 --private-net docker://httpd 32
demo
DEMO 34
Questions? 35

Recommandé

Docker 進階實務班
Docker 進階實務班Docker 進階實務班
Docker 進階實務班Philip Zheng
 
Cloud Foundry V2 | Intermediate Deep Dive
Cloud Foundry V2 | Intermediate Deep DiveCloud Foundry V2 | Intermediate Deep Dive
Cloud Foundry V2 | Intermediate Deep DiveKazuto Kusama
 
Introduction to Project atomic (CentOS Dojo Bangalore)
Introduction to Project atomic (CentOS Dojo Bangalore)Introduction to Project atomic (CentOS Dojo Bangalore)
Introduction to Project atomic (CentOS Dojo Bangalore)Lalatendu Mohanty
 
Using docker to develop NAS applications
Using docker to develop NAS applicationsUsing docker to develop NAS applications
Using docker to develop NAS applicationsTerry Chen
 
猿でもわかるコンテナ
猿でもわかるコンテナ猿でもわかるコンテナ
猿でもわかるコンテナTsuyoshi Miyake
 
Windows Server Containers- How we hot here and architecture deep dive
Windows Server Containers- How we hot here and architecture deep diveWindows Server Containers- How we hot here and architecture deep dive
Windows Server Containers- How we hot here and architecture deep diveDocker, Inc.
 
桃園市教育局Docker技術入門與實作
桃園市教育局Docker技術入門與實作桃園市教育局Docker技術入門與實作
桃園市教育局Docker技術入門與實作Philip Zheng
 
[DockerCon 2019] Hardening Docker daemon with Rootless mode
[DockerCon 2019] Hardening Docker daemon with Rootless mode[DockerCon 2019] Hardening Docker daemon with Rootless mode
[DockerCon 2019] Hardening Docker daemon with Rootless modeAkihiro Suda
 

Recommandé

Docker 進階實務班
Docker 進階實務班Docker 進階實務班
Docker 進階實務班Philip Zheng
 
Cloud Foundry V2 | Intermediate Deep Dive
Cloud Foundry V2 | Intermediate Deep DiveCloud Foundry V2 | Intermediate Deep Dive
Cloud Foundry V2 | Intermediate Deep DiveKazuto Kusama
 
Introduction to Project atomic (CentOS Dojo Bangalore)
Introduction to Project atomic (CentOS Dojo Bangalore)Introduction to Project atomic (CentOS Dojo Bangalore)
Introduction to Project atomic (CentOS Dojo Bangalore)Lalatendu Mohanty
 
Using docker to develop NAS applications
Using docker to develop NAS applicationsUsing docker to develop NAS applications
Using docker to develop NAS applicationsTerry Chen
 
猿でもわかるコンテナ
猿でもわかるコンテナ猿でもわかるコンテナ
猿でもわかるコンテナTsuyoshi Miyake
 
Windows Server Containers- How we hot here and architecture deep dive
Windows Server Containers- How we hot here and architecture deep diveWindows Server Containers- How we hot here and architecture deep dive
Windows Server Containers- How we hot here and architecture deep diveDocker, Inc.
 
桃園市教育局Docker技術入門與實作
桃園市教育局Docker技術入門與實作桃園市教育局Docker技術入門與實作
桃園市教育局Docker技術入門與實作Philip Zheng
 
[DockerCon 2019] Hardening Docker daemon with Rootless mode
[DockerCon 2019] Hardening Docker daemon with Rootless mode[DockerCon 2019] Hardening Docker daemon with Rootless mode
[DockerCon 2019] Hardening Docker daemon with Rootless modeAkihiro Suda
 
Docker & GitLab
Docker & GitLabDocker & GitLab
Docker & GitLabPhilip Zheng
 
Docker研習營
Docker研習營Docker研習營
Docker研習營Philip Zheng
 
DCSF 19 Deploying Rootless buildkit on Kubernetes
DCSF 19 Deploying Rootless buildkit on KubernetesDCSF 19 Deploying Rootless buildkit on Kubernetes
DCSF 19 Deploying Rootless buildkit on KubernetesDocker, Inc.
 
What’s New in Docker - Victor Vieux, Docker
What’s New in Docker - Victor Vieux, DockerWhat’s New in Docker - Victor Vieux, Docker
What’s New in Docker - Victor Vieux, DockerDocker, Inc.
 
Securing Containers, One Patch at a Time - Michael Crosby, Docker
Securing Containers, One Patch at a Time - Michael Crosby, DockerSecuring Containers, One Patch at a Time - Michael Crosby, Docker
Securing Containers, One Patch at a Time - Michael Crosby, DockerDocker, Inc.
 
Docker - Demo on PHP Application deployment
Docker - Demo on PHP Application deployment Docker - Demo on PHP Application deployment
Docker - Demo on PHP Application deployment Arun prasath
 
How to easy deploy app into any cloud
How to easy deploy app into any cloudHow to easy deploy app into any cloud
How to easy deploy app into any cloudLadislav Prskavec
 
From dev to prod: Kubernetes on AWS (short ver.)
From dev to prod: Kubernetes on AWS (short ver.)From dev to prod: Kubernetes on AWS (short ver.)
From dev to prod: Kubernetes on AWS (short ver.)佑介 九岡
 
容器與資料科學應用
容器與資料科學應用容器與資料科學應用
容器與資料科學應用Philip Zheng
 
Docker 1.11
Docker 1.11Docker 1.11
Docker 1.11Maciej Lasyk
 
Microservices at scale with docker and kubernetes - AMS JUG 2017
Microservices at scale with docker and kubernetes - AMS JUG 2017Microservices at scale with docker and kubernetes - AMS JUG 2017
Microservices at scale with docker and kubernetes - AMS JUG 2017Arjen Wassink
 
Docker on Google App Engine
Docker on Google App EngineDocker on Google App Engine
Docker on Google App EngineDocker, Inc.
 
Docker 101 @KACST Saudi HPC 2016
Docker 101 @KACST Saudi HPC 2016Docker 101 @KACST Saudi HPC 2016
Docker 101 @KACST Saudi HPC 2016Walid Shaari
 
Dockerin10mins
Dockerin10minsDockerin10mins
Dockerin10minsDawood M.S
 
Kubernetes laravel and kubernetes
Kubernetes laravel and kubernetesKubernetes laravel and kubernetes
Kubernetes laravel and kubernetesWilliam Stewart
 
DockerCon EU 2015: The Glue is the Hard Part: Making a Production-Ready PaaS
DockerCon EU 2015: The Glue is the Hard Part: Making a Production-Ready PaaSDockerCon EU 2015: The Glue is the Hard Part: Making a Production-Ready PaaS
DockerCon EU 2015: The Glue is the Hard Part: Making a Production-Ready PaaSDocker, Inc.
 
Using Containers for Continuous Integration and Continuous Delivery
Using Containers for Continuous Integration and Continuous DeliveryUsing Containers for Continuous Integration and Continuous Delivery
Using Containers for Continuous Integration and Continuous DeliveryCarlos Sanchez
 
Introduction to CRI and OCI
Introduction to CRI and OCIIntroduction to CRI and OCI
Introduction to CRI and OCIHungWei Chiu
 
Automatically Renew Certificated In Your Kubernetes Cluster
Automatically Renew Certificated In Your Kubernetes ClusterAutomatically Renew Certificated In Your Kubernetes Cluster
Automatically Renew Certificated In Your Kubernetes ClusterHungWei Chiu
 
On-Demand Image Resizing from Part of the monolith to Containerized Microserv...
On-Demand Image Resizing from Part of the monolith to Containerized Microserv...On-Demand Image Resizing from Part of the monolith to Containerized Microserv...
On-Demand Image Resizing from Part of the monolith to Containerized Microserv...Docker, Inc.
 
Spring on Kubernetes
Spring on KubernetesSpring on Kubernetes
Spring on KubernetesJay Lee
 
Dockerizing Ruby Applications - The Best Practices
Dockerizing Ruby Applications - The Best PracticesDockerizing Ruby Applications - The Best Practices
Dockerizing Ruby Applications - The Best PracticesKontena, Inc.
 

Contenu connexe

Tendances

DCSF 19 Deploying Rootless buildkit on Kubernetes
DCSF 19 Deploying Rootless buildkit on KubernetesDCSF 19 Deploying Rootless buildkit on Kubernetes
DCSF 19 Deploying Rootless buildkit on KubernetesDocker, Inc.
 
What’s New in Docker - Victor Vieux, Docker
What’s New in Docker - Victor Vieux, DockerWhat’s New in Docker - Victor Vieux, Docker
What’s New in Docker - Victor Vieux, DockerDocker, Inc.
 
Securing Containers, One Patch at a Time - Michael Crosby, Docker
Securing Containers, One Patch at a Time - Michael Crosby, DockerSecuring Containers, One Patch at a Time - Michael Crosby, Docker
Securing Containers, One Patch at a Time - Michael Crosby, DockerDocker, Inc.
 
Docker - Demo on PHP Application deployment
Docker - Demo on PHP Application deployment Docker - Demo on PHP Application deployment
Docker - Demo on PHP Application deployment Arun prasath
 
How to easy deploy app into any cloud
How to easy deploy app into any cloudHow to easy deploy app into any cloud
How to easy deploy app into any cloudLadislav Prskavec
 
From dev to prod: Kubernetes on AWS (short ver.)
From dev to prod: Kubernetes on AWS (short ver.)From dev to prod: Kubernetes on AWS (short ver.)
From dev to prod: Kubernetes on AWS (short ver.)佑介 九岡
 
容器與資料科學應用
容器與資料科學應用容器與資料科學應用
容器與資料科學應用Philip Zheng
 
Microservices at scale with docker and kubernetes - AMS JUG 2017
Microservices at scale with docker and kubernetes - AMS JUG 2017Microservices at scale with docker and kubernetes - AMS JUG 2017
Microservices at scale with docker and kubernetes - AMS JUG 2017Arjen Wassink
 
Docker on Google App Engine
Docker on Google App EngineDocker on Google App Engine
Docker on Google App EngineDocker, Inc.
 
Docker 101 @KACST Saudi HPC 2016
Docker 101 @KACST Saudi HPC 2016Docker 101 @KACST Saudi HPC 2016
Docker 101 @KACST Saudi HPC 2016Walid Shaari
 
Dockerin10mins
Dockerin10minsDockerin10mins
Dockerin10minsDawood M.S
 
Kubernetes laravel and kubernetes
Kubernetes laravel and kubernetesKubernetes laravel and kubernetes
Kubernetes laravel and kubernetesWilliam Stewart
 
DockerCon EU 2015: The Glue is the Hard Part: Making a Production-Ready PaaS
DockerCon EU 2015: The Glue is the Hard Part: Making a Production-Ready PaaSDockerCon EU 2015: The Glue is the Hard Part: Making a Production-Ready PaaS
DockerCon EU 2015: The Glue is the Hard Part: Making a Production-Ready PaaSDocker, Inc.
 
Using Containers for Continuous Integration and Continuous Delivery
Using Containers for Continuous Integration and Continuous DeliveryUsing Containers for Continuous Integration and Continuous Delivery
Using Containers for Continuous Integration and Continuous DeliveryCarlos Sanchez
 
Introduction to CRI and OCI
Introduction to CRI and OCIIntroduction to CRI and OCI
Introduction to CRI and OCIHungWei Chiu
 
Automatically Renew Certificated In Your Kubernetes Cluster
Automatically Renew Certificated In Your Kubernetes ClusterAutomatically Renew Certificated In Your Kubernetes Cluster
Automatically Renew Certificated In Your Kubernetes ClusterHungWei Chiu
 
On-Demand Image Resizing from Part of the monolith to Containerized Microserv...
On-Demand Image Resizing from Part of the monolith to Containerized Microserv...On-Demand Image Resizing from Part of the monolith to Containerized Microserv...
On-Demand Image Resizing from Part of the monolith to Containerized Microserv...Docker, Inc.
 

Tendances (20)

Docker & GitLab
Docker & GitLabDocker & GitLab
Docker & GitLab
 
Docker研習營
Docker研習營Docker研習營
Docker研習營
 
DCSF 19 Deploying Rootless buildkit on Kubernetes
DCSF 19 Deploying Rootless buildkit on KubernetesDCSF 19 Deploying Rootless buildkit on Kubernetes
DCSF 19 Deploying Rootless buildkit on Kubernetes
 
What’s New in Docker - Victor Vieux, Docker
What’s New in Docker - Victor Vieux, DockerWhat’s New in Docker - Victor Vieux, Docker
What’s New in Docker - Victor Vieux, Docker
 
Securing Containers, One Patch at a Time - Michael Crosby, Docker
Securing Containers, One Patch at a Time - Michael Crosby, DockerSecuring Containers, One Patch at a Time - Michael Crosby, Docker
Securing Containers, One Patch at a Time - Michael Crosby, Docker
 
Docker - Demo on PHP Application deployment
Docker - Demo on PHP Application deployment Docker - Demo on PHP Application deployment
Docker - Demo on PHP Application deployment
 
How to easy deploy app into any cloud
How to easy deploy app into any cloudHow to easy deploy app into any cloud
How to easy deploy app into any cloud
 
From dev to prod: Kubernetes on AWS (short ver.)
From dev to prod: Kubernetes on AWS (short ver.)From dev to prod: Kubernetes on AWS (short ver.)
From dev to prod: Kubernetes on AWS (short ver.)
 
容器與資料科學應用
容器與資料科學應用容器與資料科學應用
容器與資料科學應用
 
Docker 1.11
Docker 1.11Docker 1.11
Docker 1.11
 
Microservices at scale with docker and kubernetes - AMS JUG 2017
Microservices at scale with docker and kubernetes - AMS JUG 2017Microservices at scale with docker and kubernetes - AMS JUG 2017
Microservices at scale with docker and kubernetes - AMS JUG 2017
 
Docker on Google App Engine
Docker on Google App EngineDocker on Google App Engine
Docker on Google App Engine
 
Docker 101 @KACST Saudi HPC 2016
Docker 101 @KACST Saudi HPC 2016Docker 101 @KACST Saudi HPC 2016
Docker 101 @KACST Saudi HPC 2016
 
Dockerin10mins
Dockerin10minsDockerin10mins
Dockerin10mins
 
Kubernetes laravel and kubernetes
Kubernetes laravel and kubernetesKubernetes laravel and kubernetes
Kubernetes laravel and kubernetes
 
DockerCon EU 2015: The Glue is the Hard Part: Making a Production-Ready PaaS
DockerCon EU 2015: The Glue is the Hard Part: Making a Production-Ready PaaSDockerCon EU 2015: The Glue is the Hard Part: Making a Production-Ready PaaS
DockerCon EU 2015: The Glue is the Hard Part: Making a Production-Ready PaaS
 
Using Containers for Continuous Integration and Continuous Delivery
Using Containers for Continuous Integration and Continuous DeliveryUsing Containers for Continuous Integration and Continuous Delivery
Using Containers for Continuous Integration and Continuous Delivery
 
Introduction to CRI and OCI
Introduction to CRI and OCIIntroduction to CRI and OCI
Introduction to CRI and OCI
 
Automatically Renew Certificated In Your Kubernetes Cluster
Automatically Renew Certificated In Your Kubernetes ClusterAutomatically Renew Certificated In Your Kubernetes Cluster
Automatically Renew Certificated In Your Kubernetes Cluster
 
On-Demand Image Resizing from Part of the monolith to Containerized Microserv...
On-Demand Image Resizing from Part of the monolith to Containerized Microserv...On-Demand Image Resizing from Part of the monolith to Containerized Microserv...
On-Demand Image Resizing from Part of the monolith to Containerized Microserv...
 

Similaire à RKT

Spring on Kubernetes
Spring on KubernetesSpring on Kubernetes
Spring on KubernetesJay Lee
 
Dockerizing Ruby Applications - The Best Practices
Dockerizing Ruby Applications - The Best PracticesDockerizing Ruby Applications - The Best Practices
Dockerizing Ruby Applications - The Best PracticesKontena, Inc.
 
Docker Enterprise Workshop - Technical
Docker Enterprise Workshop - TechnicalDocker Enterprise Workshop - Technical
Docker Enterprise Workshop - TechnicalPatrick Chanezon
 
Experts Live Switzerland 2017 - Automatisierte Docker Release Pipeline mit VS...
Experts Live Switzerland 2017 - Automatisierte Docker Release Pipeline mit VS...Experts Live Switzerland 2017 - Automatisierte Docker Release Pipeline mit VS...
Experts Live Switzerland 2017 - Automatisierte Docker Release Pipeline mit VS...Marc Müller
 
ОЛЕГ МАЦЬКІВ «Crash course on Operator Framework» Lviv DevOps Conference 2019
ОЛЕГ МАЦЬКІВ «Crash course on Operator Framework» Lviv DevOps Conference 2019ОЛЕГ МАЦЬКІВ «Crash course on Operator Framework» Lviv DevOps Conference 2019
ОЛЕГ МАЦЬКІВ «Crash course on Operator Framework» Lviv DevOps Conference 2019UA DevOps Conference
 
Dev opsec dockerimage_patch_n_lifecyclemanagement_
Dev opsec dockerimage_patch_n_lifecyclemanagement_Dev opsec dockerimage_patch_n_lifecyclemanagement_
Dev opsec dockerimage_patch_n_lifecyclemanagement_kanedafromparis
 
Successful K8S Platforms in Airgapped Environments
Successful K8S Platforms in Airgapped EnvironmentsSuccessful K8S Platforms in Airgapped Environments
Successful K8S Platforms in Airgapped EnvironmentsKubernetesCommunityD
 
from Docker to Moby and back. what changed ?
from Docker to Moby and back. what changed ?from Docker to Moby and back. what changed ?
from Docker to Moby and back. what changed ?strikr .
 
containerD
containerDcontainerD
containerDstrikr .
 
Docker Azure Friday OSS March 2017 - Developing and deploying Java & Linux on...
Docker Azure Friday OSS March 2017 - Developing and deploying Java & Linux on...Docker Azure Friday OSS March 2017 - Developing and deploying Java & Linux on...
Docker Azure Friday OSS March 2017 - Developing and deploying Java & Linux on...Patrick Chanezon
 
Docker engine - Indroduc
Docker engine - IndroducDocker engine - Indroduc
Docker engine - IndroducAl Gifari
 
Docker Timisoara: Dockercon19 recap slides, 23 may 2019
Docker Timisoara: Dockercon19 recap slides, 23 may 2019Docker Timisoara: Dockercon19 recap slides, 23 may 2019
Docker Timisoara: Dockercon19 recap slides, 23 may 2019Radulescu Adina-Valentina
 
Docker New York Meetup May 2015 - The Docker Orchestration Ecosystem on Azure
Docker New York Meetup May 2015 - The Docker Orchestration Ecosystem on Azure Docker New York Meetup May 2015 - The Docker Orchestration Ecosystem on Azure
Docker New York Meetup May 2015 - The Docker Orchestration Ecosystem on Azure Patrick Chanezon
 
Docker for Java Developers
Docker for Java DevelopersDocker for Java Developers
Docker for Java DevelopersImesh Gunaratne
 
Docker and SDL Web/Tridion - SDL UK User Group April 2017
Docker and SDL Web/Tridion - SDL UK User Group April 2017Docker and SDL Web/Tridion - SDL UK User Group April 2017
Docker and SDL Web/Tridion - SDL UK User Group April 2017rsleggett
 
Docker Seattle Meetup April 2015 - The Docker Orchestration Ecosystem on Azure
Docker Seattle Meetup April 2015 - The Docker Orchestration Ecosystem on AzureDocker Seattle Meetup April 2015 - The Docker Orchestration Ecosystem on Azure
Docker Seattle Meetup April 2015 - The Docker Orchestration Ecosystem on AzurePatrick Chanezon
 
Build, Publish, Deploy and Test Docker images and containers with Jenkins Wor...
Build, Publish, Deploy and Test Docker images and containers with Jenkins Wor...Build, Publish, Deploy and Test Docker images and containers with Jenkins Wor...
Build, Publish, Deploy and Test Docker images and containers with Jenkins Wor...Docker, Inc.
 
Digital Forensics and Incident Response in The Cloud Part 3
Digital Forensics and Incident Response in The Cloud Part 3Digital Forensics and Incident Response in The Cloud Part 3
Digital Forensics and Incident Response in The Cloud Part 3Velocidex Enterprises
 
Docker 1.11 Presentation
Docker 1.11 PresentationDocker 1.11 Presentation
Docker 1.11 PresentationSreenivas Makam
 

Similaire à RKT (20)

Spring on Kubernetes
Spring on KubernetesSpring on Kubernetes
Spring on Kubernetes
 
Dockerizing Ruby Applications - The Best Practices
Dockerizing Ruby Applications - The Best PracticesDockerizing Ruby Applications - The Best Practices
Dockerizing Ruby Applications - The Best Practices
 
Docker Enterprise Workshop - Technical
Docker Enterprise Workshop - TechnicalDocker Enterprise Workshop - Technical
Docker Enterprise Workshop - Technical
 
Experts Live Switzerland 2017 - Automatisierte Docker Release Pipeline mit VS...
Experts Live Switzerland 2017 - Automatisierte Docker Release Pipeline mit VS...Experts Live Switzerland 2017 - Automatisierte Docker Release Pipeline mit VS...
Experts Live Switzerland 2017 - Automatisierte Docker Release Pipeline mit VS...
 
ОЛЕГ МАЦЬКІВ «Crash course on Operator Framework» Lviv DevOps Conference 2019
ОЛЕГ МАЦЬКІВ «Crash course on Operator Framework» Lviv DevOps Conference 2019ОЛЕГ МАЦЬКІВ «Crash course on Operator Framework» Lviv DevOps Conference 2019
ОЛЕГ МАЦЬКІВ «Crash course on Operator Framework» Lviv DevOps Conference 2019
 
Docker Kubernetes Istio
Docker Kubernetes IstioDocker Kubernetes Istio
Docker Kubernetes Istio
 
Dev opsec dockerimage_patch_n_lifecyclemanagement_
Dev opsec dockerimage_patch_n_lifecyclemanagement_Dev opsec dockerimage_patch_n_lifecyclemanagement_
Dev opsec dockerimage_patch_n_lifecyclemanagement_
 
Successful K8S Platforms in Airgapped Environments
Successful K8S Platforms in Airgapped EnvironmentsSuccessful K8S Platforms in Airgapped Environments
Successful K8S Platforms in Airgapped Environments
 
from Docker to Moby and back. what changed ?
from Docker to Moby and back. what changed ?from Docker to Moby and back. what changed ?
from Docker to Moby and back. what changed ?
 
containerD
containerDcontainerD
containerD
 
Docker Azure Friday OSS March 2017 - Developing and deploying Java & Linux on...
Docker Azure Friday OSS March 2017 - Developing and deploying Java & Linux on...Docker Azure Friday OSS March 2017 - Developing and deploying Java & Linux on...
Docker Azure Friday OSS March 2017 - Developing and deploying Java & Linux on...
 
Docker engine - Indroduc
Docker engine - IndroducDocker engine - Indroduc
Docker engine - Indroduc
 
Docker Timisoara: Dockercon19 recap slides, 23 may 2019
Docker Timisoara: Dockercon19 recap slides, 23 may 2019Docker Timisoara: Dockercon19 recap slides, 23 may 2019
Docker Timisoara: Dockercon19 recap slides, 23 may 2019
 
Docker New York Meetup May 2015 - The Docker Orchestration Ecosystem on Azure
Docker New York Meetup May 2015 - The Docker Orchestration Ecosystem on Azure Docker New York Meetup May 2015 - The Docker Orchestration Ecosystem on Azure
Docker New York Meetup May 2015 - The Docker Orchestration Ecosystem on Azure
 
Docker for Java Developers
Docker for Java DevelopersDocker for Java Developers
Docker for Java Developers
 
Docker and SDL Web/Tridion - SDL UK User Group April 2017
Docker and SDL Web/Tridion - SDL UK User Group April 2017Docker and SDL Web/Tridion - SDL UK User Group April 2017
Docker and SDL Web/Tridion - SDL UK User Group April 2017
 
Docker Seattle Meetup April 2015 - The Docker Orchestration Ecosystem on Azure
Docker Seattle Meetup April 2015 - The Docker Orchestration Ecosystem on AzureDocker Seattle Meetup April 2015 - The Docker Orchestration Ecosystem on Azure
Docker Seattle Meetup April 2015 - The Docker Orchestration Ecosystem on Azure
 
Build, Publish, Deploy and Test Docker images and containers with Jenkins Wor...
Build, Publish, Deploy and Test Docker images and containers with Jenkins Wor...Build, Publish, Deploy and Test Docker images and containers with Jenkins Wor...
Build, Publish, Deploy and Test Docker images and containers with Jenkins Wor...
 
Digital Forensics and Incident Response in The Cloud Part 3
Digital Forensics and Incident Response in The Cloud Part 3Digital Forensics and Incident Response in The Cloud Part 3
Digital Forensics and Incident Response in The Cloud Part 3
 
Docker 1.11 Presentation
Docker 1.11 PresentationDocker 1.11 Presentation
Docker 1.11 Presentation
 

Dernier

Building Real-Time Data Pipelines: Stream & Batch Processing workshop Slide
Building Real-Time Data Pipelines: Stream & Batch Processing workshop SlideBuilding Real-Time Data Pipelines: Stream & Batch Processing workshop Slide
Building Real-Time Data Pipelines: Stream & Batch Processing workshop SlideChristina Lin
 
Test Automation Strategy for Frontend and Backend
Test Automation Strategy for Frontend and BackendTest Automation Strategy for Frontend and Backend
Test Automation Strategy for Frontend and BackendArshad QA
 
HR Software Buyers Guide in 2024 - HRSoftware.com
HR Software Buyers Guide in 2024 - HRSoftware.comHR Software Buyers Guide in 2024 - HRSoftware.com
HR Software Buyers Guide in 2024 - HRSoftware.comFatema Valibhai
 
Tech Tuesday-Harness the Power of Effective Resource Planning with OnePlan’s ...
Tech Tuesday-Harness the Power of Effective Resource Planning with OnePlan’s ...Tech Tuesday-Harness the Power of Effective Resource Planning with OnePlan’s ...
Tech Tuesday-Harness the Power of Effective Resource Planning with OnePlan’s ...OnePlan Solutions
 
How To Troubleshoot Collaboration Apps for the Modern Connected Worker
How To Troubleshoot Collaboration Apps for the Modern Connected WorkerHow To Troubleshoot Collaboration Apps for the Modern Connected Worker
How To Troubleshoot Collaboration Apps for the Modern Connected WorkerThousandEyes
 
SyndBuddy AI 2k Review 2024: Revolutionizing Content Syndication with AI
SyndBuddy AI 2k Review 2024: Revolutionizing Content Syndication with AISyndBuddy AI 2k Review 2024: Revolutionizing Content Syndication with AI
SyndBuddy AI 2k Review 2024: Revolutionizing Content Syndication with AIABDERRAOUF MEHENNI
 
Project Based Learning (A.I).pptx detail explanation
Project Based Learning (A.I).pptx detail explanationProject Based Learning (A.I).pptx detail explanation
Project Based Learning (A.I).pptx detail explanationkaushalgiri8080
 
Professional Resume Template for Software Developers
Professional Resume Template for Software DevelopersProfessional Resume Template for Software Developers
Professional Resume Template for Software DevelopersVinodh Ram
 
Advancing Engineering with AI through the Next Generation of Strategic Projec...
Advancing Engineering with AI through the Next Generation of Strategic Projec...Advancing Engineering with AI through the Next Generation of Strategic Projec...
Advancing Engineering with AI through the Next Generation of Strategic Projec...OnePlan Solutions
 
Salesforce Certified Field Service Consultant
Salesforce Certified Field Service ConsultantSalesforce Certified Field Service Consultant
Salesforce Certified Field Service ConsultantAxelRicardoTrocheRiq
 
Software Quality Assurance Interview Questions
Software Quality Assurance Interview QuestionsSoftware Quality Assurance Interview Questions
Software Quality Assurance Interview QuestionsArshad QA
 
What is Binary Language? Computer Number Systems
What is Binary Language? Computer Number SystemsWhat is Binary Language? Computer Number Systems
What is Binary Language? Computer Number SystemsJheuzeDellosa
 
Reassessing the Bedrock of Clinical Function Models: An Examination of Large ...
Reassessing the Bedrock of Clinical Function Models: An Examination of Large ...Reassessing the Bedrock of Clinical Function Models: An Examination of Large ...
Reassessing the Bedrock of Clinical Function Models: An Examination of Large ...harshavardhanraghave
 
Der Spagat zwischen BIAS und FAIRNESS (2024)
Der Spagat zwischen BIAS und FAIRNESS (2024)Der Spagat zwischen BIAS und FAIRNESS (2024)
Der Spagat zwischen BIAS und FAIRNESS (2024)OPEN KNOWLEDGE GmbH
 
Cloud Management Software Platforms: OpenStack
Cloud Management Software Platforms: OpenStackCloud Management Software Platforms: OpenStack
Cloud Management Software Platforms: OpenStackVICTOR MAESTRE RAMIREZ
 
why an Opensea Clone Script might be your perfect match.pdf
why an Opensea Clone Script might be your perfect match.pdfwhy an Opensea Clone Script might be your perfect match.pdf
why an Opensea Clone Script might be your perfect match.pdfjoe51371421
 
Adobe Marketo Engage Deep Dives: Using Webhooks to Transfer Data
Adobe Marketo Engage Deep Dives: Using Webhooks to Transfer DataAdobe Marketo Engage Deep Dives: Using Webhooks to Transfer Data
Adobe Marketo Engage Deep Dives: Using Webhooks to Transfer DataBradBedford3
 
Try MyIntelliAccount Cloud Accounting Software As A Service Solution Risk Fre...
Try MyIntelliAccount Cloud Accounting Software As A Service Solution Risk Fre...Try MyIntelliAccount Cloud Accounting Software As A Service Solution Risk Fre...
Try MyIntelliAccount Cloud Accounting Software As A Service Solution Risk Fre...MyIntelliSource, Inc.
 
Right Money Management App For Your Financial Goals
Right Money Management App For Your Financial GoalsRight Money Management App For Your Financial Goals
Right Money Management App For Your Financial GoalsJhone kinadey
 
Unveiling the Tech Salsa of LAMs with Janus in Real-Time Applications
Unveiling the Tech Salsa of LAMs with Janus in Real-Time ApplicationsUnveiling the Tech Salsa of LAMs with Janus in Real-Time Applications
Unveiling the Tech Salsa of LAMs with Janus in Real-Time ApplicationsAlberto González Trastoy
 

Dernier (20)

Building Real-Time Data Pipelines: Stream & Batch Processing workshop Slide
Building Real-Time Data Pipelines: Stream & Batch Processing workshop SlideBuilding Real-Time Data Pipelines: Stream & Batch Processing workshop Slide
Building Real-Time Data Pipelines: Stream & Batch Processing workshop Slide
 
Test Automation Strategy for Frontend and Backend
Test Automation Strategy for Frontend and BackendTest Automation Strategy for Frontend and Backend
Test Automation Strategy for Frontend and Backend
 
HR Software Buyers Guide in 2024 - HRSoftware.com
HR Software Buyers Guide in 2024 - HRSoftware.comHR Software Buyers Guide in 2024 - HRSoftware.com
HR Software Buyers Guide in 2024 - HRSoftware.com
 
Tech Tuesday-Harness the Power of Effective Resource Planning with OnePlan’s ...
Tech Tuesday-Harness the Power of Effective Resource Planning with OnePlan’s ...Tech Tuesday-Harness the Power of Effective Resource Planning with OnePlan’s ...
Tech Tuesday-Harness the Power of Effective Resource Planning with OnePlan’s ...
 
How To Troubleshoot Collaboration Apps for the Modern Connected Worker
How To Troubleshoot Collaboration Apps for the Modern Connected WorkerHow To Troubleshoot Collaboration Apps for the Modern Connected Worker
How To Troubleshoot Collaboration Apps for the Modern Connected Worker
 
SyndBuddy AI 2k Review 2024: Revolutionizing Content Syndication with AI
SyndBuddy AI 2k Review 2024: Revolutionizing Content Syndication with AISyndBuddy AI 2k Review 2024: Revolutionizing Content Syndication with AI
SyndBuddy AI 2k Review 2024: Revolutionizing Content Syndication with AI
 
Project Based Learning (A.I).pptx detail explanation
Project Based Learning (A.I).pptx detail explanationProject Based Learning (A.I).pptx detail explanation
Project Based Learning (A.I).pptx detail explanation
 
Professional Resume Template for Software Developers
Professional Resume Template for Software DevelopersProfessional Resume Template for Software Developers
Professional Resume Template for Software Developers
 
Advancing Engineering with AI through the Next Generation of Strategic Projec...
Advancing Engineering with AI through the Next Generation of Strategic Projec...Advancing Engineering with AI through the Next Generation of Strategic Projec...
Advancing Engineering with AI through the Next Generation of Strategic Projec...
 
Salesforce Certified Field Service Consultant
Salesforce Certified Field Service ConsultantSalesforce Certified Field Service Consultant
Salesforce Certified Field Service Consultant
 
Software Quality Assurance Interview Questions
Software Quality Assurance Interview QuestionsSoftware Quality Assurance Interview Questions
Software Quality Assurance Interview Questions
 
What is Binary Language? Computer Number Systems
What is Binary Language? Computer Number SystemsWhat is Binary Language? Computer Number Systems
What is Binary Language? Computer Number Systems
 
Reassessing the Bedrock of Clinical Function Models: An Examination of Large ...
Reassessing the Bedrock of Clinical Function Models: An Examination of Large ...Reassessing the Bedrock of Clinical Function Models: An Examination of Large ...
Reassessing the Bedrock of Clinical Function Models: An Examination of Large ...
 
Der Spagat zwischen BIAS und FAIRNESS (2024)
Der Spagat zwischen BIAS und FAIRNESS (2024)Der Spagat zwischen BIAS und FAIRNESS (2024)
Der Spagat zwischen BIAS und FAIRNESS (2024)
 
Cloud Management Software Platforms: OpenStack
Cloud Management Software Platforms: OpenStackCloud Management Software Platforms: OpenStack
Cloud Management Software Platforms: OpenStack
 
why an Opensea Clone Script might be your perfect match.pdf
why an Opensea Clone Script might be your perfect match.pdfwhy an Opensea Clone Script might be your perfect match.pdf
why an Opensea Clone Script might be your perfect match.pdf
 
Adobe Marketo Engage Deep Dives: Using Webhooks to Transfer Data
Adobe Marketo Engage Deep Dives: Using Webhooks to Transfer DataAdobe Marketo Engage Deep Dives: Using Webhooks to Transfer Data
Adobe Marketo Engage Deep Dives: Using Webhooks to Transfer Data
 
Try MyIntelliAccount Cloud Accounting Software As A Service Solution Risk Fre...
Try MyIntelliAccount Cloud Accounting Software As A Service Solution Risk Fre...Try MyIntelliAccount Cloud Accounting Software As A Service Solution Risk Fre...
Try MyIntelliAccount Cloud Accounting Software As A Service Solution Risk Fre...
 
Right Money Management App For Your Financial Goals
Right Money Management App For Your Financial GoalsRight Money Management App For Your Financial Goals
Right Money Management App For Your Financial Goals
 
Unveiling the Tech Salsa of LAMs with Janus in Real-Time Applications
Unveiling the Tech Salsa of LAMs with Janus in Real-Time ApplicationsUnveiling the Tech Salsa of LAMs with Janus in Real-Time Applications
Unveiling the Tech Salsa of LAMs with Janus in Real-Time Applications
 

RKT

  • 1. rkt Yutaka Matsubara April 9, 2015 CoreOS Meetup Tokyo #1
  • 2. who ? Yutaka Matsubara Abby CTO twitter @mopemope github @mopemope 1
  • 3. rkt
  • 4. what is rkt ? App Container Runtime 3
  • 5. rkt rkt implements the two runtime components of the App Container specification ∙ Application Container Executor (ACE) ∙ Metadata Service 4
  • 7. what is app container ? App Container is a specification of an image format runtime, and discovery protocol for running applications in containers. 6
  • 8. app container spec ∙ Building App Container ∙ Validating App Container ∙ Validating App Container Executors ∙ Discovery App Container Image Discovery 7
  • 9. goal The core goals of the specification ∙ Designing for fast downloads and starts of App Containers ∙ Ensuring images are cryptographically verifiable and highly cacheable ∙ Designing for composability and independent implementations ∙ Using common technologies for cryptography, archiving, compression and transport ∙ Using the DNS namespace to name and discover images 8
  • 10. keyword ∙ App Container Image ∙ App Container Image Discovery ∙ App Container Pod ∙ App Container Executor 9
  • 11. manifest App Container Manifest is json format 10
  • 12. image manifest { ”acKind”: ”ImageManifest”, ”acVersion”: ”0.5.1”, ”name”: ”xxxxx/xxxxxx”, ”app”: { ”exec”: [ ”/usr/bin/reduce-worker”, ”--quiet” ], ”user”: ”100”, ”group”: ”300”, ”workingDirectory”: ”/opt/work”, ”environment”: [ { ”name”: ”REDUCE_WORKER_DEBUG”, ”value”: ”true” } ], }, } 11
  • 13. pod manifest { ”acVersion”: ”0.5.1”, ”acKind”: ”PodManifest”, ”apps”: [ { ”name”: ”main”, ”image”: { ”name”: ”example.com/xxxxxx”, }, ”app”: { ”exec”: [ ], }, }, { ”name”: ”backup”, ”image”: { ”name”: ”example.com/zzzzzzzz”, }, 12
  • 15. what is difference between rkt and docker? ∙ Composable ∙ Security ∙ Image disribution ∙ Open 14
  • 16. composable ∙ central daemon ∙ pull image docker format ∙ push image docker format ∙ monolithic binary ∙ no daemon ∙ download common format ∙ upload common format ∙ independent and composable 15
  • 17. security ∙ central daemon ∙ docker spec ∙ https certificate ∙ isolation ∙ crypto ∙ image auditing 16
  • 18. image distribution ∙ docker spec ∙ docker hub ∙ docker registry ∙ standard and open spec ∙ simple ∙ without registry 17
  • 19. open ∙ developed by a community ∙ docker spec ... ∙ developed by a community ∙ format and runtime specification 18
  • 21. rkt ∙ Download ACI and Docker Image ∙ Verify Signatures ∙ Launching Container and Pod ∙ Enter Container ∙ Private Network ∙ Metadata Service 20
  • 23. trust Get trusted key $ sudo rkt trust --prefix storage.coreos.com 22
  • 24. fetch Download Container Image and Verify ∙ Localfile ∙ HTTP, HTTPS ∙ Docker Image 23
  • 25. fetch $ sudo rkt --insecure-skip-verify fetch docker://httpd docker://mysql rkt: fetching image from docker://httpd sha512-73e53da5b22e08e3ebf5eeb47d8c3113 rkt: fetching image from docker://mysql sha512-8ea09fa7718553967e8b6fe50b72df68 24
  • 26. prepare Holding an exclusive lock on the pod directory $ sudo rkt --insecure-skip-verify prepare docker://httpd rkt: fetching image from docker://httpd ea5cf47a-6b5b-4118-be9d-91d50e7258cb 25
  • 27. prepare $ rkt list UUID ACI STATE NETWORKS ea5cf47a index.docker.io/httpd prepared 26
  • 28. run Run Container run run container (prepare and run) run-prepared run prepared container ∙ set and override environment ∙ run interactively ∙ mount volume ∙ setup container network 27
  • 29. run $ sudo rkt --insecure-skip-verify --debug run --private-net docker://httpd rkt: fetching image from file:///home/ma2/bin/stage1.aci rkt: fetching image from docker://httpd ... AH00557: httpd: apr_sockaddr_info_get() failed for rkt-50beacf8-d43d-4a79-8d40-a5938d71ddba AH00558: httpd: Could not reliably determine the server’s fully qualified domain name, using 127.0.0.1. Set the ’ServerName’ directive globally to suppress this message AH00557: httpd: apr_sockaddr_info_get() failed for rkt-50beacf8-d43d-4a79-8d40-a5938d71ddba AH00558: httpd: Could not reliably determine the server’s fully qualified domain name, using 127.0.0.1. Set the ’ServerName’ directive globally to suppress this message [Wed Apr 08 06:17:15.107888 2015] [mpm_event:notice] [pid 5:tid 139942464178048] AH00489: Apache/2.4.12 (Unix) configured -- resuming normal operations [Wed Apr 08 06:17:15.107956 2015] [core:notice] [pid 5:tid 139942464178048] AH00094: Command l D FOREGROUND’ 28
  • 30. run $ rkt list UUID ACI STATE NETWORKS 50beacf8 index.docker.io/httpd running default:ip4=172.16.28.3 29
  • 31. private network Support Private Network (only static) ∙ private (NAT) ∙ bridge ∙ macvlan 30
  • 32. port forward Exposing container ports on the host ”ports”: [ { ”name”: ”http”, ”port”: 80, ”protocol”: ”tcp” } ] 31
  • 33. port forward Exposing container ports on the host $ sudo rkt --insecure-skip-verify run --port=http:8888 --private-net docker://httpd 32
  • 34. demo