CoreOS 的容器引擎,Rocket 0.9.0 发布
Rocket (也叫 rkt)是 CoreOS 推出的一款容器引擎,和 Docker 类似,帮助开发者打包应用和依赖包到可移植容器中,简化搭环境等部署工作。Rocket 和 Docker 不同的地方在于,Rocket 没有 Docker 那些为企业用户提供的“友好功能”,比如云服务加速工具、集群系统等。反过来说,Rocket 想做的,是一个更纯粹的业界标准。
CoreOS 把它的容器称为 App Containers,里面包含 app container image、runtime、container-discovery 协议等。其中,App Container Image 和 Docker 里的 Image 比较类似,包含应用必需的元素组成,如源代码和二进制文件。Rocket runtime 则是依照 App Container 标准规格打造的,旨在将容器真正的变成一款命令行工具。
rkt v0.9.0 发布,此版本值得关注的改进:-
The on-disk format for pod trees has changed slightly, meaning that
rkt gc
andrkt run-prepared
may not work for pods created by previous versions of rkt. To work around this, we recommend removing the pods with an older version of rkt. -
The
--private-net
flag has been renamed to--net
and its semantic has changed (in particular, it is now enabled by default) - see below for details. -
Several changes to CLI output (e.g. column names) from the
rkt list
andrkt image list
subcommands. -
The image fetching behaviour has changed, with the introduction of new flags to
rkt run
andrkt fetch
and the removal of--local
- see below for details.
新特性和 UX 改进
-
--private-net
-->--net
, and networking is now private by default -
New image fetching behaviour
-
Unprivileged users
-
/etc/hosts 支持
其他新特性
-
rkt now supports setting supplementary group IDs on processes (#1514).
-
rkt's use of cgroups has been reworked to facilitate rkt running on a variety of operating systems like Void and older non-systemd distributions (#1437, #1320, #1076, #1042)
-
If
rkt run
is used with an image that does not have an app section, rkt will now create one if the user provides an--exec
flag (#1427) -
A new
rkt image gc
command adds initial support for garbage collecting images from the store (#1487). This removes treeStores not referenced by any non-GCed rkt pod. -
rkt list
now provides more information including image version and hash (#1559) -
rkt image list
output now shows shortened hash identifiers by default, and human readable date formats. To use the previous output format, use the--full
flag. (#1455) -
rkt prepare
gained the--exec
flag, which restores flag-parity withrkt run
(#1410) -
lkvm stage1 backend has experimental support for
rkt enter
(#1303) -
rkt now supports empty volume types (#1502)
-
An early, experimental read-only API definition has been added (#1359, #1518).
Bug 修复
-
Fixed bug in
--stage1-image
option which prevented it from using URLs (#1524) -
Fixed bug in
rkt trust
's handling of--root
(#1494) -
Fixed bug when decompressing xz-compressed images (#1462, #1224)
-
In earlier versions of rkt, hooks had an implicit timeout of 30 seconds, causing some pre-start jobs which took a long time to be killed. This implicit timeout has been removed. (#1547)
-
When running with the lkvm stage1, rkt now sets
$HOME
if it is not already set, working around a bug in the lkvm tool (#1447, #1393) -
Fixed bug preventing
run-prepared
from working if the metadata service was not available (#1436)
其他改进
-
Bumped appc spec to 0.7.1 (#1543)
-
Bumped CNI and netlink dependencies (#1476)
-
Bumped ioprogress to a version which prevents the download bar from being drawn when rkt is not drawing to a terminal (#1423, #1282)
-
Significantly reworked rkt's internal use of systemd to orchestrate apps, which should facilitate more granular control over pod lifecycles (#1407)
-
Reworked rkt's handling of images with non-deterministically dependencies (#1240, #1198).
-
rkt functional tests now run appc's ACE validator, which should ensure that rkt is always compliant with the specification. (#1473)
-
A swathe of improvements to the build system
-
make clean
should now work -
Different rkt stage1 images are now built with different names (#1406)
-
rkt can now build on older Linux distributions (like CentOS 6) (#1529)
-
Various internal improvements to the functional test suite to improve coverage and consolidate code
-
The "ACI" field header in
rkt image
output has been changed to "IMAGE NAME" -
rkt image rm
now exits with status 1 on any failure (#1486) -
Fixed permissions in the default stage1 image (#1503)
-
Added documentation for
prepare
andrun-prepared
subcommands (#1526) -
rkt should now report more helpful errors when encountering manifests it does not understand (#1471)
</ul>
下载: