CoreOS 的容器引擎,Rocket 0.9.0 發布

jopen 9年前發布 | 6K 次閱讀 Rocket

Rocket (也叫 rkt)是 CoreOS 推出的一款容器引擎,和 Docker 類似,幫助開發者打包應用和依賴包到可移植容器中,簡化搭環境等部署工作。Rocket 和 Docker 不同的地方在于,Rocket 沒有 Docker 那些為企業用戶提供的“友好功能”,比如云服務加速工具、集群系統等。反過來說,Rocket 想做的,是一個更純粹的業界標準。

CoreOS 把它的容器稱為 App Containers,里面包含 app container image、runtime、container-discovery 協議等。其中,App Container Image 和 Docker 里的 Image 比較類似,包含應用必需的元素組成,如源代碼和二進制文件。Rocket runtime 則是依照 App Container 標準規格打造的,旨在將容器真正的變成一款命令行工具。

rkt v0.9.0 發布,此版本值得關注的改進:

  • The on-disk format for pod trees has changed slightly, meaning that rkt gc and rkt run-prepared may not work for pods created by previous versions of rkt. To work around this, we recommend removing the pods with an older version of rkt.

    </li>

  • The --private-net flag has been renamed to --net and its semantic has changed (in particular, it is now enabled by default) - see below for details.

    </li>

  • Several changes to CLI output (e.g. column names) from the rkt list and rkt image list subcommands.

    </li>

  • The image fetching behaviour has changed, with the introduction of new flags to rkt run and rkt fetch and the removal of --local - see below for details.

    </li> </ul>

    新特性和 UX 改進

    • --private-net --> --net, and networking is now private by default

      </li>

    • New image fetching behaviour

      </li>

    • Unprivileged users

      </li>

    • /etc/hosts 支持

      </li> </ul>

      其他新特性

      • rkt now supports setting supplementary group IDs on processes (#1514).

        </li>

      • rkt's use of cgroups has been reworked to facilitate rkt running on a variety of operating systems like Void and older non-systemd distributions (#1437, #1320, #1076, #1042)

        </li>

      • If rkt run is used with an image that does not have an app section, rkt will now create one if the user provides an --exec flag (#1427)

        </li>

      • A new rkt image gc command adds initial support for garbage collecting images from the store (#1487). This removes treeStores not referenced by any non-GCed rkt pod.

        </li>

      • rkt list now provides more information including image version and hash (#1559)

        </li>

      • rkt image list output now shows shortened hash identifiers by default, and human readable date formats. To use the previous output format, use the --full flag. (#1455)

        </li>

      • rkt prepare gained the --exec flag, which restores flag-parity with rkt run (#1410)

        </li>

      • lkvm stage1 backend has experimental support for rkt enter (#1303)

        </li>

      • rkt now supports empty volume types (#1502)

        </li>

      • An early, experimental read-only API definition has been added (#1359, #1518).

        </li> </ul>

        Bug 修復

        • Fixed bug in --stage1-image option which prevented it from using URLs (#1524)

          </li>

        • Fixed bug in rkt trust's handling of --root (#1494)

          </li>

        • Fixed bug when decompressing xz-compressed images (#1462, #1224)

          </li>

        • In earlier versions of rkt, hooks had an implicit timeout of 30 seconds, causing some pre-start jobs which took a long time to be killed. This implicit timeout has been removed. (#1547)

          </li>

        • When running with the lkvm stage1, rkt now sets $HOME if it is not already set, working around a bug in the lkvm tool (#1447, #1393)

          </li>

        • Fixed bug preventing run-prepared from working if the metadata service was not available (#1436)

          </li> </ul>

          其他改進

          • Bumped appc spec to 0.7.1 (#1543)

            </li>

          • Bumped CNI and netlink dependencies (#1476)

            </li>

          • Bumped ioprogress to a version which prevents the download bar from being drawn when rkt is not drawing to a terminal (#1423, #1282)

            </li>

          • Significantly reworked rkt's internal use of systemd to orchestrate apps, which should facilitate more granular control over pod lifecycles (#1407)

            </li>

          • Reworked rkt's handling of images with non-deterministically dependencies (#1240, #1198).

            </li>

          • rkt functional tests now run appc's ACE validator, which should ensure that rkt is always compliant with the specification. (#1473)

            </li>

          • A swathe of improvements to the build system

            </li>

            • make clean should now work

              </li>

            • Different rkt stage1 images are now built with different names (#1406)

              </li>

            • rkt can now build on older Linux distributions (like CentOS 6) (#1529)

              </li> </ul>

            • Various internal improvements to the functional test suite to improve coverage and consolidate code

              </li>

            • The "ACI" field header in rkt image output has been changed to "IMAGE NAME"

              </li>

            • rkt image rm now exits with status 1 on any failure (#1486)

              </li>

            • Fixed permissions in the default stage1 image (#1503)

              </li>

            • Added documentation for prepare and run-prepared subcommands (#1526)

              </li>

            • rkt should now report more helpful errors when encountering manifests it does not understand (#1471)

              </li> </ul>

              下載: