Skip to content

Latest commit

 

History

History
77 lines (64 loc) · 4.3 KB

rocket.md

File metadata and controls

77 lines (64 loc) · 4.3 KB

Running Rocket containers on Photon

Rocket is a new container runtime, created by CoreOS and designed for composability, security, and speed.

rkt (pronounced "rock-it") is a CLI for running app containers, and an implementation of the App Container Spec.

rkt is available as an optional package in Photon, to install it:

mount /dev/cdrom /media/cdrom

tdnf install rocket

Running an App Container Image (ACI)

rkt uses content addressable storage (CAS) for storing an ACI on disk. In this example, the image is downloaded and added to the CAS.

Since rkt verifies signatures by default, you will need to first trust the CoreOS public key used to sign the image:

$ sudo rkt trust --prefix coreos.com/etcd
Prefix: "coreos.com/etcd"
Key: "https://coreos.com/dist/pubkeys/aci-pubkeys.gpg"
GPG key fingerprint is: 8B86 DE38 890D DB72 9186  7B02 5210 BD88 8818 2190
        CoreOS ACI Builder <[email protected]>
Are you sure you want to trust this key (yes/no)? yes
Trusting "https://coreos.com/dist/pubkeys/aci-pubkeys.gpg" for prefix "coreos.com/etcd".
Added key for prefix "coreos.com/etcd" at "/etc/rkt/trustedkeys/prefix.d/coreos.com/etcd/8b86de38890ddb7291867b025210bd8888182190"

Now that we've trusted the CoreOS public key, we can bring up a simple etcd instance using the ACI format:

$ privateIp=$(ip -4 -o addr show eth0 | cut -d' ' -f7 | cut -d'/' -f1)
$ sudo rkt run coreos.com/etcd:v2.0.4 -- -name vmware-cna \
> -listen-client-urls http://0.0.0.0:2379 \
> -advertise-client-urls http://${privateIp}:2379 \
> -listen-peer-urls http://0.0.0.0:2380 \
> -initial-advertise-peer-urls http://${privateIp}:2380 \
> -initial-cluster vmware-cna=http://${privateIp}:2380 \
> -initial-cluster-state new

rkt: searching for app image coreos.com/etcd:v2.0.4
rkt: fetching image from https://github.com/coreos/etcd/releases/download/v2.0.4/etcd-v2.0.4-linux-amd64.aci
Downloading signature from https://github.com/coreos/etcd/releases/download/v2.0.4/etcd-v2.0.4-linux-amd64.aci.asc
Downloading ACI: [========================================     ] 3.38 MB/3.76 MB
rkt: signature verified:
  CoreOS ACI Builder <[email protected]>
Timezone UTC does not exist in container, not updating container timezone.
2015/04/02 13:18:39 no data-dir provided, using default data-dir ./vmware-cna.etcd
2015/04/02 13:18:39 etcd: listening for peers on http://0.0.0.0:2380
2015/04/02 13:18:39 etcd: listening for client requests on http://0.0.0.0:2379
2015/04/02 13:18:39 etcdserver: name = vmware-cna
2015/04/02 13:18:39 etcdserver: data dir = vmware-cna.etcd
2015/04/02 13:18:39 etcdserver: member dir = vmware-cna.etcd/member
2015/04/02 13:18:39 etcdserver: heartbeat = 100ms
2015/04/02 13:18:39 etcdserver: election = 1000ms
2015/04/02 13:18:39 etcdserver: snapshot count = 10000
2015/04/02 13:18:39 etcdserver: advertise client URLs = http://192.168.35.246:2379
2015/04/02 13:18:39 etcdserver: initial advertise peer URLs = http://192.168.35.246:2380
2015/04/02 13:18:39 etcdserver: initial cluster = vmware-cna=http://192.168.35.246:2380
2015/04/02 13:18:39 etcdserver: start member 8f79fa9a50a1689 in cluster 75c533bd1f49730b
2015/04/02 13:18:39 raft: 8f79fa9a50a1689 became follower at term 0
2015/04/02 13:18:39 raft: newRaft 8f79fa9a50a1689 [peers: [], term: 0, commit: 0, applied: 0, lastindex: 0, lastterm: 0]
2015/04/02 13:18:39 raft: 8f79fa9a50a1689 became follower at term 1
2015/04/02 13:18:39 etcdserver: added local member 8f79fa9a50a1689 [http://192.168.35.246:2380] to cluster 75c533bd1f49730b
2015/04/02 13:18:41 raft: 8f79fa9a50a1689 is starting a new election at term 1
2015/04/02 13:18:41 raft: 8f79fa9a50a1689 became candidate at term 2
2015/04/02 13:18:41 raft: 8f79fa9a50a1689 received vote from 8f79fa9a50a1689 at term 2
2015/04/02 13:18:41 raft: 8f79fa9a50a1689 became leader at term 2
2015/04/02 13:18:41 raft.node: 8f79fa9a50a1689 elected leader 8f79fa9a50a1689 at term 2
2015/04/02 13:18:41 etcdserver: published {Name:vmware-cna ClientURLs:[http://192.168.35.246:2379]} to cluster 75c533bd1f49730b

At any time you can press ^] three times to kill container.