Rocket v1.11.0 发布,CoreOS 的容器引擎

发布于 2016年07月22日
Rocket v1.11.0 发布了,本次发布将带来全新的KVM模拟器,以及对ACI、rkt API 进行改进。

Rocket (也叫 rkt)是 CoreOS 推出的一款容器引擎,和 Docker 类似,帮助开发者打包应用和依赖包到可移植容器中,简化搭环境等部署工作。Rocket 和 Docker 不同的地方在于,Rocket 没有 Docker 那些为企业用户提供的“友好功能”,比如云服务加速工具、集群系统等。反过来说,Rocket 想做的,是一个更纯粹的业界标准。


New features

  • KVM: Hypervisor support for KVM flavor focusing on qemu (#2684). This provides a generic mechanism to use different kvm hypervisors (such as lkvm, qemu-kvm).

  • rkt: add command to export a pod to an aci (#2889). Adds a new export command to rkt which generates an ACI from a pod; saving any changes made to the pod.

  • rkt/api: detect when run as a systemd.socket(5) service (#2916). This allows rkt to run as a systemd socket-based unit.

  • rkt/stop: implement --uuid-file (#2902). So the user can use the value saved on rkt run with --uuid-file-save.

Bug fixes

  • scripts/glide-update: ensure running from $GOPATH (#2885). glide is confused when it's not running with the rkt repository inside $GOPATH.

  • store: fix missing shared storelock acquisition on NewStore (#2896).

  • store,rkt: fix fd leaks (#2906). Close db lock on store close. If we don't do it, there's a fd leak everytime we open a new Store, even if it was closed.

  • stage1/enterexec: remove trailing \n in environment variables (#2901). Loading environment retained the new line character (\n), this produced an incorrect evaluation of the environment variables.

  • stage1/gc: skip cleaning our own cgroup (#2914).

  • api_service/log: fix file descriptor leak in GetLogs() (#2930).

  • protobuf: fix protoc-gen-go build with vendoring (#2913).

  • build: fix x86 builds (#2926). This PR fixes a minor issue which leads to x86 builds failing.

  • functional tests: add some more volume/mount tests (#2903).

  • stage1/init: link pod's journal in kvm flavor (#2934). In nspawn flavors, nspawn creates a symlink from /var/log/journal/${machine-id} to the pod's journal directory. In kvm we need to do the link ourselves.

  • build: Build system fixes (#2938). This should fix the expr: syntax error and useless rebuilds of network plugins.

Other changes

  • stage1: diagnostic functionality for rkt run (#2872). If the app exits with ExecMainStatus == 203, the app's reaper runs the diagnostic tool and prints the output on stdout. systemd sets ExecMainstatus to EXIT_EXEC (203) when execve() fails.

  • build: add support for more architectures at configure time (#2907).

  • stage1: update coreos image to 1097.0.0 (#2884). This is needed for a recent enough version of libseccomp (2.3.0), with support for new syscalls (eg. getrandom).

  • api: By adding labels to the image itself, we don't need to pass the manifest to filter function (#2909). api: Add labels to pod and image type.

  • api: optionally build systemd-journal support (#2868). This introduces a 'sdjournal' tag and corresponding stubs in api_service, turning libsystemd headers into a soft-dependency.

  • store: simplify db locking and functions (#2897). Instead of having a file lock to handle inter process locking and a sync.Mutex to handle locking between multiple goroutines, just create, lock and close a new file lock at every db.Do function.

  • stage1/enterexec: Add entry to ASSCB_EXTRA_HEADERS (#2924). Added entry to ASSCB_EXTRA_HEADERS for better change tracking.

  • build: use rkt-builder ACI (#2923).

  • Add hidden 'image fetch' next to the existing 'fetch' option (#2860).

  • stage1: prepare-app: don't mount /sys if path already used (#2888). When users mount /sys or a sub-directory of /sys as a volume, prepare-app should not mount /sys: that would mask the volume provided by users.

  • build,stage1/init: set interpBin at build time to fix other architecture builds (e.g. x86) (#2950).

  • functional tests: re-purpose for generating AMIs (#2736).

  • rkt: Add --cpuprofile --memprofile for profiling rkt (#2887). Adds two hidden global flags and documentation to enable profiling rkt.

  • functional test: check PATH variable for trailer \n character (#2942).

  • functional tests: disable TestVolumeSysfs on kvm (#2941).

  • Documentation updates (#2918)

Library updates

  • glide: update docker2aci to v0.12.1 (#2873). Includes support for the docker image format v2.2 and OCI image format and allows fetching via digest.

