Introduction to rkt: A secure, modular container engine*
CoreOS rkt is a secure, modular execution engine for app containers. It was designed to reflect the lessons of running container cluster infrastructure at scale and is released under the Apache license. Written in Go, rkt implements container isolation through a flexible and interchangeable set of “stages,” providing multiple execution regimes for a container image. At rkt’s core is a command line utility that does not invoke a long-running daemon process, making app container lifecycle management simpler and allowing loosely-coupled integrations with service management and orchestration systems like systemd and Kubernetes.
This talk will review the design of rkt, outline the current state of portable container image standards, and demonstrate rkt’s operation. After this introduction, developers will be able to run their containers with rkt, and begin to contribute to rkt themselves.
- rkt: a container runtime for production deployments
- rkt process model: Good PID citizenship. Don’t reimplement init.
- Demo: systemd, systemctl, machinectl: rkt service management visibility
- Modular isolation regimes: cgroups, KVM, rkt fly, and write your own
- The portable container image: Features and standards
- rkt and Kubernetes: Pods in common (“rktnetes”)
- rkt and Kubernetes on CoreOS
rkt, CoreOS, kubernetes, infrastructure, clusters, containers, linux
Josh Wood speaks frequently at conferences and meetups focused on containers and clusters, but this is his first appearance at Open Source Bridge. Some of Josh’s recent slide decks are available at https://speakerdeck.com/joshix/, and video of his talk on the Container Network Interface (CNI) at the 2016 Linux Foundation Open Networking Summit is available at https://www.youtube.com/watch?v=tFlMcYkClUs.
Josh Wood’s passion for the rkt container runtime led him to CoreOS, where he is responsible for documentation. When procrastinating, Josh enjoys photographing polydactyl cats and writing short autobiographies.