Rocket v1.11.0 发布,一款容器引擎

jopen 6年前
   <p style="text-align: center;"><img alt="" src="https://simg.open-open.com/show/99287bbcbd99186fe8255405d6ba49e9.png" /></p>    <p>Rkt项目最初的发起者是CoreOS公司。CoreOS公司与其核心产品CoreOS操作系统是实至名归的最早一批Docker企业级用户,伴随着Docker从最初的0.1版本一直走到正式发布的1.0版本。起初两者相互促进,合作甚好。然而,随着Docker在容器界一家独大的趋势越来越明显,其周边的生态逐渐的从单纯的围绕构建容器化应用服务,发展成了自上而下的集群规范体系,甚至部分取代了操作系统的服务进程调度工作。这种臃肿而受Docker单方面控制的容器规范,是CoreOS系统所不待见的,他们想要一个更加开放而中立的容器标准。2014年12月,CoreOS公布了自己的容器计划,并在几个月后结合社区中的容器实践,着手制定新的开放应用容器规范,Rkt则作为此规范中的一个具体实现而继续发展。</p>    <h2>更新日志</h2>    <h3>新特性</h3>    <ul>     <li>rkt fetch: support for the docker image format v2.2 and draft OCI image format and allows fetching via digest.</li>     <li>KVM: Hypervisor support for KVM flavor focusing on qemu (<a href="/misc/goto?guid=4958992374287728440">#2684</a>). This provides a generic mechanism to use different kvm hypervisors (such as lkvm, qemu-kvm).</li>     <li>rkt: add command to export a pod to an aci (<a href="/misc/goto?guid=4958992374414208128">#2889</a>). Adds a new <code>export</code> command to rkt which generates an ACI from a pod; saving any changes made to the pod.</li>     <li>rkt/api: detect when run as a <code>systemd.socket(5)</code> service (<a href="/misc/goto?guid=4958992374532502702">#2916</a>). This allows rkt to run as a systemd socket-based unit.</li>     <li>rkt/stop: implement <code>--uuid-file</code> (<a href="/misc/goto?guid=4958992374650157361">#2902</a>). So the user can use the value saved on rkt run with <code>--uuid-file-save</code>.</li>    </ul>    <h3>Bug修复</h3>    <ul>     <li>scripts/glide-update: ensure running from $GOPATH (<a href="/misc/goto?guid=4958992374765876880">#2885</a>). glide is confused when it's not running with the rkt repository inside $GOPATH.</li>     <li>store: fix missing shared storelock acquisition on NewStore (<a href="/misc/goto?guid=4958992374882542250">#2896</a>).</li>     <li>store,rkt: fix fd leaks (<a href="/misc/goto?guid=4958992374993345004">#2906</a>). Close db lock on store close. If we don't do it, there's a fd leak everytime we open a new Store, even if it was closed.</li>     <li>stage1/enterexec: remove trailing <code>\n</code> in environment variables (<a href="/misc/goto?guid=4958992060229060270">#2901</a>). Loading environment retained the new line character (<code>\n</code>), this produced an incorrect evaluation of the environment variables.</li>     <li>stage1/gc: skip cleaning our own cgroup (<a href="/misc/goto?guid=4958992375154110275">#2914</a>).</li>     <li>api_service/log: fix file descriptor leak in GetLogs() (<a href="/misc/goto?guid=4958992375275223470">#2930</a>).</li>     <li>protobuf: fix protoc-gen-go build with vendoring (<a href="/misc/goto?guid=4958992375384296353">#2913</a>).</li>     <li>build: fix x86 builds (<a href="/misc/goto?guid=4958992375490832779">#2926</a>). This PR fixes a minor issue which leads to x86 builds failing.</li>     <li>functional tests: add some more volume/mount tests (<a href="/misc/goto?guid=4958992375606259009">#2903</a>).</li>     <li>stage1/init: link pod's journal in kvm flavor (<a href="/misc/goto?guid=4958992375701278345">#2934</a>). In nspawn flavors, nspawn creates a symlink from <code>/var/log/journal/${machine-id}</code> to the pod's journal directory. In kvm we need to do the link ourselves.</li>     <li>build: Build system fixes (<a href="/misc/goto?guid=4958992375800056408">#2938</a>). This should fix the <code>expr: syntax error</code> and useless rebuilds of network plugins.</li>    </ul>    <p>Other changes</p>    <ul>     <li>stage1: diagnostic functionality for rkt run (<a href="/misc/goto?guid=4958992375901378098">#2872</a>). If the app exits with <code>ExecMainStatus == 203</code>, the app's reaper runs the diagnostic tool and prints the output on stdout. systemd sets <code>ExecMainstatus</code>to EXIT_EXEC (203) when execve() fails.</li>     <li>build: add support for more architectures at configure time (<a href="/misc/goto?guid=4958992375993979089">#2907</a>).</li>     <li>stage1: update coreos image to 1097.0.0 (<a href="/misc/goto?guid=4958992376071174209">#2884</a>). This is needed for a recent enough version of libseccomp (2.3.0), with support for new syscalls (eg. getrandom).</li>     <li>api: By adding labels to the image itself, we don't need to pass the manifest to filter function (<a href="/misc/goto?guid=4958992376163791458">#2909</a>). api: Add labels to pod and image type.</li>     <li>api: optionally build systemd-journal support (<a href="/misc/goto?guid=4958992376253231758">#2868</a>). This introduces a 'sdjournal' tag and corresponding stubs in api_service, turning libsystemd headers into a soft-dependency.</li>     <li>store: simplify db locking and functions (<a href="/misc/goto?guid=4958992376335561939">#2897</a>). Instead of having a file lock to handle inter process locking and a sync.Mutex to handle locking between multiple goroutines, just create, lock and close a new file lock at every db.Do function.</li>     <li>stage1/enterexec: Add entry to ASSCB_EXTRA_HEADERS (<a href="/misc/goto?guid=4958992376408288550">#2924</a>). Added entry to ASSCB_EXTRA_HEADERS for better change tracking.</li>     <li>build: use rkt-builder ACI (<a href="/misc/goto?guid=4958992376498325098">#2923</a>).</li>     <li>Add hidden 'image fetch' next to the existing 'fetch' option (<a href="/misc/goto?guid=4958992376587452804">#2860</a>).</li>     <li>stage1: prepare-app: don't mount /sys if path already used (<a href="/misc/goto?guid=4958992376681152904">#2888</a>). When users mount /sys or a sub-directory of /sys as a volume, prepare-app should not mount /sys: that would mask the volume provided by users.</li>     <li>build,stage1/init: set interpBin at build time to fix other architecture builds (e.g. x86) (<a href="/misc/goto?guid=4958992376757918186">#2950</a>).</li>     <li>functional tests: re-purpose aws.sh for generating AMIs (<a href="/misc/goto?guid=4958992376845643521">#2736</a>).</li>     <li>rkt: Add <code>--cpuprofile</code> <code>--memprofile</code> for profiling rkt (<a href="/misc/goto?guid=4958992376929746059">#2887</a>). Adds two hidden global flags and documentation to enable profiling rkt.</li>     <li>functional test: check PATH variable for trailer <code>\n</code> character (<a href="/misc/goto?guid=4958992377021463494">#2942</a>).</li>     <li>functional tests: disable TestVolumeSysfs on kvm (<a href="/misc/goto?guid=4958992377094419147">#2941</a>).</li>     <li>Documentation updates (<a href="/misc/goto?guid=4958992377189224917">#2918</a>)</li>    </ul>    <h3>库更新</h3>    <ul>     <li>glide: update docker2aci to v0.12.1 (<a href="/misc/goto?guid=4958992377273816902">#2873</a>). Includes support for the docker image format v2.2 and OCI image format and allows fetching via digest.</li>    </ul>    <h2>下载</h2>    <ul>     <li><a href="/misc/goto?guid=4958992377351297596" rel="nofollow"><strong>rkt-v1.11.0.tar.gz</strong></a></li>     <li><a href="/misc/goto?guid=4958992377434172055" rel="nofollow"><strong>rkt-v1.11.0.tar.gz.asc</strong></a></li>     <li><a href="/misc/goto?guid=4958992377524540826" rel="nofollow"><strong>stage1-coreos-1.11.0-linux-amd64.aci</strong></a></li>     <li><a href="/misc/goto?guid=4958992377610949191" rel="nofollow"><strong>stage1-coreos-1.11.0-linux-amd64.aci.asc</strong></a></li>     <li><a href="/misc/goto?guid=4958992377694839748" rel="nofollow"><strong>stage1-fly-1.11.0-linux-amd64.aci</strong></a></li>     <li><a href="/misc/goto?guid=4958992377777781217" rel="nofollow"><strong>stage1-fly-1.11.0-linux-amd64.aci.asc</strong></a></li>     <li><a href="/misc/goto?guid=4958992377864247173" rel="nofollow"><strong>stage1-kvm-1.11.0-linux-amd64.aci</strong></a></li>     <li><a href="/misc/goto?guid=4958992377955718439" rel="nofollow"><strong>stage1-kvm-1.11.0-linux-amd64.aci.asc</strong></a></li>     <li><a href="/misc/goto?guid=4958992378039835389" rel="nofollow"><strong>Source code</strong> (zip)</a></li>     <li><a href="/misc/goto?guid=4958992378126424085" rel="nofollow"><strong>Source code</strong> (tar.gz)</a></li>    </ul>