Using CheatSheets To Apply Best Practices

Cheatsheet: rkt

Cheatsheet: rkt

1.1 rkt Basic

Name Summary
rkt Initiated by CoreOS
rkt key features rkt doesn’t need daemon to run containers; secure-by-default
rkt project overall status GitHub: rkt milestones
rkt supported linux distributions GitHub: Installing rkt on popular Linux distributions
Try rkt with vagrant git clone, cd rkt, vagrant up
Run rkt with minikube minikube start --network-plugin=cni --container-runtime=rkt
Try rkt from web browser Link: KataKoda CoreOS Rkt – Hello World
Run rkt container with coreos registry sudo rkt run
Run rkt container with registry sudo rkt run docker://nginx:latest --insecure-options=image
List all containers sudo rkt list
Reference CheatSheet: Docker, CheatSheet: CRI-O, CheatSheet: rkt, CheatSheet: containerd

1.2 rkt online usage

vagrant@ubuntu-xenial:~$ rkt --help
	rkt - rkt, the application container runner

	rkt [command]


	api-service		Run API service (experimental)
	cat-manifest		Inspect and print the pod manifest
	completion		Output shell completion code for the specified shell
	config			Print configuration for each stage in JSON format
	enter			Enter the namespaces of an app within a rkt pod
	export			Export an app from an exited pod to an ACI file
	fetch			Fetch image(s) and store them in the local store
	gc			Garbage collect rkt pods no longer in use
	image cat-manifest	Inspect and print the image manifest
	image export		Export a stored image to an ACI file
	image extract		Extract a stored image to a directory
	image gc		Garbage collect local store
	image list		List images in the local store
	image render		Render a stored image to a directory with all its dependencies
	image rm		Remove one or more images with the given IDs or image names from the local store
	image verify		Verify one or more rendered images in the local store
	list			List pods
	metadata-service	Run metadata service
	prepare			Prepare to run image(s) in a pod in rkt
	rm			Remove all files and resources associated with an exited pod
	run			Run image(s) in a pod in rkt
	run-prepared		Run a prepared application pod in rkt
	status			Check the status of a rkt pod
	stop			Stop a pod
	trust			Trust a key for image verification
	version			Print the version and exit
	help			Help about any command

	A CLI for running app containers on Linux.

	To get the help on any specific command, run "rkt help command".

      --debug[=false]			print out more debug information to stderr
      --dir=/var/lib/rkt		rkt data directory
      --insecure-options=none		comma-separated list of security features to disable. Allowed values: "none", "image", "tls", "ondisk", "http", "pubkey", "capabilities", "paths", "seccomp", "all-fetch", "all-run", "all"
      --local-config=/etc/rkt		local configuration directory
      --system-config=/usr/lib/rkt	system configuration directory
      --trust-keys-from-https[=false]	automatically trust gpg keys fetched from https
      --user-config=			user configuration directory

1.3 More Resources

License: Code is licensed under MIT License.

Leave a Reply

Your email address will not be published. Required fields are marked *