Category Archives: Rocket container

WRITE ABOUT APP CONTAINER SPECIFICATION IN ROCKET CONTAINERIZATION.

Write about App Container specification in Rocket containerization.

Rocket is a command line tool, rkt, that implements the App Container specification created by CoreOS for an open portable container format, composed of:

App Container Image (ACI): Signed and optionally encrypted tgz with all the bits to run the container. Encryption allows distribution via BitTorrent, public object storage, or mirror networks.

App Container runtime: Environment in which the container should run, including devices, environment variables, privileges and a definition of a meta-data service interface for exposing data to the environment from outside the container.

App Container discovery: Federated protocol for finding and downloading images, inspired by golang’s vanity URL convention for import paths. Images can referred to with names such as coreos.com/etcd, allowing federated downloads without running a registry.

HOW IS ROCKET CONTAINER DIFFERENT FROM THE DOCKER?

How is Rocket container different from the Docker?

Rocket tries to build things differently from Docker in several aspects:

Composition: Tools for downloading, installing, and running containers should be independent and composable.

Security: Isolation should be pluggable, with image auditing and application identity.

Image distribution: Image discovery should be federated and distributed, with pluggable alternative protocols such as BitTorrent or easier private distribution without a registry.

Open: The format and runtime should be well-specified and developed by a community, allowing independent implementations of tools to be consistent.