Rocket v1.11.0 发布了,本次发布将带来全新的KVM模拟器,以及对ACI、rkt API 进行改进。 Rocket (也叫 rkt)是 CoreOS 推出的一款容器引擎,和 Docker
类似,帮助开发者打包应用和依赖包到可移植容器中,简化搭环境等部署工作。Rocket 和 Docker 不同的地方在于,Rocket 没有
Docker 那些为企业用户提供的“友好功能”,比如云服务加速工具、集群系统等。反过来说,Rocket 想做的,是一个更纯粹的业界标准。 本次发布完整改进记录如下: New featuresKVM: Hypervisor support for KVM flavor focusing on qemu (#2684). This provides a generic mechanism to use different kvm hypervisors (such as lkvm, qemu-kvm). rkt: add command to export a pod to an aci (#2889). Adds a new export command to rkt which generates an ACI from a pod; saving any changes made to the pod. rkt/api: detect when run as a systemd.socket(5) service (#2916). This allows rkt to run as a systemd socket-based unit. rkt/stop: implement --uuid-file (#2902). So the user can use the value saved on rkt run with --uuid-file-save.
Bug fixesscripts/glide-update: ensure running from $GOPATH (#2885). glide is confused when it's not running with the rkt repository inside $GOPATH. store: fix missing shared storelock acquisition on NewStore (#2896). store,rkt: fix fd leaks (#2906). Close db lock on store close. If we don't do it, there's a fd leak everytime we open a new Store, even if it was closed. stage1/enterexec: remove trailing \n in environment variables (#2901). Loading environment retained the new line character (\n), this produced an incorrect evaluation of the environment variables. stage1/gc: skip cleaning our own cgroup (#2914). api_service/log: fix file descriptor leak in GetLogs() (#2930). protobuf: fix protoc-gen-go build with vendoring (#2913). build: fix x86 builds (#2926). This PR fixes a minor issue which leads to x86 builds failing. functional tests: add some more volume/mount tests (#2903). stage1/init: link pod's journal in kvm flavor (#2934). In nspawn flavors, nspawn creates a symlink from /var/log/journal/${machine-id} to the pod's journal directory. In kvm we need to do the link ourselves. build: Build system fixes (#2938). This should fix the expr: syntax error and useless rebuilds of network plugins.
Other changesstage1: diagnostic functionality for rkt run (#2872). If the app exits with ExecMainStatus == 203, the app's reaper runs the diagnostic tool and prints the output on stdout. systemd sets ExecMainstatus to EXIT_EXEC (203) when execve() fails. build: add support for more architectures at configure time (#2907). stage1: update coreos image to 1097.0.0 (#2884). This is needed for a recent enough version of libseccomp (2.3.0), with support for new syscalls (eg. getrandom). api: By adding labels to the image itself, we don't need to pass the manifest to filter function (#2909). api: Add labels to pod and image type. api: optionally build systemd-journal support (#2868). This introduces a 'sdjournal' tag and corresponding stubs in api_service, turning libsystemd headers into a soft-dependency. store: simplify db locking and functions (#2897).
Instead of having a file lock to handle inter process locking and a
sync.Mutex to handle locking between multiple goroutines, just create,
lock and close a new file lock at every db.Do function. stage1/enterexec: Add entry to ASSCB_EXTRA_HEADERS (#2924). Added entry to ASSCB_EXTRA_HEADERS for better change tracking. build: use rkt-builder ACI (#2923). Add hidden 'image fetch' next to the existing 'fetch' option (#2860). stage1: prepare-app: don't mount /sys if path already used (#2888).
When users mount /sys or a sub-directory of /sys as a volume,
prepare-app should not mount /sys: that would mask the volume provided
by users. build,stage1/init: set interpBin at build time to fix other architecture builds (e.g. x86) (#2950). functional tests: re-purpose aws.sh for generating AMIs (#2736). rkt: Add --cpuprofile --memprofile for profiling rkt (#2887). Adds two hidden global flags and documentation to enable profiling rkt. functional test: check PATH variable for trailer \n character (#2942). functional tests: disable TestVolumeSysfs on kvm (#2941). Documentation updates (#2918)
Library updates | 
