CoreOSでRocketを動かしてみよう
$ git clone https://github.com/coreos/coreos-vagrant/ [~/sandbox] Cloning into 'coreos-vagrant'... remote: Counting objects: 351, done. remote: Compressing objects: 100% (5/5), done. remote: Total 351 (delta 0), reused 0 (delta 0) Receiving objects: 100% (351/351), 81.21 KiB | 0 bytes/s, done. Resolving deltas: 100% (150/150), done. Checking connectivity... done. $ cd coreos-vagrant/ $ vagrant up [~/sandbox/coreos-vagrant] Bringing machine 'core-01' up with 'virtualbox' provider... ==> core-01: Box 'coreos-alpha' could not be found. Attempting to find and install... core-01: Box Provider: virtualbox core-01: Box Version: >= 308.0.1 ==> core-01: Loading metadata for box 'http://alpha.release.core-os.net/amd64-usr/current/coreos_production_vagrant.json' core-01: URL: http://alpha.release.core-os.net/amd64-usr/current/coreos_production_vagrant.json ==> core-01: Adding box 'coreos-alpha' (v593.0.0) for provider: virtualbox core-01: Downloading: http://alpha.release.core-os.net/amd64-usr/593.0.0/coreos_production_vagrant.box core-01: Calculating and comparing box checksum... ==> core-01: Successfully added box 'coreos-alpha' (v593.0.0) for 'virtualbox'! core-01: The Berkshelf shelf is at "~/.berkshelf/vagrant-berkshelf/shelves/berkshelf20150219-73107-4bdzyw-core-01" ==> core-01: Importing base box 'coreos-alpha'... ==> core-01: Matching MAC address for NAT networking... ==> core-01: Checking if box 'coreos-alpha' is up to date... ==> core-01: Setting the name of the VM: coreos-vagrant_core-01_1424295046511_16110 ==> core-01: Clearing any previously set network interfaces... ==> core-01: Preparing network interfaces based on configuration... core-01: Adapter 1: nat core-01: Adapter 2: hostonly ==> core-01: Forwarding ports... core-01: 22 => 2222 (adapter 1) ==> core-01: Running 'pre-boot' VM customizations... ==> core-01: Booting VM... ==> core-01: Waiting for machine to boot. This may take a few minutes... core-01: SSH address: 127.0.0.1:2222 core-01: SSH username: core core-01: SSH auth method: private key core-01: Warning: Connection timeout. Retrying... ==> core-01: Machine booted and ready! ==> core-01: Setting hostname... ==> core-01: Configuring and enabling network interfaces...
dockerは最新だ
core@core-01 ~ $ docker version Client version: 1.5.0 Client API version: 1.17 Go version (client): go1.3.3 Git commit (client): a8a31ef-dirty OS/Arch (client): linux/amd64 Server version: 1.5.0 Server API version: 1.17 Go version (server): go1.3.3 Git commit (server): a8a31ef-dirty
rocketを入れる
core@core-01 ~ $ git clone https://github.com/coreos/rocket.git Cloning into 'rocket'... remote: Counting objects: 4382, done. remote: Compressing objects: 100% (11/11), done. remote: Total 4382 (delta 4), reused 0 (delta 0) Receiving objects: 100% (4382/4382), 4.30 MiB | 1.76 MiB/s, done. Resolving deltas: 100% (2263/2263), done. Checking connectivity... done. core@core-01 ~ $ cd rocket/ core@core-01 ~/rocket $ ./build ./build: line 14: go: command not found Building rkt (stage0)... ./build: line 17: go: command not found
おっと、goが入ってない。CoreOSだいぶわからないので↓を参考にgoを入れる
http://qiita.com/hnakamur/items/8cda520807f571409f6c#4-1
core@core-01 /tmp $ wget https://storage.googleapis.com/golang/go1.4.2.linux-amd64.tar.gz --2015-02-18 21:50:40-- https://storage.googleapis.com/golang/go1.4.2.linux-amd64.tar.gz Resolving storage.googleapis.com... 216.58.221.1, 216.58.221.1 Connecting to storage.googleapis.com|216.58.221.1|:443... connected. HTTP request sent, awaiting response... 200 OK Length: 62442704 (60M) [application/x-gzip] Saving to: 'go1.4.2.linux-amd64.tar.gz' go1.4.2.linux-amd64.tar.gz 100%[=====================================================================================================================================================================>] 59.55M 9.38MB/s in 14s 2015-02-18 21:50:55 (4.25 MB/s) - 'go1.4.2.linux-amd64.tar.gz' saved [62442704/62442704] core@core-01 /tmp $ sudo tar xzf go1.4.2.linux-amd64.tar.gz -C /opt
改めてビルド
core@core-01 ~/rocket $ ./build Building rkt (stage0)... # github.com/coreos/rocket/Godeps/_workspace/src/github.com/cznic/zappy exec: "gcc": executable file not found in $PATH
あれ・・
CoreOSわからん
ビルドは諦めよう
core@core-01 /tmp $ wget https://github.com/coreos/rocket/releases/download/v0.3.2/rocket-v0.3.2.tar.gz --2015-02-18 22:00:02-- https://github.com/coreos/rocket/releases/download/v0.3.2/rocket-v0.3.2.tar.gz Resolving github.com... 192.30.252.129, 192.30.252.129 Connecting to github.com|192.30.252.129|:443... connected. HTTP request sent, awaiting response... 302 Found Location: https://s3.amazonaws.com/github-cloud/releases/26509369/13097656-b36e-11e4-8ef9-5199611b5663.gz?response-content-disposition=attachment%3B%20filename%3Drocket-v0.3.2.tar.gz&response-content-type=application/octet-stream&AWSAccessKeyId=AKIAISTNZFOVBIJMK3TQ&Expires=1424296844&Signature=af3Gf%2FWuUSpj1CpFq%2FJa%2Bo9hdUM%3D [following] --2015-02-18 22:00:03-- https://s3.amazonaws.com/github-cloud/releases/26509369/13097656-b36e-11e4-8ef9-5199611b5663.gz?response-content-disposition=attachment%3B%20filename%3Drocket-v0.3.2.tar.gz&response-content-type=application/octet-stream&AWSAccessKeyId=AKIAISTNZFOVBIJMK3TQ&Expires=1424296844&Signature=af3Gf%2FWuUSpj1CpFq%2FJa%2Bo9hdUM%3D Resolving s3.amazonaws.com... 54.231.244.4, 54.231.244.4 Connecting to s3.amazonaws.com|54.231.244.4|:443... connected. HTTP request sent, awaiting response... 200 OK Length: 15241351 (15M) [application/octet-stream] Saving to: 'rocket-v0.3.2.tar.gz' rocket-v0.3.2.tar.gz 100%[=====================================================================================================================================================================>] 14.54M 3.96MB/s in 6.0s 2015-02-18 22:00:10 (2.44 MB/s) - 'rocket-v0.3.2.tar.gz' saved [15241351/15241351] core@core-01 /tmp $ tar xzvf rocket-v0.3.2.tar.gz rocket-v0.3.2/ rocket-v0.3.2/rkt rocket-v0.3.2/stage1.aci core@core-01 /tmp $ cd rocket-v0.3.2 core@core-01 /tmp/rocket-v0.3.2 $ ./rkt NAME: rkt - rocket, the application container runner USAGE: rkt [global options] <command> [command options] [arguments...] VERSION: 0.3.2 COMMANDS: enter Enter the namespaces of an app within a rkt container fetch Fetch image(s) and store them in the local cache gc Garbage-collect rkt containers no longer in use help Show a list of commands or help for one command list List containers metadatasvc Run metadata service run Run image(s) in an application container in rocket status Check the status of a rkt container trust Trust a key for image verification version Print the version and exit GLOBAL OPTIONS: --debug=false Print out more debug information to stderr --dir=/var/lib/rkt rocket data directory --help=false Print usage information and exit --insecure-skip-verify=false skip image or key verification Run "rkt help <command>" for more details on a specific command.
パスに入れたいが/usr/bin
や/usr/local/bin
は書き込みできないので、/opt/bin
以下に移動させる。
この時rkt
だけ移動させたらrun
の時にエラーが出たので、stage1.aci
も/opt/bin
に移動する
まずは公開鍵をtrustする必要があると。
core@core-01 ~ $ sudo rkt trust --prefix coreos.com/etcd Prefix: "coreos.com/etcd" Key: "https://coreos.com/dist/pubkeys/aci-pubkeys.gpg" GPG key fingerprint is: 8B86 DE38 890D DB72 9186 7B02 5210 BD88 8818 2190 CoreOS ACI Builder <release@coreos.com> Are you sure you want to trust this key (yes/no)? yes Trusting "https://coreos.com/dist/pubkeys/aci-pubkeys.gpg" for prefix "coreos.com/etcd". Added key for prefix "coreos.com/etcd" at "/etc/rkt/trustedkeys/prefix.d/coreos.com/etcd/8b86de38890ddb7291867b025210bd8888182190"
次にACIをfetchする
core@core-01 ~ $ sudo rkt fetch coreos.com/etcd:v2.0.0 rkt: searching for app image coreos.com/etcd:v2.0.0 rkt: fetching image from https://github.com/coreos/etcd/releases/download/v2.0.0/etcd-v2.0.0-linux-amd64.aci Downloading ACI: [================================= ] 2.78 MB/3.7 MB Downloading signature from https://github.com/coreos/etcd/releases/download/v2.0.0/etcd-v2.0.0-linux-amd64.sig rkt: signature verified: ] 0 B/819 B CoreOS ACI Builder <release@coreos.com> sha512-fa1cb92dc276b0f9bedf87981e61ecde core@core-01 ~ $ sudo find /var/lib/rkt/cas/blob /var/lib/rkt/cas/blob /var/lib/rkt/cas/blob/sha512 /var/lib/rkt/cas/blob/sha512/fa /var/lib/rkt/cas/blob/sha512/fa/sha512-fa1cb92dc276b0f9bedf87981e61ecde93cc16432d2441f23aa006a42bb873df
適当にrunしてみると、 github の coreos 以下あたりから探すっぽい?
core@core-01 /tmp/rocket-v0.3.2 $ sudo rkt run coreos.com/etcd rkt: searching for app image coreos.com/etcd rkt: fetching image from https://github.com/coreos/etcd/releases/download/latest/etcd-latest-linux-amd64.aci error downloading the aci image: bad HTTP status code: 404
shaで起動できるのでダウンロードしたaciのハッシュを確認する。でrkt run
で起動できた
core@core-01 ~ $ sudo find /var/lib/rkt/cas/blob /var/lib/rkt/cas/blob /var/lib/rkt/cas/blob/sha512 /var/lib/rkt/cas/blob/sha512/f2 /var/lib/rkt/cas/blob/sha512/f2/sha512-f264bbef7e8d7f53800835e73e7ae79657bd42dbbbaeea7c84db828b3dfe7414 /var/lib/rkt/cas/blob/sha512/fa /var/lib/rkt/cas/blob/sha512/fa/sha512-fa1cb92dc276b0f9bedf87981e61ecde93cc16432d2441f23aa006a42bb873df core@core-01 ~ $ sudo rkt run sha512-fa1cb92dc276b0f9bedf87981e61ecde93cc16432d2441f23aa006a42bb873df 2015/02/18 22:17:49 no data-dir provided, using default data-dir ./default.etcd 2015/02/18 22:17:49 etcd: listening for peers on http://localhost:2380 2015/02/18 22:17:49 etcd: listening for peers on http://localhost:7001 2015/02/18 22:17:49 etcd: listening for client requests on http://localhost:2379 2015/02/18 22:17:49 etcd: listening for client requests on http://localhost:4001 2015/02/18 22:17:49 etcdserver: name = default 2015/02/18 22:17:49 etcdserver: data dir = default.etcd 2015/02/18 22:17:49 etcdserver: heartbeat = 100ms 2015/02/18 22:17:49 etcdserver: election = 1000ms 2015/02/18 22:17:49 etcdserver: snapshot count = 10000 2015/02/18 22:17:49 etcdserver: advertise client URLs = http://localhost:2379,http://localhost:4001 2015/02/18 22:17:49 etcdserver: initial advertise peer URLs = http://localhost:2380,http://localhost:7001 2015/02/18 22:17:49 etcdserver: initial cluster = default=http://localhost:2380,default=http://localhost:7001 2015/02/18 22:17:49 etcdserver: start member ce2a822cea30bfca in cluster 7e27652122e8b2ae 2015/02/18 22:17:49 raft: ce2a822cea30bfca became follower at term 0 2015/02/18 22:17:49 raft: newRaft ce2a822cea30bfca [peers: [], term: 0, commit: 0, applied: 0, lastindex: 0, lastterm: 0] 2015/02/18 22:17:49 raft: ce2a822cea30bfca became follower at term 1 2015/02/18 22:17:49 etcdserver: added local member ce2a822cea30bfca [http://localhost:2380 http://localhost:7001] to cluster 7e27652122e8b2ae 2015/02/18 22:17:51 raft: ce2a822cea30bfca is starting a new election at term 1 2015/02/18 22:17:51 raft: ce2a822cea30bfca became candidate at term 2 2015/02/18 22:17:51 raft: ce2a822cea30bfca received vote from ce2a822cea30bfca at term 2 2015/02/18 22:17:51 raft: ce2a822cea30bfca became leader at term 2 2015/02/18 22:17:51 raft.node: ce2a822cea30bfca elected leader ce2a822cea30bfca at term 2 2015/02/18 22:17:51 etcdserver: published {Name:default ClientURLs:[http://localhost:2379 http://localhost:4001]} to cluster 7e27652122e8b2ae
core@core-01 ~ $ curl -L http://127.0.0.1:4001/v2/keys/mykey -XPUT -d value="this is awesome" {"action":"set","node":{"key":"/mykey","value":"this is awesome","modifiedIndex":3,"createdIndex":3}} core@core-01 ~ $ curl -L http://127.0.0.1:4001/v2/keys/mykey {"action":"get","node":{"key":"/mykey","value":"this is awesome","modifiedIndex":3,"createdIndex":3}}
うん動いてる。デフォルトではネットワークはホストと同じなので普通にlocalhostを叩けば動いてる
バックグラウンドで動かすのはどうするんだ。と思ったら
なるほどー
CoreOSは諦めてUbuntuでdocker2aciを試してみよう
続いてdocker2aciを試してみる
https://github.com/appc/docker2aci
docker2aciはgo getで入れる
:~$ docker2aci nginx Downloading layer: 511136ea3c5a64f264b78b5433614aec563103b4d4702f3ba7d4d2698e22c158 Downloading layer: 30d39e59ffe287f29a41a3f8bd70734afc8728329e3289945cbdc5bbf07cd980 Downloading layer: c90d655b99b2ec5b7e94d38c87f92dce015c17a313caeaae0e980d9b9bed8444 Downloading layer: d9ee0b8eeda7cdce8daab64703c447b91bfa33a2753c448d754172614686478a Downloading layer: 3225d58a895a27fcf9680bf608d8c743f6d040e2363769394841dc5a51ce97dd Downloading layer: 224fea58b6ccee753e7ec49985d787ffadde80538549ef801722d608fe2c19b7 Downloading layer: ef9d79968cc61c3cb1d4c5d36f7d619d26a798ea8bf286757ad91d9c2ce59ece Downloading layer: f22d05624ebc118eaa4b35a77c947e08149157bbc96fc08e6630990684458810 Downloading layer: 117696d1464ead0e4bc2e667d16699bdbbdc76ef891052ded1fb8a5296ad34e8 Downloading layer: 2ebe3e67fb764073178284f4166e1bae2e43c869950e9d8f22c350cbd4758cd7 Downloading layer: ad82b43d65959627eee7fe22881f500e83ef4d5f8965a6f7b094b8988ea6d3b2 Downloading layer: e90c322c3a1c8416eb76e6eec8ad2aac7ae2c37b9e6fe6d62cce8224f90e3001 Downloading layer: 4b5657a3d16202ebc510e4eb826e624277a4d0c5b970d470e57962d4af7cd348 ~$ sudo rkt -debug run nginx-latest.aci 2015/02/19 16:05:02 Preparing stage1 2015/02/19 16:05:02 Wrote filesystem to /var/lib/rkt/containers/ef273d47-ab90-4728-876e-e14f5faedc73 2015/02/19 16:05:02 Loading image sha512-1927001e19e5614c59afe3739ca493c9a5b67d1d5617b4264ae075a6462be52c 2015/02/19 16:05:03 Writing container manifest 2015/02/19 16:05:03 Pivoting to filesystem /var/lib/rkt/containers/ef273d47-ab90-4728-876e-e14f5faedc73 2015/02/19 16:05:03 Execing /init Spawning container rootfs on /var/lib/rkt/containers/ef273d47-ab90-4728-876e-e14f5faedc73/stage1/rootfs. Press ^] three times within 1s to kill container. /etc/localtime is not a symlink, not updating container timezone. systemd 215 running in system mode. (-PAM -AUDIT -SELINUX +IMA -SYSVINIT +LIBCRYPTSETUP -GCRYPT -ACL -XZ +SECCOMP -APPARMOR) Detected virtualization 'systemd-nspawn'. Detected architecture 'x86-64'. Welcome to Linux! Initializing machine ID from container UUID. [ OK ] Created slice -.slice. [ OK ] Created slice system.slice. Starting Graceful exit watcher... [ OK ] Started Graceful exit watcher. Starting index.docker.io/nginx... [ OK ] Started index.docker.io/nginx. [ OK ] Reached target Rocket apps target. nginx: invalid option: "off" sha512-1927001e19e5614c59afe3739ca493c9.service: main process exited, code=exited, status=1/FAILURE Service exit-watcher.service is not needed anymore. Stopping. Unit sha512-1927001e19e5614c59afe3739ca493c9.service entered failed state. Triggering OnFailure= dependencies of sha512-1927001e19e5614c59afe3739ca493c9.service. Shutting down. Sending SIGTERM to remaining processes... Sending SIGKILL to remaining processes... Unmounting file systems. Unmounting /proc/sys/kernel/random/boot_id. All filesystems unmounted. Halting system. Container rootfs has been shut down.
なんか変換はできてるっぽいけどよーわからん動かない
別のイメージで試してみよう。redisで
~$ docker2aci redis Downloading layer: 511136ea3c5a64f264b78b5433614aec563103b4d4702f3ba7d4d2698e22c158 Downloading layer: 30d39e59ffe287f29a41a3f8bd70734afc8728329e3289945cbdc5bbf07cd980 Downloading layer: c90d655b99b2ec5b7e94d38c87f92dce015c17a313caeaae0e980d9b9bed8444 Downloading layer: b2418d3703c4248e07e98f97933cf61c6a9737d004b947b337eaf949116e846c Downloading layer: a9be1f2beb10e5f25fadc462298d8d113c39beb32982b06d4bcad85824b764fe Downloading layer: 97047ea9f5f491ebbb0628373e5b89f2ec0b9a3ff8c5d2e8780b700384c5ac17 Downloading layer: 643554a01e20021d05d6dde689ff810f1d97e0e43f7f2ec866d0fbbf452092ca Downloading layer: b2d28145057ecf5a580c60373b5187f3fa2970a3c3086fc8ec42734560e8bfdf Downloading layer: 2b9e6c467faf34498b938e6f2826c08694ba4914461c1cbf49e2ff62208676e0 Downloading layer: 74f42bf6da0cda3d7d5a3fb2c8724ae321817f0c4df863891bd3ce76c8a54013 Downloading layer: 239c3ae47786f0a1b85e78d46139aaa9a6405f6a063b64e45f8cd43e2161feea Downloading layer: dbe0ee23d0a635bc6723afe7a6559fa08f6acf5ec18531de3db4aabff8fac43b Downloading layer: 9ef278b3f543d5b49cd665cc8feaadeabd118a4be5096b2bd6a9a528e626a64c Downloading layer: 9bf78464cc9210962d770b88eb6a9f0b74581f8f09cfff8f7756e16fc46e9c0c Downloading layer: bfcd4901e679dd96bf85dda3e232c31b8c700d3a8a0716d266155d49aaa9624b Downloading layer: cb1becc16e9ff42b18ca229312f1c07e75eab0e499a8fc540079a3546f4135dc Downloading layer: 4380cd9116fa10a0ba96f392d3d8733a198fb5521fb68f2c8b214518f167b1c6 Downloading layer: 868be653dea3ff6082b043c0f34b95bb180cc82ab14a18d9d6b8e27b7929762c Generated ACI(s): redis-latest.aci ~$ sudo rkt -debug run redis-latest.aci 2015/02/19 16:10:07 Preparing stage1 2015/02/19 16:10:07 Wrote filesystem to /var/lib/rkt/containers/fd7cd31e-aad2-4862-8ee7-fde64c7830e9 2015/02/19 16:10:07 Loading image sha512-4d885ab6926ae039415e1f80eb5519e8e5e09ab6901f9b68120394d66b39fb9d 2015/02/19 16:10:08 Writing container manifest 2015/02/19 16:10:08 Pivoting to filesystem /var/lib/rkt/containers/fd7cd31e-aad2-4862-8ee7-fde64c7830e9 2015/02/19 16:10:08 Execing /init Spawning container rootfs on /var/lib/rkt/containers/fd7cd31e-aad2-4862-8ee7-fde64c7830e9/stage1/rootfs. Press ^] three times within 1s to kill container. /etc/localtime is not a symlink, not updating container timezone. systemd 215 running in system mode. (-PAM -AUDIT -SELINUX +IMA -SYSVINIT +LIBCRYPTSETUP -GCRYPT -ACL -XZ +SECCOMP -APPARMOR) Detected virtualization 'systemd-nspawn'. Detected architecture 'x86-64'. Welcome to Linux! Initializing machine ID from container UUID. [ OK ] Created slice -.slice. [ OK ] Created slice system.slice. Starting Graceful exit watcher... [ OK ] Started Graceful exit watcher. Starting index.docker.io/redis... [ OK ] Started index.docker.io/redis. [ OK ] Reached target Rocket apps target. [3] 19 Feb 07:10:08.537 # Warning: no config file specified, using the default config. In order to specify a config file use redis-server /path/to/redis.conf [3] 19 Feb 07:10:08.537 # You requested maxclients of 10000 requiring at least 10032 max file descriptors. [3] 19 Feb 07:10:08.537 # Redis can't set maximum open files to 10032 because of OS error: Operation not permitted. [3] 19 Feb 07:10:08.537 # Current maximum open files is 1024. maxclients has been reduced to 4064 to compensate for low ulimit. If you need higher maxclients increase 'ulimit -n'. _._ _.-``__ ''-._ _.-`` `. `_. ''-._ Redis 2.8.19 (00000000/0) 64 bit .-`` .-```. ```\/ _.,_ ''-._ ( ' , .-` | `, ) Running in stand alone mode |`-._`-...-` __...-.``-._|'` _.-'| Port: 6379 | `-._ `._ / _.-' | PID: 3 `-._ `-._ `-./ _.-' _.-' |`-._`-._ `-.__.-' _.-'_.-'| | `-._`-._ _.-'_.-' | http://redis.io `-._ `-._`-.__.-'_.-' _.-' |`-._`-._ `-.__.-' _.-'_.-'| | `-._`-._ _.-'_.-' | `-._ `-._`-.__.-'_.-' _.-' `-._ `-.__.-' _.-' `-._ _.-' `-.__.-' [3] 19 Feb 07:10:08.538 # Server started, Redis version 2.8.19 [3] 19 Feb 07:10:08.539 * The server is now ready to accept connections on port 6379
動いた
バックグラウンドにできないので別のターミナルで叩いてみる
~$ redis-cli 127.0.0.1:6379> SET foo bar OK 127.0.0.1:6379> GET foo "bar"
できた。動くものは動くらしいが動かないものは動かないのでまぁきっとまだそんなもんだろう
次は仕様読んだり自分でイメージ作ったりしてみたいところ