github.com/maier/nomad@v0.4.1-0.20161110003312-a9e3d0b8549d/website/source/docs/drivers/rkt.html.md (about) 1 --- 2 layout: "docs" 3 page_title: "Drivers: Rkt" 4 sidebar_current: "docs-drivers-rkt" 5 description: |- 6 The rkt task driver is used to run application containers using rkt. 7 --- 8 9 # Rkt Driver 10 11 Name: `rkt` 12 13 The `rkt` driver provides an interface for using CoreOS rkt for running 14 application containers. 15 16 ~> **Experimental!** Currently, the rkt driver supports launching containers but 17 does not support dynamic ports. This can lead to port conflicts and as such, 18 this driver is being marked as experimental and should be used with care. 19 20 ## Task Configuration 21 22 ```hcl 23 task "webservice" { 24 driver = "rkt" 25 26 config { 27 image = "redis:3.2" 28 } 29 } 30 ``` 31 32 The `rkt` driver supports the following configuration in the job spec: 33 34 * `image` - The image to run. May be specified by name, hash, ACI address 35 or docker registry. 36 37 ```hcl 38 config { 39 image = "https://hub.docker.internal/redis:3.2" 40 } 41 ``` 42 43 * `command` - (Optional) A command to execute on the ACI. 44 45 ```hcl 46 config { 47 command = "my-command" 48 } 49 ``` 50 51 * `args` - (Optional) A list of arguments to the optional `command`. References 52 to environment variables or any [interpretable Nomad 53 variables](/docs/runtime/interpolation.html) will be interpreted before 54 launching the task. 55 56 ```hcl 57 config { 58 args = [ 59 "-bind", "${NOMAD_PORT_http}", 60 "${nomad.datacenter}", 61 "${MY_ENV}", 62 "${meta.foo}", 63 ] 64 } 65 ``` 66 67 * `trust_prefix` - (Optional) The trust prefix to be passed to rkt. Must be 68 reachable from the box running the nomad agent. If not specified, the image is 69 run without verifying the image signature. 70 71 * `dns_servers` - (Optional) A list of DNS servers to be used in the containers. 72 73 * `dns_search_domains` - (Optional) A list of DNS search domains to be used in 74 the containers. 75 76 * `net` - (Optional) A list of networks to be used by the containers 77 78 * `port_map` - (Optional) A key/value map of port to be used by the container. 79 port name in the image manifest file needs to be specified for the value. For example: 80 81 ``` 82 port_map { 83 app = "8080-tcp" 84 } 85 ``` 86 87 See below for more details. 88 89 * `debug` - (Optional) Enable rkt command debug option. 90 91 * `volumes` - (Optional) A list of `host_path:container_path` strings to bind 92 host paths to container paths. 93 94 ```hcl 95 config { 96 volumes = ["/path/on/host:/path/in/container"] 97 } 98 ``` 99 100 ## Networking 101 102 The `rkt` can specify `--net` and `--port` for the rkt client. Hence, there are two ways to use host ports by 103 using `--net=host` or `--port=PORT` with your network. 104 105 Example: 106 107 ``` 108 task "redis" { 109 # Use rkt to run the task. 110 driver = "rkt" 111 112 config { 113 # Use docker image with port defined 114 image = "docker://redis:latest" 115 port_map { 116 app = "6379-tcp" 117 } 118 } 119 120 service { 121 port = "app" 122 } 123 124 resources { 125 network { 126 mbits = 10 127 port "app" { 128 static = 12345 129 } 130 } 131 } 132 } 133 ``` 134 135 ### Allocating Ports 136 137 You can allocate ports to your task using the port syntax described on the 138 [networking page](/docs/job-specification/network.html). 139 140 When you use port allocation, the image manifest needs to declare public ports and host has configured network. 141 For more information, please refer to [rkt Networking](https://coreos.com/rkt/docs/latest/networking/overview.html). 142 143 ## Client Requirements 144 145 The `rkt` driver requires rkt to be installed and in your system's `$PATH`. 146 The `trust_prefix` must be accessible by the node running Nomad. This can be an 147 internal source, private to your cluster, but it must be reachable by the client 148 over HTTP. 149 150 ## Client Configuration 151 152 The `rkt` driver has the following [client configuration 153 options](/docs/agent/configuration/client.html#options): 154 155 * `rkt.volumes.enabled`: Defaults to `true`. Allows tasks to bind host paths 156 (`volumes`) inside their container. Binding relative paths is always allowed 157 and will be resolved relative to the allocation's directory. 158 159 160 ## Client Attributes 161 162 The `rkt` driver will set the following client attributes: 163 164 * `driver.rkt` - Set to `1` if rkt is found on the host node. Nomad determines 165 this by executing `rkt version` on the host and parsing the output 166 * `driver.rkt.version` - Version of `rkt` eg: `1.1.0`. Note that the minimum required 167 version is `1.0.0` 168 * `driver.rkt.appc.version` - Version of `appc` that `rkt` is using eg: `1.1.0` 169 170 Here is an example of using these properties in a job file: 171 172 ```hcl 173 job "docs" { 174 # Only run this job where the rkt version is higher than 0.8. 175 constraint { 176 attribute = "${driver.rkt.version}" 177 operator = ">" 178 value = "1.2" 179 } 180 } 181 ``` 182 183 ## Resource Isolation 184 185 This driver supports CPU and memory isolation by delegating to `rkt`. Network 186 isolation is not supported as of now.