github.com/stackdocker/rkt@v0.10.1-0.20151109095037-1aa827478248/Documentation/subcommands/metadata-service.md (about) 1 # rkt metadata-service 2 3 ## Overview 4 5 The metadata service is designed to help running apps introspect their execution environment and assert their pod identity. 6 In particular, the metadata service exposes the contents of the pod and image manifests as well as a convenient method of looking up annotations. 7 Finally, the metadata service provides a pod with cryptographically verifiable identity. 8 9 ## Running the metadata service 10 11 The metadata service is implemented by the `rkt metadata-service` command. 12 When started, it will listen for registration events over Unix socket on `/run/rkt/metadata-svc.sock`. 13 For systemd-based distributions, it also supports [systemd socket activation](http://0pointer.de/blog/projects/socket-activation.html). 14 15 If using socket activation, ensure the socket is named `/run/rkt/metadata-svc.sock`, as `rkt run` uses this name during registration. 16 Please note that when started under socket activation, the metadata service will not remove the socket on exit. 17 Use the `RemoveOnStop` directive in the relevant `.socket` file to clean up. 18 19 Example systemd unit files for running the metadata service are available in [dist](https://github.com/coreos/rkt/tree/master/dist/init/systemd). 20 21 In addition to listening on a Unix socket, the metadata service will also listen on a TCP port 2375. 22 When contacting the metadata service, the apps utilize this port. 23 The IP and port of the metadata service are passed by rkt to pods via the `AC_METADATA_URL` environment variable. 24 25 ## Using the metadata service 26 27 See [App Container specification](https://github.com/appc/spec/blob/master/SPEC.md#app-container-metadata-service) for more information about the metadata service including a list of supported endpoints and their usage.