智能化下的产物,无人棋牌室
Rocket (rkt) 发布 1.0 版本,这意味着从现在开始该引擎可用于生产环境。其命令行工具和磁盘格式等都认为是稳定的,可以再次开发。从该版本开始,任何接口方面的改动都会考虑向后的兼容性。
可以访问 landing page on the CoreOS site 来获取更多的信息。
完整的改进内容包括:
新特性和用户体验的变化:
- Add pod creation and start times to
rkt list
andrkt status
(#2030). Seerkt list
andrkt status
documentation. - The DNS configuration can now be passed to the pod via the command line (#2040). See
DNS support
documentation. - Errors are now structured, allowing for better control of the output (#1937). See Error & Output for how a developer should use it.
- All output now uses the new log package in
pkg/log
to provide a more clean and consistent output format and more helpful debug output (#1937). - Added configuration for stage1 image. Users can drop a configuration file to
/etc/rkt/stage1.d
(or tostage1.d
in the user configuration directory) to tell rkt to use a different stage1 image name, version and location instead of build-time defaults (#1977). - Replaced the
--stage1-image
flag with a new set of flags.--stage1-url
,--stage-path
,--stage1-name
do the usual fetching from remote if the image does not exist in the store.--stage1-hash
takes the stage1 image directly from the store.--stage1-from-dir
works together with the default stage1 images directory and is described in the next point (#1977). - Added default stage1 images directory. User can use the newly added
--stage1-from-dir
parameter to avoid typing the full path.--stage1-from-dir
behaves like--stage1-path
(#1977). - Removed the deprecated
--insecure-skip-verify
flag (#2068). - Fetched keys are no longer automatically trusted by default, unless
--trust-keys-from-https
is used. Additionally, newly fetched keys have to be explicitly trusted withrkt trust
if a previous key was trusted for the same image prefix (#2033). - Use NAT loopback to make ports forwarded in pods accessible from localhost (#1256).
- Show a clearer error message when unprivileged users execute commands that require root privileges (#2081).
- Add a rkt tmpfiles configuration file to make the creation of the rkt data directory on first boot easier (#2088).
- Remove
rkt install
command. It was replaced with asetup-data-dir.sh
script (#2101.
Bug 修复
- Fix regression when authenticating to v2 Docker registries (#2008).
- Don’t link to libacl, but dlopen it (#1963). This means that rkt will not crash if libacl is not present on the host, but it will just print a warning.
- Only suppress diagnostic messages, not error messages in stage1 (#2111).
其他变化
- Trusted Platform Module logging (TPM) is now enabled by default (#1815). This ensures that rkt benefits from security features by default. See rkt’s Build Configuration documentation.
- Added long descriptions to all rkt commands (#2098).
移植
- The
--stage1-image
flag was removed. Scripts using it should be updated to use one of--stage1-url
,--stage1-path
,--stage1-name
,--stage1-hash
or--stage1-from-dir
- All uses of the deprecated
--insecure-skip-verify
flag should be replaced with the--insecure-options
flag which allows user to selectively disable security features. - The
rkt install
command was removed in favor of thedist/scripts/setup-data-dir.sh
script.
Note for packagers
With this release, rkt
RPM/dpkg packages should have the following updates:
- Pass
--enable-tpm=no
to configure script, ifrkt
should not use TPM. - Use the
--with-default-stage1-images-directory
configure flag, if the default is not acceptable and install the built stage1 images there. - Distributions using systemd: install the new file
dist/init/systemd/tmpfiles.d/rkt.conf
in/usr/lib/tmpfiles.d/rkt.conf
and then runsystemd-tmpfiles --create rkt.conf
. This can replace runningrkt install
to set the correct ownership and permissions.