Playing with rkt and appc

rkt, aci, docker

Evolution is an ongoing process. In the containers spectrum it has been a regular custom to experiment with new stuff and make it better with time. Saying so one of the coolest evolving projects is the rkt project by Coreos guys. It is a substitute of the famous docker container project and uses different methodology than the docker project. So, I began exploring and found out that its a really interesting approach on building containers.

In this post I have shared some of my findings below:

About rkt

rkt is an awesome project which started way back with a minor conflict of opinions on containers between the Docker guys and CoreOS guys. It is designed for security, simplicity, and composability within modern cluster architectures. rkt implements a modern, open, standard container format, the App Container (appc), but can also execute other container images, like those created with docker. The most fundamental atomic unit in rkt is the pod, which is a group of related containers that share resources. One of the amazing things about rkt is that it is a single binary that integrates with init systems, scripts, and complex devops pipelines. Containers take their correct place in the PID heirachy and can be managed with standard utilities.

rkt-1 0-banner

About appc

appc defines several independent but composable aspects involved in running application containers, including an image format, runtime environment, and discovery mechanism for application containers. It creates images known as ACI. ACI’s full form is Application Container Image. You can think of it as a similar to docker Images.

acbuild is a simple unix utility for constructing ACI manifests and container filesystems.acbuild presents options for mapping ports, mounting filesystems, and specifying the base containers from which higher-level images are built — a dependency, in acbuild parlance.

Some of the features of ACI include:

  • Composable
  • Security
  • Decentralization
  • Open Source


Building ACI Images

Building aci images is easy to use with an awesome acbuild project. Using this project you can easily create your own aci images. Its under heavy development process and might change its workflow in the future. By building aci images you can directly use them with rkt. Much as like you can use docker images with docker.

Before starting to use the acibuild you need to follow these steps:

Instead of running multiple commands on the terminal. I have decide to use one of the simple techniques to build an aci image. In this technique we use a shell script to automate the process of building an ACI. Using the shell script we can execute multiple acbuild commands. You can consider it as a similar way like using Dockerfile to build your docker images.

Building rkt containers

Here are the steps to follow:

How it works ?

rkt works in multiple ways. Some of the most common ways include by using:

But all of these include one common thing that is to use the aci images while building up the rkt containers. So I am going to discuss one of the most commonly used methods to build up rkt containers. In this method I am going to fetch a simple docker container from the docker registry and use it to build up a rkt container.

rkt run --interactive docker://ubuntu --insecure-options=image

In the above command, we use --interactive flag for using the STDIN and STDOUT devices from your kernel. The --insecure-options=image is used because some of the docker images don’t have image signature verification. This flag skips the trouble of verifying image. Behind the scenes here’s a depiction of what happens:


Basically what rkt does is simply pull the docker image from the registry.In every case you have to specify the registry using which you are pulling down the image. As per usage there are two popular options namely, docker registry and After it fetches the image. A utility called as docker2aci is used to convert these images to aci images. Then using this image the rkt container automatically brings up the rkt container.

Garbage Collection

This is one of the features that I love the most about rkt containers. In this feature,rkt can easily clear out containers that have exited and are not in use. Truly saying I feel that this feature is of very high importance. The reason is that when you deploy a huge lot of containers in real time scenario,it becomes really hard to manage containers which have exited and which are running. This creates a true messy condition for the user.Using the rkt gc command,it can automatically reap exited pods and container images from the local store after a configurable grace period.

Switching from Docker to rkt

As a regular Docker user myself I find it hard to understand and use all the best of commands in rkt.So I have tried to summarize some of the commands that can be used while switching from docker to rkt :

Docker rkt
docker pull rkt fetch
docker ps rkt list
docker images rkt image list
docker run -i -t rkt run –interactive

Hope you enjoyed this post,please tell us your opinions in the comments section below.

The Remote Lab DevOps Offerings:

Hope you Enjoyed! Keep exploring.Keep learning.

Need DevOps help? - Get in touch with The Remote Lab LinkedIn Facebook Github Twitter