Docker,Rkt谁会笑到最后 FreeBSD平台基于jails/ZFS Jetpack https://github.com/3ofcoins/jetpack Nose Cone https://github.com/cdaylward/nosecone
正在制定中的AppC容器规范设计目标包括:
-
组件式工具:用于下载、部署和运行虚拟容器环境的操作工具应该相互独立、互不依赖且可被替换。
-
镜像安全性:镜像在因特网下载传输时应当使用加密协议,容器工具应当内置验证机制,以拒绝不安全来源的镜像。
-
操作去中心化:镜像分发应该支持可扩展的传输协议,未来允许引入P2P,甚至BitTorrent协议来提升镜像分发效率,且容器使用前不应需要登录特定的镜像仓库。
- 开放性标准:容器镜像的格式与元数据定义应该由社区设立统一协商制定,使得符合这一规范的不同容器产品能够共享镜像文件。
rkt (pronounced
Some of rkt's key features and goals include:
-
Security: rkt is developed with a
principle of "secure-by-default", and includes a number of
important security features like support
for
SELinux, TPM measurement, and running app containers in hardware-isolated VMs. -
Composability: rkt is designed for
first-class integration with init systems (systemd,
upstart) and cluster orchestration tools
(fleet,
Kubernetes, Nomad), and supports swappable execution engines. -
Open standards and compatibility:
rkt implements the
appc specification, supports the Container Networking Interface specification, and can also run Docker images.
For more on the background and motivation behind rkt, read the
original
Jetpack https://github.com/3ofcoins/jetpack
Jetpack is an
This document uses some language used in
Nose Cone https://github.com/cdaylward/nosecone
Overview
Nose Cone is a C++