sourCEntral - mobile manpages

pdf

rkt - App Container runtime

NAME

rkt−run − Run image(s) in a pod in rkt

SYNOPSIS

rkt run [−−volume=name,kind=host,...] [−−mount volume=VOL,target=PATH] IMAGE [−− image−args...[−−−]]...

DESCRIPTION

IMAGE should be a string referencing an image; either a hash, local file on disk, or URL. They will be checked in that order and the first match will be used.

Volumes are made available to the container via −−volume. Mounts bind volumes into each image’s root within the container via −−mount. −−mount is position−sensitive; occurring before any images applies to all images, occurring after any images applies only to the nearest preceding image. Per−app mounts take precedence over global ones if they have the same path.

An "−−" may be used to inhibit rkt run’s parsing of subsequent arguments, which will instead be appended to the preceding image app’s exec arguments. End the image arguments with a lone "−−−" to resume argument parsing.

OPTIONS

−−caps−remove=
capability to remove (example: ’−−caps−remove=CAP_MKNOD’)

−−caps−retain=
capability to retain (example: ’−−caps−retain=CAP_SYS_ADMIN’)

−−cpu=
cpu limit for the preceding image (example: ’−−cpu=500m’)

−−cpu−shares=
cpu−shares assigns the specified CPU time share weight (example: ’−−cpu−shares=2048’)

−−dns=
name servers to write in /etc/resolv.conf. Pass ’host’ to use host’s resolv.conf. Pass ’none’ to ignore CNI DNS config

−−dns−domain=""
DNS domain to write in /etc/resolv.conf

−−dns−opt=
DNS options to write in /etc/resolv.conf

−−dns−search=
DNS search domains to write in /etc/resolv.conf

−−environment=
set the app’s environment variables (example: ’−−environment=foo=bar’)

−−exec=
override the exec command for the preceding image

−−group=
group override for the preceding image (example: ’−−group=group’)

−−hostname=""
pod’s hostname. If empty, it will be "rkt−$PODUUID"

−−hosts−entry=
Entries to add to the pod−wide /etc/hosts. Pass ’host’ to use the host’s /etc/hosts

−−inherit−env[=false]
inherit all environment variables not set by apps

−−interactive[=false]
run pod interactively. If true, only one image may be supplied.

−−mds−register[=false]
register pod with metadata service. needs network connectivity to the host (−−net=(default|default−restricted|host)

−−memory=
memory limit for the preceding image (example: ’−−memory=16Mi’, ’−−memory=50M’, ’−−memory=1G’)

−−mount=
mount point binding a volume to a path within an app

−−name=
set the name of the app (example: ’−−name=foo’). If not set, then the app name default to the image’s name

−−net[=default]
configure the pod’s networking. Optionally, pass a list of user−configured networks to load and set arguments to pass to each network, respectively. Syntax: −−net[=n[:args], ...]

−−no−overlay[=false]
disable overlay filesystem

−−no−store[=false]
fetch images ignoring the local store

−−oom−score−adj=
oom−score−adj isolator override

−−pod−manifest=""
the path to the pod manifest. If it’s non−empty, then only ’−−net’, ’−−no−overlay’ and ’−−interactive’ will have effect

−−port=
ports to expose on the host (requires contained network). Syntax: −−port=NAME:[HOSTIP:]HOSTPORT

−−private−users[=false]
run within user namespaces.

−−readonly−rootfs=
if set, the app’s rootfs will be mounted read−only

−−seccomp=
seccomp filter override (example: ’−−seccomp mode=retain,errno=EPERM,chmod,chown’)

−−set−env=
environment variable to set for all the apps in the form key=value, this will be overriden by −−environment

−−set−env−file=
path to an environment variables file

−−signature=
local signature file to use in validating the preceding image

−−stage1−from−dir=
filename of an image in stage1 images directory to use as stage1

−−stage1−hash=
hash of an image to use as stage1

−−stage1−name=
name of an image to use as stage1

−−stage1−path=
absolute or relative path to an image to use as stage1

−−stage1−url=
URL to an image to use as stage1

−−store−only[=false]
use only available images in the store (do not discover or download from remote URLs)

−−supplementary−gids=
supplementary group IDs override for the preceding image (examples: ’−−supplementary−gids=1024,2048’

−−user=
user override for the preceding image (example: ’−−user=user’)

−−user−annotation=
set the app’s annotations (example: ’−−user−annotation=foo=bar’)

−−user−label=
set the app’s labels (example: ’−−user−label=foo=bar’)

−−uuid−file−save=""
write out pod UUID to specified file

−−volume=
volumes to make available in the pod

−−working−dir=
override the working directory of the preceding image

OPTIONS INHERITED FROM PARENT COMMANDS

−−debug[=false]
print out more debug information to stderr

−−dir=/var/lib/rkt
rkt data directory

−−insecure−options=none
comma−separated list of security features to disable. Allowed values: "none", "image", "tls", "ondisk", "http", "pubkey", "capabilities", "paths", "seccomp", "all−fetch", "all−run", "all"

−−local−config=/etc/rkt
local configuration directory

−−system−config=/usr/lib/rkt
system configuration directory

−−trust−keys−from−https[=false]
automatically trust gpg keys fetched from https

−−user−config=
user configuration directory

SEE ALSO

rkt(1)

HISTORY

17−Mar−2017 Auto generated by spf13/cobra

pdf