Documentation/vagrant: use rkt binary for getting started

Currently to get started with rkt we recommend using "vagrant up". This tries to build rkt inside a virtual machine. This cleans up the install-vagrant.sh script to use a released version of rkt instead. It also removes scripts not being used any more. Fixes #2789
rkt · Jun 21, 2016 · f0bed3d · f0bed3d
1 parent af7ffb3
commit f0bed3d
Show file tree

Hide file tree

Showing 9 changed files with 152 additions and 191 deletions.
diff --git a/Documentation/distributions.md b/Documentation/distributions.md
@@ -7,6 +7,36 @@ The [CoreOS releases page](https://coreos.com/releases/) lists the version of rk
 
 If the version of rkt included in CoreOS is too old, it's fairly trivial to fetch the desired version [via a systemd unit](install-rkt-in-coreos.md)
 
+## Debian
+
+rkt currently is packaged in Debian sid (unstable) available at https://packages.debian.org/sid/utils/rkt:
+
+```
+sudo apt-get install rkt
+```
+
+Note that due to an outstanding bug (https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=823322) one has to use the "coreos" stage1 image:
+
+```
+sudo rkt run --insecure-options=image --stage1-name=coreos.com/rkt/stage1-coreos:1.5.1 docker://nginx
+```
+
+If you prefer to install the newest version of rkt follow the instructions in the Ubuntu section below.
+
+## Ubuntu
+
+rkt is not packaged currently in Ubuntu. If you want the newest version of rkt the easiest method to install it is using the `install-rkt.sh` script:
+
+```
+sudo ./scripts/install-rkt.sh
+```
+
+The above script will install the "gnupg2", and "checkinstall" packages, download rkt, verify it, and finally invoke "checkinstall" to create a deb pakage and install rkt. To uninstall rkt, execute:
+
+```
+sudo apt-get remove rkt
+```
+
 ## Fedora
 
 rkt is packaged in the development version of Fedora, [Rawhide](https://fedoraproject.org/wiki/Releases/Rawhide):

diff --git a/Documentation/getting-started-ubuntu.md b/Documentation/getting-started-ubuntu.md
diff --git a/Documentation/trying-out-rkt.md b/Documentation/trying-out-rkt.md
@@ -5,7 +5,7 @@ For a more in-depth guide of a full end-to-end workflow of building an applicati
 
 ## Using rkt on Linux
 
-rkt consists of a single CLI tool, and is currently supported on amd64 Linux. A modern kernel is required but there should be no other system dependencies. We recommend booting up a fresh virtual machine to test out rkt.
+rkt consists of a single CLI tool and can run on different platforms. The primary target platform currently is amd64 Linux. A modern kernel is required but there should be no other system dependencies.
 
 To download the rkt binary, simply grab the latest release directly from GitHub:
 
@@ -16,6 +16,10 @@ cd rkt-v1.8.0
 ./rkt help
 ```
 
+Like most applications, the easiest way to run rkt is to install it with your system's package manager, like apt on Debian or dnf on Fedora. If your distribution doesn't include a rkt package, or your operating system isn't Linux at all, running rkt in a Vagrant virtual machine can be nearly as simple. The instructions below start a virtual machine with rkt installed and ready to run.
+
+Refer to the [distributions guide](distributions.md) whether a package is available for your Linux distribution.
+
 **SELinux Note**: rkt can use SELinux but the policy needs to be tailored to your distribution. We suggest that new users [disable SELinux](https://www.centos.org/docs/5/html/5.1/Deployment_Guide/sec-sel-enable-disable.html) to get started. If you can help package rkt for your distro [please help](https://github.com/coreos/rkt/issues?utf8=%E2%9C%93&q=is%3Aopen+is%3Aissue+label%3Aarea%2Fdistribution++label%3Adependency%2Fexternal)!
 
 ### Optional: Set up Privilege Separation
@@ -65,7 +69,7 @@ If you want to run Vagrant on a Linux host machine, you may want to use libvirt
 ```
 vagrant plugin install vagrant-libvirt
 vagrant plugin install vagrant-mutate
-vagrant mutate ubuntu/vivid64 libvirt
+vagrant mutate ubuntu/xenial64 libvirt
 vagrant up --provider=libvirt
 ```
 
@@ -76,6 +80,55 @@ vagrant ssh
 rkt --help
 ```
 
+Additional help can be consulted in the rkt man pages:
+
+```
+man rkt
+```
+
+The Vagrant setup also includes bash-completion to assist with rkt subcommands and options.
+
+To reach pods from your host determine the IP address of the Vagrant machine:
+
+```
+vagrant ssh -c 'ip address'
+...
+3: enp0s8: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP group default qlen 1000
+    link/ether 08:00:27:04:e4:5d brd ff:ff:ff:ff:ff:ff
+    inet 172.28.128.3/24 brd 172.28.128.255 scope global enp0s8
+       valid_lft forever preferred_lft forever
+...
+
+```
+
+In the given example the Vagrant machine has the IP address `172.28.128.3`. The following command starts a nginx container using host networking and will be reachable from the host:
+
+```
+sudo rkt run --net=host --insecure-options=image docker://nginx
+```
+
+The nginx container is now accessible on the host under http://172.28.128.3. In order to use containers with the default contained network, a route to the 172.16.28.0/24 network has to be configured on the host:
+
+On Linux execute:
+```
+sudo ip route add 172.16.28.0/24 via 172.28.128.3
+```
+
+On OSX execute:
+```
+sudo route -n add 172.16.28.0/24 172.28.128.3
+```
+
+Now nginx can be started using the default network:
+```
+$ sudo rkt run --insecure-options=image docker://nginx
+$ rkt list
+UUID		APP	IMAGE NAME					STATE	CREATED		STARTED		NETWORKS
+0c3ab969	nginx	registry-1.docker.io/library/nginx:latest	running	2 minutes ago	2 minutes ago	default:ip4=172.16.28.2
+```
+
+The nginx container is now accessible on the host under http://172.16.28.2.
+
 Success! The rest of the guide can now be followed normally.
 
 ## rkt basics

diff --git a/Vagrantfile b/Vagrantfile
@@ -1,19 +1,19 @@
 Vagrant.configure('2') do |config|
-    # grab Ubuntu 15.10 official image
-    config.vm.box = "ubuntu/wily64" # Ubuntu 15.10
+    config.vm.box = "ubuntu/xenial64" # Ubuntu 16.04
 
     # fix issues with slow dns http://serverfault.com/a/595010
     config.vm.provider :virtualbox do |vb, override|
         vb.customize ["modifyvm", :id, "--natdnshostresolver1", "on"]
         vb.customize ["modifyvm", :id, "--natdnsproxy1", "on"]
-        # add more ram, the default isn't enough for the build
         vb.customize ["modifyvm", :id, "--memory", "1024"]
     end
 
     config.vm.provider :libvirt do |libvirt, override|
         libvirt.memory = 1024
     end
 
-    config.vm.synced_folder ".", "/vagrant", type: "rsync"
-    config.vm.provision :shell, :privileged => true, :path => "scripts/install-vagrant.sh"
+    config.vm.network "private_network", type: "dhcp"
+    config.vm.provision :shell, :privileged => true, :path => "scripts/install-rkt.sh"
+    config.vm.provision :shell, :inline => "usermod -a -G rkt-admin ubuntu"
+    config.vm.provision :shell, :inline => "usermod -a -G rkt ubuntu"
 end
diff --git a/scripts/install-acbuild.sh b/scripts/install-acbuild.sh
diff --git a/scripts/install-common.sh b/scripts/install-common.sh
diff --git a/scripts/install-go.sh b/scripts/install-go.sh
diff --git a/scripts/install-rkt.sh b/scripts/install-rkt.sh
@@ -1,6 +1,65 @@
 #!/bin/bash
-
 set -e
+set -x
+
+cd $(mktemp -d)
+
+version="1.8.0"
+
+export DEBIAN_FRONTEND=noninteractive
+
+apt-get update
+apt-get install -y --no-install-recommends \
+        ca-certificates \
+        gnupg2 \
+        bash-completion \
+        checkinstall
+
+curl -sSL https://coreos.com/dist/pubkeys/app-signing-pubkey.gpg | gpg2 --import -
+key=$(gpg2 --with-colons --keyid-format LONG -k security@coreos.com | egrep ^pub | cut -d ':' -f5)
+
+wget --progress=bar:force https://github.com/coreos/rkt/releases/download/v"${version}"/rkt-v"${version}".tar.gz
+wget --progress=bar:force https://github.com/coreos/rkt/releases/download/v"${version}"/rkt-v"${version}".tar.gz.asc
+gpg2 --trusted-key "${key}" --verify-files *.asc
+
+tar xvzf rkt-v"${version}".tar.gz
+
+cat <<EOF >install-pak
+#!/bin/bash
+
+for flavor in fly coreos kvm; do
+    install -Dm644 rkt-v${version}/stage1-\${flavor}.aci /usr/lib/rkt/stage1-images/stage1-\${flavor}.aci
+done
+
+install -Dm755 rkt-v${version}/rkt /usr/bin/rkt
+
+for f in rkt-v${version}/manpages/*; do
+    install -Dm644 "\${f}" "/usr/share/man/man1/\$(basename \$f)"
+done
+
+install -Dm644 rkt-v${version}/bash_completion/rkt.bash /usr/share/bash-completion/completions/rkt
+install -Dm644 rkt-v${version}/init/systemd/tmpfiles.d/rkt.conf /usr/lib/tmpfiles.d/rkt.conf
+
+for unit in rkt-gc.{timer,service} rkt-metadata.{socket,service}; do
+    install -Dm644 rkt-v${version}/init/systemd/\$unit /usr/lib/systemd/system/\$unit
+done
+EOF
+chmod +x install-pak
+
+cat <<EOF >preinstall-pak
+#!/bin/sh
+
+groupadd --force --system rkt-admin
+groupadd --force --system rkt
+EOF
+chmod +x preinstall-pak
+
+cp rkt-v"${version}"/scripts/setup-data-dir.sh postinstall-pak
+chmod +x postinstall-pak
+
+cat <<EOF >>postinstall-pak
+systemctl daemon-reload
+systemd-tmpfiles --create /usr/lib/tmpfiles.d/rkt.conf
+EOF
 
-BUILDDIR=${BUILDDIR:-$PWD/build-rkt*}
-sudo cp -v $BUILDDIR/bin/* /usr/local/bin
+checkinstall -y --pkgname=rkt --pkgversion="${version}" ./install-pak