/etc/rktrunner.toml - configuration file for rkt-run


rkt = string # path to rkt program

default-interactive-cmd = string # shell for interactive containers

preserve-cwd = bool # whether to change to the host working directory in the container

use-path = bool # whether to use the container path to find the entry point

Note: use-path is only useful when using stage1-fly, and is a work-around for this issue.

worker-pods = bool # run user/image applications within a single worker pod

restrict-images = bool # allow only images for which aliases have been defined

exec-slave-dir = string # host directory containing rkt-run-slave program



name = value # environment variable for container


[options.mode] # mode is one of interactive, batch, common

general = list-of-string # options passed to rkt program

run = list-of-string # options passed to run subcommand

image = list-of-string # options passed to image



string = string # substitution performed on image prefix


[volume. identifier ]

volume = string # parameters passed to --volume

mount = string # parameters passed to --mount

on-request = bool # only include this volume if requested by user


[alias. identifier ]

image = string # image name

exec = list-of-string # executables within image to expose as rkt-run aliases

passwd = list-of-string # entries to append to passwd file

group = list-of-string # entries to append to group file

host-timezone = bool # set pod timezone from host

environment-update = list-of-string # environment variable names to update in rkt enter

environment-blacklist = list-of-string # environment variable names to omit for this alias

[alias. identifier .environment]

name = value # environment variable override for this image


The following template variables may be used, in addition to any environment variable.

{{.HomeDir}} user home directory

{{.Username}} user login name

{{.Uid}} numerical user id

{{.Gid}} numerical group id


rkt = "/usr/bin/rkt"
preserve-cwd = true
exec-slave-dir = "/usr/libexec/rktrunner"
default-interactive-cmd = "sh"

# these are passed in a file, not on the command line
HOME = "/home/{{.Username}}"
http_proxy = "{{.http_proxy}}"
https_proxy = "{{.https_proxy}}"

general = ["--insecure-options=image"]
run = [
image = [
    "--seccomp", "mode=retain,@docker/default-whitelist,mbind",  # for Julia, see

"biocontainers/" = "docker://biocontainers/"

volume = "kind=host,source={{.HomeDir}}"
mount = "target=/home/{{.Username}}"

volume = "kind=host,source=/dataset"
mount = "target=/dataset"

volume = "kind=host,source=/bifo"
mount = "target=/bifo"

volume = "kind=empty,uid={{.Uid}},gid={{.Gid}}"

volume = "kind=empty,uid={{.Uid}},gid={{.Gid}}"

# Aliases - keep alphabetical
# By convention, we append an underscore to the aliases for images
# which don't have a default executable.

image = ""
exec = ["blastn","blastp","blastx","tblastn","tblastx"]

image = "docker://julia"
exec = ["julia"]

image = "docker://ruby"
exec = ["ruby", "irb"]