Skip to main content

skydns from docker to rkt

I'm trying to move my projects from docker to rkt for reasons described by the CoreOS team and my own personal feelings about docker. As a result I was able to get my skydns container to run nicely as a rkt container.


  • CoreOS - kinda optional
  • rkt
  • docker2aci - I forked this project so that [a] it could run statically in the CoreOS host and [b] so that I did not have to trust another binary
The process is pretty simple:
  • convert the docker container to a rkt container
    ./docker2aci docker://skynetservices/skydns
  • run the rkt version
    sudo rkt run --net=host  --insecure-options=image skynetservices-skydns-latest.aci --exec="/skydns"
There is some room for improvement in the RUN. For example, daemon vs interactive; and whether the DNS server is to be bridged to the host or the container subnet. Then you have to make some choices about how the containers are going to talk and how skydns is going to connect to etcd, fleet, and possibly flannel.

There was some doc that suggested that I run skydns like this:

systemd-run --slice=machine rkt run --net=host  --insecure-options=image /home/rbucker/bin/skynetservices-skydns-latest.aci --exec="/skydns"

Bus since I wanted to use fleet my service file looked like:

Description=skydns service

ExecStart=/usr/bin/rkt run --net=host  --insecure-options=image /home/rbucker/bin/skynetservices-skydns-latest.aci --exec="/skydns"



It's probably not an ideal configuration but it seems to work.  The idea it RUN the container until is stops and then RESTART is. This assumes that the stop is a FAILURE.

Pushing DNS this hard is starting to make me wonder if I should not be using kubernetes after all. A recent solo-kube video makes me believe it might be the right way to go. In the meantime this is what I have.

Popular posts from this blog

Prometheus vs Bosun

In conclusion... while Bosun(B) is still not the ideal monitoring system neither is Prometheus(P).


I am running Bosun in a Docker container hosted on CoreOS. Fleet service/unit files keep it running. However in once case I have experienced at least one severe crash as a result of a disk full condition. That it is implemented as part golang, java and python is an annoyance. The MIT license is about the only good thing.

I am trying to integrate Prometheus into my pipeline but losing steam fast. The Prometheus design seems to desire that you integrate your own cache inside your application and then allow the server to scrape the data, however, if the interval between scrapes is shorter than the longest transient session of your application then you need a gateway. A place to shuttle your data that will be a little more persistent.

(1) storing the data in my application might get me started more quickly
(2) getting the server to pull the data might be more secure
(3) using a push g…

Entry level cost for CoreOS+Tectonic

CoreOS and Tectonic start their pricing at 10 servers. Managed CoreOS starts at $1000 per month for those first 10 servers and Tectonic is $5000 for the same 10 servers. Annualized that is $85K or at least one employee depending on your market. As a single employee company I'd rather hire the employee. Specially since I only have 3 servers.

The pricing is biased toward the largest servers with the largest capacities; my dual core 32GB i5 IntelNuc can never be mistaken for a 96-CPU dual or quad core DELL

If CoreOS does not figure out a different barrier of entry they are going to follow the Borland path to obscurity.

Weave vs Flannel

While Weave and Flannel have some features in common weave includes DNS for service discovery and a wrapper process for capturing that info. In order to get some parity you'd need to add a DNS service like SkyDNS and then write your own script to weave the two together.
In Weave your fleet file might have some of this:
[Service] . . . ExecStartPre=/opt/bin/weave run --net=host --name bob ncx/bob ExecStart=/usr/bin/docker attach bob
In sky + flannel it might look like:
[Service] . . . ExecStartPre=docker run -d --net=host --name bob ncx/bob ExecStartPre=etcdctl set /skydns/local/ncx/bob '{"host":"`docker inspect --format '{{ .NetworkSettings.IPAddress }}' bob`","port":8080}' ExecStart=/usr/bin/docker attach bob
I'd like it to look like this:
[Service] . . . ExecStartPre=skyrun --net=host --name bob ncx/bob ExecStart=/usr/bin/docker attach bob
That's the intent anyway. I'm not sure the exact commands will work and that's partly why we…