Skip to main content

CoreOS brings open source distributed systems components to the next level

Today at CoreOS Fest 2016 in Berlin, we recognize the hard work of the community that helped get us where we are, and dive into the latest news about some of our most beloved projects and products, including etcd, rkt, Clair, and more.

Community shout outs

Before we discuss our projects, there are certain members of the community to thank. There are people at CoreOS Fest that have traveled from China, Japan, Ukraine, Spain, USA, Iran and more. Thank you for taking the time to join us today and every day to invest in our open source projects that will move security of the Internet and the state of distributed systems forward. Some people to highlight that are here with us today include:

Simone Gotti Simone was an early contributor to rkt and helped to improve parts all over the code base, most notably the image store. Most recently, he has turned his attention to further improving the design of the image store to natively support the new OCI Image format.

Hitoshi Mitake Hitoshi has lead the design and implementation of the etcd v3 authentication API, and has also made improvements to tests, documentation, and the etcd Raft library.

Julien Garcia Gonzalez Julien has contributed to Clair and built a command line tool and proxy using the Clair libraries, called hyperclair.

Simon Lallemand Simon and the team at Blablacar have been some of the most enthusiastic adopters of rkt and appc, and have provided invaluable feedback and input into their design and features.

Frode Nordahl Frode built the Dex LDAP integration, which allows LDAP identities to be extended to the web identity world of OpenID Connect (OIDC).

There are thousands of others in the community who have made contributions to our projects through code, issues, and documentation. Thank you everyone! We look forward to continuing this journey with you.

Open source developments

We are announcing some exciting news during this celebration: The first beta of etcd v3; the introduction of quayctl, enabling high-efficiency appc and Docker container image downloads over the BitTorrent protocol; and a new open source inter-service authentication tool, JWT Proxy. In addition, rkt's integration with Kubernetes continues, and rkt is on track to be a first class container engine option for Kubernetes v1.3.

etcd v3 beta: Faster and more scalable

With a redesigned storage engine and next-gen API, etcd v3 is faster and even more scalable than etcd v2. By utilizing gRPC, etcd v3 handles tens of thousands of requests per second. etcd3 provides incremental snapshots for reliable and sustainable high performance by avoiding latency spikes during background housekeeping tasks. Garbage collection performance has also improved, with off-heap storage allowing etcd v3 to store millions of keys without slowing the GC sweep. And with the new storage engine, etcd 3 is approximately 10x more memory efficient than etcd v2.

You can grab the beta release today from the etcd releases page.

BitTorrent and Quay: A match for efficiency

We are excited today to announce support for pulling appc and Docker container images using BitTorrent, with the new quayctl tool. Developers will save time on deployment of their containers, as well as benefit from increased efficiency thanks to the ability to use BitTorrent with Quay. This is a preview feature and tool, and integrates with both the rkt and Docker container engines. We look forward to having you try it out and hearing your feedback.

Download and try it out from the quayctl GitHub release page.

Open sourcing JWT Proxy, service-to-service authentication

Security is of utmost importance to us here at CoreOS and flows through everything we do. We created JWT Proxy to secure communication between Quay and Clair, our container image security scanner. JWT Proxy provides a general tool to enable secure service-to-service authentication, even across services written in different languages. JWT Proxy has been invaluable to us, and because of that we are making it available to anyone looking to add further security to their applications.

To learn more, visit JWT Proxy on GitHub.

rktnetes, rkt to become a first class citizen in Kubernetes

Derek Gonyeo from the rkt team at CoreOS is giving a status update on "rktnetes", our effort to add first class support to Kubernetes for using rkt as its container runtime. Currently rkt passes over 92% of the common end-to-end tests in Kubernetes, and we're hoping to have our first official release of these efforts by late June. For the curious, instructions on how to spin up your own rktnetes cluster are available in the Kubernetes documentation.

More to come

We are very proud of our community and engineering collaboration over the past year. We would not be where we are today without all of you. Stay tuned for more updates from CoreOS Fest by following this blog and #CoreOSFest on Twitter!