Home Explore Blog CI



kubernetes

2nd chunk of `content/en/blog/_posts/2017-11-00-Containerd-Container-Runtime-Options-Kubernetes.md`
f1050ab94ebcbfa88178c0c23d613ccd7600ccffbb068e7c00000001000008e2
|-|-|-|
| Container Lifecycle Management | In | Container Create/Start/Stop/Delete/List/Inspect (✔️) |
| Image Management | In | Pull/List/Inspect (✔️) |
| Networking | Out  No concrete network solution. User can setup network namespace and put containers into it. | Kubernetes networking deals with pods, rather than containers, so container runtimes should not provide complex networking solutions that  don't satisfy requirements. (✔️) |
| Volumes | Out, No volume management. User can setup host path, and mount it into container. |Kubernetes manages volumes. Container runtimes should not provide internal volume management that may conflict with Kubernetes. (✔️) |
| Persistent Container Logging | Out, No persistent container log. Container STDIO is provided as FIFOs, which can be redirected/decorated as is required. | Kubernetes has specific requirements for persistent container logs, such as format and path etc. Container runtimes should not  persist an unmanageable container log. (✔️) |
| Metrics | In  Containerd provides container and snapshot metrics as part of the API. | Kubernetes expects container runtime to provide container metrics (CPU, Memory, writable layer size, etc.) and image filesystem usage (disk, inode usage, etc.). (✔️) |
Overall, from a technical perspective, containerd is a very good alternative container runtime for Kubernetes.|





## cri-containerd

[Cri-containerd](https://github.com/kubernetes-incubator/cri-containerd) is exactly that: an implementation of CRI for containerd. It operates on the same node as the Kubelet and containerd. Layered between Kubernetes and containerd, cri-containerd handles all CRI service requests from the Kubelet and uses containerd to manage containers and container images. Cri-containerd manages these service requests in part by forming containerd service requests while adding sufficient additional function to support the CRI requirements.  

 
  

Compared with the current Docker CRI implementation ([dockershim](https://github.com/kubernetes/kubernetes/tree/master/pkg/kubelet/dockershim)), cri-containerd eliminates an extra hop in the stack, making the stack more stable and efficient.

Title: cri-containerd: Implementing CRI for Containerd
Summary
This section introduces cri-containerd, an implementation of the Container Runtime Interface (CRI) specifically designed for containerd. It operates on the same node as the Kubelet and containerd, acting as an intermediary that handles CRI service requests from the Kubelet and utilizes containerd to manage containers and container images. By implementing CRI, cri-containerd bridges the gap between Kubernetes and containerd. The provided images illustrate how cri-containerd streamlines the container runtime stack compared to the Docker CRI implementation (dockershim), eliminating an extra hop and enhancing stability and efficiency.