Everything About Docker
- Linux kernel 3.10 or higher required
% cat /etc/containerd/config.toml
# explicitly use v2 config format
version = 2
# set default runtime handler to v2, which has a per-pod shim
[plugins."io.containerd.grpc.v1.cri".containerd]
default_runtime_name = "runc"
[plugins."io.containerd.grpc.v1.cri".containerd.runtimes.runc]
runtime_type = "io.containerd.runc.v2"
# Setup a runtime with the magic name ("test-handler") used for Kubernetes
# runtime class tests ...
[plugins."io.containerd.grpc.v1.cri".containerd.runtimes.test-handler]
runtime_type = "io.containerd.runc.v2"
# ensure the sandbox image matches kubeadm
# TODO: probably we should instead just use the containerd default
# Implementing the pod sandbox is a CRI implementation detail ..
[plugins."io.containerd.grpc.v1.cri"]
sandbox_image = "k8s.gcr.io/pause:3.2"
% cat /etc/crictl.yaml
runtime-endpoint: unix:///var/run/containerd/containerd.sock
Containerd vs. RunC
As detailed here:
containerdis a container runtime which can manage a complete container lifecycle – from image transfer/storage (locally and from/to registries) to container execution, supervision and networking. Containerd abides by the client-side of the OCI Distribution spec.containerd-shimhandles headless containers, meaning onceruncinitializes the containers, it exits handing the containers over to the container-shim which acts as some middleman.runcis a lightweight universal container runtime, which abides by the OCI specification. runc is used by containerd for spawning and running containers according to OCI spec. It is also the repackaging of Docker’s libcontainer.