evolution of container runtime : containerD

evolution of container runtime : containerD

Brief history of container runtimes and how containerD is implemented as evolved runtime, by fixing complexities existed in docker.


Kunal Kushwaha

June 15, 2017


  1. Evolution of Container Runtime Kunal Kushwaha @kunalkushwaha container

  2. Container Runtime Component that provides core primitives to manage containers

    on a host • Container execution and supervision • Image distribution • Network Interfaces and management • Local storage • Native plumbing level API
  3. Pre-Docker era - Linux VServer 2002 - OpenVZ 2005 -

    FreeBSD Jails 2005 - Solaris Containers. 2005 - LXC 2008 - End users were administrators. - Focused on running process in isolated environment.
  4. Docker - First release March 2013 - Started as Container

    Engine - Focused on packaging application with its dependencies. - Smart packaging of application in layered approach enabled sharing between images. - Efficiently using layered image with AUFS for creating containers. - End users were developers and QA. - Focused on - Application packaging. - Recreating and sharing of application on different machines/environment. - Saving time and space for dev/QA environment.
  5. Rise of Docker - Ported to all major platforms. -

    Not only AUFS, but also devicemapper, btrfs, overlayfs, zfs etc - Image Security - Content Addressable Storage (CAS) introduced in docker v1.10 - More feature. - Image builder, security - Backward compatibility. - Technical debt? - Ecosystem. - Networking, Storage, Logging, Orchestrator solutions.
  6. Conflict of Thoughts - Docker being daemon. - Docker image

    format. - Default docker workflow (dockerhub) - Docker 1.12 (SwarmMode) Noooooo Some people don’t like this!!
  7. None
  8. Containerd Project • Started in November 2015 to control runc,

    the OCI runtime • Used by Docker since 1.11 in 2016 as a container runtime • Relaunched in December 2016 with new scope • Docker now using 0.2.x branch • 1.0 master branch is where the new work is taking place Entirely new scope, and donated to CNCF
  9. “containerd is designed to be embedded into a larger system,

    rather than being used directly by developers or end-users. containerd will serve as a core container runtime for the CNCF ecosystem.”
  10. Containerd’s role in Ecosystem

  11. So, Containerd is strip down Docker? - Simple design, fixes

    complexities from Docker - Smaller component with narrower focus - GRPC interfaces for all services - Long term interface stability - Supports OCI images & Runtimes - Supports Multitenancy (Namespaces) - Portable - Limited Scope - No Networking - No Volumes - No Build - No logging • Containerd Services ◦ Content ◦ Images ◦ Rootfs ◦ Execution ◦ Shim No!, Containerd is an evolution, not a rewrite
  12. Containerd Architecture

  13. Storage Architecture Docker Containerd dist ctr Config Rootfs(mounts)

  14. Benefits of Containerd. - Simple & evolved design - Easy

    to contribute - Easy to maintain - Designed as per OCI specs. - Acceptance of standards for containers by community. - No Lockin. - Plugin architecture - Easy to extend. - Limited scope - Only features, which has consensus. - No bloating due unwanted features. - Multitenancy (Namespaces) - Run multiple orchestrator on same host, without interference.
  15. Is Containerd project for me? - End user of Docker

    / Kubernetes - No, Probably you can continue using same. The change will happen implicitly and you may not realize it. - Cloud Providers - Yes, build your container service directly with integrating containerd. - Use docker, but don’t use its high level features. - No, If you have no issues with those high level features. - Probably Yes. If you know what you want exactly you want, and ready to develop on top of Containerd. - Running custom containers along with docker containers - Yes, using namespace feature, running custom containers is safe and easy.
  16. Current state of Containerd. - Feature complete for 1.0, by

    end of month(June). - Integration testing is planned. - Kubernetes CRI for containerd. - https://github.com/kubernetes-incubator/cri-containerd - AWS integration. - https://github.com/samuelkarp/amazon-ecs-agent/tree/containerd - Benchmarking/stress test. - https://github.com/estesp/bucketbench
  17. Get Involved - Slack - github.com/containerd/containerd - #containerd (dockercommunity.slack.com) -

    #japanese - join and discuss in japanese - Weekly development report : - https://github.com/containerd/containerd/tree/master/reports - Follow on Twitter - @containerd
  18. ありがとう Thanks