Evolution of Container Runtime Kunal Kushwaha @kunalkushwaha container

Container Runtime Component that provides core primitives to manage containers on a host ● Container execution and supervision ● Image distribution ● Network Interfaces and management ● Local storage ● Native plumbing level API

Pre-Docker era - Linux VServer 2002 - OpenVZ 2005 - FreeBSD Jails 2005 - Solaris Containers. 2005 - LXC 2008 - End users were administrators. - Focused on running process in isolated environment.

Docker - First release March 2013 - Started as Container Engine - Focused on packaging application with its dependencies. - Smart packaging of application in layered approach enabled sharing between images. - Efficiently using layered image with AUFS for creating containers. - End users were developers and QA. - Focused on - Application packaging. - Recreating and sharing of application on different machines/environment. - Saving time and space for dev/QA environment.

Rise of Docker - Ported to all major platforms. - Not only AUFS, but also devicemapper, btrfs, overlayfs, zfs etc - Image Security - Content Addressable Storage (CAS) introduced in docker v1.10 - More feature. - Image builder, security - Backward compatibility. - Technical debt? - Ecosystem. - Networking, Storage, Logging, Orchestrator solutions.

Conflict of Thoughts - Docker being daemon. - Docker image format. - Default docker workflow (dockerhub) - Docker 1.12 (SwarmMode) Noooooo Some people don’t like this!!

No content

Containerd Project ● Started in November 2015 to control runc, the OCI runtime ● Used by Docker since 1.11 in 2016 as a container runtime ● Relaunched in December 2016 with new scope ● Docker now using 0.2.x branch ● 1.0 master branch is where the new work is taking place Entirely new scope, and donated to CNCF

“containerd is designed to be embedded into a larger system, rather than being used directly by developers or end-users. containerd will serve as a core container runtime for the CNCF ecosystem.”

Containerd’s role in Ecosystem

So, Containerd is strip down Docker? - Simple design, fixes complexities from Docker - Smaller component with narrower focus - GRPC interfaces for all services - Long term interface stability - Supports OCI images & Runtimes - Supports Multitenancy (Namespaces) - Portable - Limited Scope - No Networking - No Volumes - No Build - No logging ● Containerd Services ○ Content ○ Images ○ Rootfs ○ Execution ○ Shim No!, Containerd is an evolution, not a rewrite

Containerd Architecture

Storage Architecture Docker Containerd dist ctr Config Rootfs(mounts)

Benefits of Containerd. - Simple & evolved design - Easy to contribute - Easy to maintain - Designed as per OCI specs. - Acceptance of standards for containers by community. - No Lockin. - Plugin architecture - Easy to extend. - Limited scope - Only features, which has consensus. - No bloating due unwanted features. - Multitenancy (Namespaces) - Run multiple orchestrator on same host, without interference.

Is Containerd project for me? - End user of Docker / Kubernetes - No, Probably you can continue using same. The change will happen implicitly and you may not realize it. - Cloud Providers - Yes, build your container service directly with integrating containerd. - Use docker, but don’t use its high level features. - No, If you have no issues with those high level features. - Probably Yes. If you know what you want exactly you want, and ready to develop on top of Containerd. - Running custom containers along with docker containers - Yes, using namespace feature, running custom containers is safe and easy.

Current state of Containerd. - Feature complete for 1.0, by end of month(June). - Integration testing is planned. - Kubernetes CRI for containerd. - https://github.com/kubernetes-incubator/cri-containerd - AWS integration. - https://github.com/samuelkarp/amazon-ecs-agent/tree/containerd - Benchmarking/stress test. - https://github.com/estesp/bucketbench

Get Involved - Slack - github.com/containerd/containerd - #containerd (dockercommunity.slack.com) - #japanese - join and discuss in japanese - Weekly development report : - https://github.com/containerd/containerd/tree/master/reports - Follow on Twitter - @containerd

ありがとう Thanks