Skip to content

klihub/containerd

Repository files navigation

cri-containerd

Build Status Go Report Card

cri-containerd is a containerd based implementation of Kubernetes container runtime interface (CRI).

With it, you could run Kubernetes using containerd as the container runtime. cri-containerd

Current Status

cri-containerd is in beta:

See test dashboard

Support Metrics

CRI-Containerd Version Kubernetes Version
v1.0.0-alpha.x 1.7, 1.8
v1.0.0-beta.x 1.9+

Production Quality Cluster on GCE

For a production quality cluster on GCE brought up with kube-up.sh refer here.

Installing with Ansible and Kubeadm

For a multi node cluster installer and bring up steps using ansible and kubeadm refer here.

Custom Installation

For non ansible users, you can download the cri-containerd release tarball and deploy kubernetes cluster using kubeadm as described here.

Getting Started for Developers

Binary Dependencies and Specifications

The current release of cri-containerd has the following dependencies:

See versions of these dependencies cri-containerd is tested with.

As containerd and runc move to their respective general availability releases, we will do our best to rebase/retest cri-containerd with these releases on a weekly/monthly basis. Similarly, given that cri-containerd uses the Open Container Initiative (OCI) image and runtime specifications, we will also do our best to update cri-containerd to the latest releases of these specifications as appropriate.

Install Dependencies

  1. Install development libraries:
  • libseccomp development library. Required by cri-containerd and runc seccomp support. libseccomp-dev (Ubuntu, Debian) / libseccomp-devel (Fedora, CentOS, RHEL). On releases of Ubuntu <=Trusty and Debian <=jessie a backport version of libsecomp-dev is required. See travis.yml for an example on trusty.
  • libapparmor development library. Required by cri-containerd and runc apparmor support. To use apparmor on Debian, Ubuntu, and related distributions the installation of libapparmor-dev is required.
  • btrfs development library. Required by containerd btrfs support. btrfs-tools(Ubuntu, Debian) / btrfs-progs-devel(Fedora, CentOS, RHEL)
  1. Install other dependencies:
  • nsenter: Required by CNI and portforward.
  • socat: Required by portforward.
  1. Install and setup a go 1.9.x development environment.
  2. Make a local clone of this repository.
  3. Install binary dependencies by running the following command from your cloned cri-containerd/ project directory:
# Note: install.deps installs the above mentioned runc, containerd, and CNI
# binary dependencies. install.deps is only provided for general use and ease of
# testing. To customize `runc` and `containerd` build tags and/or to configure
# `cni`, please follow instructions in their documents.
make install.deps

Build and Install cri-containerd

To build and install cri-containerd enter the following commands from your cri-containerd project directory:

make
sudo make install

Build Tags

cri-containerd supports optional build tags for compiling support of various features. To add build tags to the make option the BUILDTAGS variable must be set.

make BUILD_TAGS='seccomp apparmor'
Build Tag Feature Dependency
seccomp syscall filtering libseccomp development library
selinux selinux process and mount labeling
apparmor apparmor profile support libapparmor development library

Validate Your cri-containerd Setup

Another Kubernetes incubator project called cri-tools includes programs for exercising CRI implementations such as cri-containerd. More importantly, cri-tools includes the program critest which is used for running CRI Validation Testing.

Run the CRI Validation test to validate your installation of cri-containerd:

make test-cri

Running a Kubernetes local cluster

If you already have a working development environment for supported Kubernetes version, you can try cri-containerd in a local cluster:

  1. Start containerd as root in a first terminal:
sudo containerd
  1. Start cri-containerd as root in a second terminal:
sudo cri-containerd -v 2 --alsologtostderr
  1. From the Kubernetes project directory startup a local cluster using cri-containerd:
CONTAINER_RUNTIME=remote CONTAINER_RUNTIME_ENDPOINT='/var/run/cri-containerd.sock' ./hack/local-up-cluster.sh

Test

See here for information about test.

Using crictl

See here for information about using crictl to debug pods, containers, and images.

Documentation

See here for additional documentation.

Contributing

Interested in contributing? Check out the documentation.

Kubernetes Incubator

This is a Kubernetes Incubator project. The project was established 2017/4/13. The incubator team for the project is:

For more information about sig-node and the cri-containerd project:

Code of Conduct

Participation in the Kubernetes community is governed by the Kubernetes Code of Conduct.

About

An open and reliable container runtime

Resources

License

Code of conduct

Stars

Watchers

Forks

Packages

No packages published

Languages

  • Go 97.5%
  • Shell 1.7%
  • Other 0.8%