SlideShare uma empresa Scribd logo

Kubernetes CRI containerd integration by Lantao Liu (Google)

Transferir como PPTX, PDF
Docker, Inc.
Docker, Inc.

The document discusses Container Runtime Interface (CRI) and CRI-Containerd, a CRI implementation using containerd. CRI allows Kubernetes to interface with multiple container runtimes via gRPC. Containerd aligns well with CRI requirements for managing containers. CRI-Containerd uses containerd to support CRI, and its 1.0.0-alpha.0 release aims to be feature complete with all Kubernetes tests passing by the end of September 2017. Future work includes more testing, bug fixes, and documentation to support a 1.0.0-beta.0 release by end of year.

Tecnologia
1 de 19
Kubernetes Container Integration - CRI-Container 14 Sept, 2017 Lantao Liu <Random-Liu@github> Google Kubernetes Abhinandan Prativadi <abhinandanpb@github> Docker
Contents ● Container Runtime Interface (CRI) ● CRI & Containerd ● CRI-Containerd ● Q & A
Contents ● Container Runtime Interface (CRI) ● CRI & Containerd ● CRI-Containerd ● Q & A
Container Runtime Interface ● What is Container Runtime Interface (CRI) ? ○ A gRPC interface and a group of libraries ○ Enables Kubernetes to use a wide variety of container runtimes ○ Introduced in Kubernetes 1.5 Kubelet CRI gRPC client CRI shim CRI gRPC server container runtime container container container container container
Container Runtime Interface ● CRI Runtimes ○ cri-containerd: https://github.com/kubernetes-incubator/cri-containerd ○ cri-o: https://github.com/kubernetes-incubator/cri-o ○ Docker (Upstream): https://github.com/kubernetes/kubernetes/tree/master/pkg/kubelet/dockershim ○ frakti: https://github.com/kubernetes/frakti ○ rktlet: https://github.com/kubernetes-incubator/rktlet ○ virtlet: https://github.com/Mirantis/virtlet ● CRI Tools https://github.com/kubernetes-incubator/cri-tools ○ critest: CRI Validation Test Suite ○ crictl: CRI Command Line Tool
Contents ● Container Runtime Interface (CRI) ● CRI & Containerd ● CRI-Containerd ● Q & A
CRI & Containerd ● The scope of containerd 1.0 aligns with the requirement of CRI. Name CRI Requirement Containerd 1.0 Scope Container Lifecycle Management Create/Start/Stop/Delete/Lis t/Inspect In Image Management Pull/List/Inspect In Networking K8s handles pod and service network, container runtime SHOULD NOT provide extra network solution. Out No concrete network solution. User can setup network namespace, and put container into it.
CRI & Containerd ● Continued Name CRI Requirement Containerd Scope Volumes K8s manages volumes. Container runtime SHOULD NOT provide extra volume support. Out No volume management. User can setup host path, and mount into container. Persistent Container Logging K8s has specific requirements for persistent container logging, namely format and path. Container runtime SHOULD NOT persist an unmanageable log. Out No persistent container logging. Container stdio is provided as FIFOs, which can be redirected/decorated as is required.
CRI & Containerd ● Continued Name CRI Requirement Containerd Scope Metrics K8s expects container runtime to provide container metrics (CPU, Memory, Writable Layer Size etc.) and image filesystem usage. In Containerd provides these metrics as part of the API.
CRI & Containerd ● Other alignments with Kubernetes: ○ Decentralized container management - containerd-shim. ■ Live restore. ■ Charge container management overhead to corresponding pod. ○ Decoupled image and container management. ■ Support other image formats (e.g. tarball) ○ Extensible image management: ■ Client-driven Image Download ■ Snapshotter ○ Support OCI image/runtime spec. ○ CNCF project. ○ ...
Contents ● Container Runtime Interface (CRI) ● CRI & Containerd ● CRI-Containerd ● Q & A
CRI-Containerd ● cri-containerd: A containerd based implementation of CRI. ○ https://github.com/kubernetes-incubator/cri-containerd ○ Kubernetes incubator project. ○ Started in April 2017. containercontainerKubelet dockershim docker container d container container CRI containercontainer Kubelet cri-containerd container d container container CRI dockershim cri-containerd
CRI-Containerd Architecture Pod B Pod A Cgroups Pod A Namespaces cri-containerd sandbox container containerd shim image service runtime service Kubelet gRPC Client containerd shim container A ocicni
CRI-Containerd Status ● Dependencies: ○ Kubernetes: >= v1.7 ○ containerd: v1.0.0-beta.0 (daily/weekly update) ○ CNI: v0.6.0 (Spec Version: 0.3.1) ● All features in CRI (K8s 1.8) supported other than 3 missing features being added soon: ○ Seccomp. Under review. ○ Metrics. Kubelet and containerd changes merged, cri-containerd support in 1-2 weeks. ○ Mount Propagation (K8s 1.8): Under review. ● 37/37 CRI validation tests passing (Per-PR test) ● 180/182 node e2e tests passing (Per-PR test) ○ Running the same set of K8s PR node e2e test.
CRI-Containerd Plan for 2017 ● 1.0.0-alpha.0 by the end of September. ○ Feature Complete. ○ All Kubernetes PR node e2e tests passing. ○ Use kubeadm to bring up Kubernetes cri-containerd cluster. ○ Release tarball for distribution and installation. ● Q4: Additional testing, bug fixes and documentation. ○ Test: Setup FULL SET of node/cluster e2e test in Kubernetes test infra. ■ Suites: Slow, Serial, Reboot, Performance etc. ■ OS: Ubuntu, COS (Container-Optimized OS) etc. ○ Ease of use: ■ Documentation. ■ Polish kubeadm integration. ■ kube-up.sh integration. ○ 1.0.0-beta.0 by the end of 2017.
Demo ● Demo Focus: ○ Installation ○ Cluster lifecycle ○ Networking ○ Namespace management ○ Mount Propagation ○ Pod operations ○ Sample Demo App
Recap ● CRI is the standard way to integrate Container Runtime with Kubernetes. ● New containerd matches CRI and Kubernetes’ requirement very well. ● CRI-Containerd 1.0.0-alpha.0 is releasing by the end of September. It will be feature complete.
Links ● Github: https://github.com/kubernetes-incubator/cri-containerd ● Slack: https://kubernetes.slack.com/messages/sig-node ● Mailing List: https://groups.google.com/forum/#!forum/kubernetes- sig-node ● Maintainers: ○ Lantao Liu <lantaol@google.com> ○ Abhi Prativadi <abhi@docker.com> ○ Mike Brown <brownwm@us.ibm.com>
Q & A

Recomendados

A look into the sanitizer family (ASAN & UBSAN) by Akul Pillai
A look into the sanitizer family (ASAN & UBSAN) by Akul PillaiA look into the sanitizer family (ASAN & UBSAN) by Akul Pillai
A look into the sanitizer family (ASAN & UBSAN) by Akul Pillai
Cysinfo Cyber Security Community
 
USENIX Vault'19: Performance analysis in Linux storage stack with BPF
USENIX Vault'19: Performance analysis in Linux storage stack with BPFUSENIX Vault'19: Performance analysis in Linux storage stack with BPF
USENIX Vault'19: Performance analysis in Linux storage stack with BPF
Taeung Song
 
BPF Internals (eBPF)
BPF Internals (eBPF)BPF Internals (eBPF)
BPF Internals (eBPF)
Brendan Gregg
 
Performance Wins with eBPF: Getting Started (2021)
Performance Wins with eBPF: Getting Started (2021)Performance Wins with eBPF: Getting Started (2021)
Performance Wins with eBPF: Getting Started (2021)
Brendan Gregg
 
Linux Performance Analysis: New Tools and Old Secrets
Linux Performance Analysis: New Tools and Old SecretsLinux Performance Analysis: New Tools and Old Secrets
Linux Performance Analysis: New Tools and Old Secrets
Brendan Gregg
 
Blazing Performance with Flame Graphs
Blazing Performance with Flame GraphsBlazing Performance with Flame Graphs
Blazing Performance with Flame Graphs
Brendan Gregg
 
eBPF Workshop
eBPF WorkshopeBPF Workshop
eBPF Workshop
Michael Kehoe
 
CKAN overview
CKAN overviewCKAN overview
CKAN overview
Augusto Herrmann Batista
 

Recomendados

A look into the sanitizer family (ASAN & UBSAN) by Akul Pillai
A look into the sanitizer family (ASAN & UBSAN) by Akul PillaiA look into the sanitizer family (ASAN & UBSAN) by Akul Pillai
A look into the sanitizer family (ASAN & UBSAN) by Akul Pillai
Cysinfo Cyber Security Community
 
USENIX Vault'19: Performance analysis in Linux storage stack with BPF
USENIX Vault'19: Performance analysis in Linux storage stack with BPFUSENIX Vault'19: Performance analysis in Linux storage stack with BPF
USENIX Vault'19: Performance analysis in Linux storage stack with BPF
Taeung Song
 
BPF Internals (eBPF)
BPF Internals (eBPF)BPF Internals (eBPF)
BPF Internals (eBPF)
Brendan Gregg
 
Performance Wins with eBPF: Getting Started (2021)
Performance Wins with eBPF: Getting Started (2021)Performance Wins with eBPF: Getting Started (2021)
Performance Wins with eBPF: Getting Started (2021)
Brendan Gregg
 
Linux Performance Analysis: New Tools and Old Secrets
Linux Performance Analysis: New Tools and Old SecretsLinux Performance Analysis: New Tools and Old Secrets
Linux Performance Analysis: New Tools and Old Secrets
Brendan Gregg
 
Blazing Performance with Flame Graphs
Blazing Performance with Flame GraphsBlazing Performance with Flame Graphs
Blazing Performance with Flame Graphs
Brendan Gregg
 
eBPF Workshop
eBPF WorkshopeBPF Workshop
eBPF Workshop
Michael Kehoe
 
CKAN overview
CKAN overviewCKAN overview
CKAN overview
Augusto Herrmann Batista
 
Git and Github slides.pdf
Git and Github slides.pdfGit and Github slides.pdf
Git and Github slides.pdf
Tilton2
 
Collaborative writing technologies: Overleaf for institutions
Collaborative writing technologies: Overleaf for institutionsCollaborative writing technologies: Overleaf for institutions
Collaborative writing technologies: Overleaf for institutions
Digital Science
 
Linux Profiling at Netflix
Linux Profiling at NetflixLinux Profiling at Netflix
Linux Profiling at Netflix
Brendan Gregg
 
Kubernetes #6 advanced scheduling
Kubernetes #6 advanced schedulingKubernetes #6 advanced scheduling
Kubernetes #6 advanced scheduling
Terry Cho
 
Spark on Kubernetes
Spark on KubernetesSpark on Kubernetes
Spark on Kubernetes
datamantra
 
eBPF - Rethinking the Linux Kernel
eBPF - Rethinking the Linux KerneleBPF - Rethinking the Linux Kernel
eBPF - Rethinking the Linux Kernel
Thomas Graf
 
Producer Performance Tuning for Apache Kafka
Producer Performance Tuning for Apache KafkaProducer Performance Tuning for Apache Kafka
Producer Performance Tuning for Apache Kafka
Jiangjie Qin
 
[232] 성능어디까지쥐어짜봤니 송태웅
[232] 성능어디까지쥐어짜봤니 송태웅[232] 성능어디까지쥐어짜봤니 송태웅
[232] 성능어디까지쥐어짜봤니 송태웅
NAVER D2
 
Storing 16 Bytes at Scale
Storing 16 Bytes at ScaleStoring 16 Bytes at Scale
Storing 16 Bytes at Scale
Fabian Reinartz
 
Disaster Recovery Options Running Apache Kafka in Kubernetes with Rema Subra...
Disaster Recovery Options Running Apache Kafka in Kubernetes with Rema Subra... Disaster Recovery Options Running Apache Kafka in Kubernetes with Rema Subra...
Disaster Recovery Options Running Apache Kafka in Kubernetes with Rema Subra...
HostedbyConfluent
 
Oak, the Architecture of the new Repository
Oak, the Architecture of the new RepositoryOak, the Architecture of the new Repository
Oak, the Architecture of the new Repository
Michael Dürig
 
Meet cute-between-ebpf-and-tracing
Meet cute-between-ebpf-and-tracingMeet cute-between-ebpf-and-tracing
Meet cute-between-ebpf-and-tracing
Viller Hsiao
 
Anatomy of a Container: Namespaces, cgroups & Some Filesystem Magic - LinuxCon
Anatomy of a Container: Namespaces, cgroups & Some Filesystem Magic - LinuxConAnatomy of a Container: Namespaces, cgroups & Some Filesystem Magic - LinuxCon
Anatomy of a Container: Namespaces, cgroups & Some Filesystem Magic - LinuxCon
Jérôme Petazzoni
 
Virtual Flink Forward 2020: A deep dive into Flink SQL - Jark Wu
Virtual Flink Forward 2020: A deep dive into Flink SQL - Jark WuVirtual Flink Forward 2020: A deep dive into Flink SQL - Jark Wu
Virtual Flink Forward 2020: A deep dive into Flink SQL - Jark Wu
Flink Forward
 
eBPF Perf Tools 2019
eBPF Perf Tools 2019eBPF Perf Tools 2019
eBPF Perf Tools 2019
Brendan Gregg
 
Introduction to eBPF
Introduction to eBPFIntroduction to eBPF
Introduction to eBPF
RogerColl2
 
Google Kubernetes Engine (GKE) deep dive
Google Kubernetes Engine (GKE) deep diveGoogle Kubernetes Engine (GKE) deep dive
Google Kubernetes Engine (GKE) deep dive
Akash Agrawal
 
eBPF Trace from Kernel to Userspace
eBPF Trace from Kernel to UserspaceeBPF Trace from Kernel to Userspace
eBPF Trace from Kernel to Userspace
SUSE Labs Taipei
 
Receive side scaling (RSS) with eBPF in QEMU and virtio-net
Receive side scaling (RSS) with eBPF in QEMU and virtio-netReceive side scaling (RSS) with eBPF in QEMU and virtio-net
Receive side scaling (RSS) with eBPF in QEMU and virtio-net
Yan Vugenfirer
 
Kafka tiered-storage-meetup-2022-final-presented
Kafka tiered-storage-meetup-2022-final-presentedKafka tiered-storage-meetup-2022-final-presented
Kafka tiered-storage-meetup-2022-final-presented
Sumant Tambe
 
Containerd internals: building a core container runtime
Containerd internals: building a core container runtimeContainerd internals: building a core container runtime
Containerd internals: building a core container runtime
Docker, Inc.
 
containerd and CRI
containerd and CRIcontainerd and CRI
containerd and CRI
Docker, Inc.
 

Mais conteúdo relacionado

Mais procurados

Disaster Recovery Options Running Apache Kafka in Kubernetes with Rema Subra...
Disaster Recovery Options Running Apache Kafka in Kubernetes with Rema Subra... Disaster Recovery Options Running Apache Kafka in Kubernetes with Rema Subra...
Disaster Recovery Options Running Apache Kafka in Kubernetes with Rema Subra...
HostedbyConfluent
 
Virtual Flink Forward 2020: A deep dive into Flink SQL - Jark Wu
Virtual Flink Forward 2020: A deep dive into Flink SQL - Jark WuVirtual Flink Forward 2020: A deep dive into Flink SQL - Jark Wu
Virtual Flink Forward 2020: A deep dive into Flink SQL - Jark Wu
Flink Forward
 
Kafka tiered-storage-meetup-2022-final-presented
Kafka tiered-storage-meetup-2022-final-presentedKafka tiered-storage-meetup-2022-final-presented
Kafka tiered-storage-meetup-2022-final-presented
Sumant Tambe
 

Mais procurados (20)

Git and Github slides.pdf
Git and Github slides.pdfGit and Github slides.pdf
Git and Github slides.pdf
 
Collaborative writing technologies: Overleaf for institutions
Collaborative writing technologies: Overleaf for institutionsCollaborative writing technologies: Overleaf for institutions
Collaborative writing technologies: Overleaf for institutions
 
Linux Profiling at Netflix
Linux Profiling at NetflixLinux Profiling at Netflix
Linux Profiling at Netflix
 
Kubernetes #6 advanced scheduling
Kubernetes #6 advanced schedulingKubernetes #6 advanced scheduling
Kubernetes #6 advanced scheduling
 
Spark on Kubernetes
Spark on KubernetesSpark on Kubernetes
Spark on Kubernetes
 
eBPF - Rethinking the Linux Kernel
eBPF - Rethinking the Linux KerneleBPF - Rethinking the Linux Kernel
eBPF - Rethinking the Linux Kernel
 
Producer Performance Tuning for Apache Kafka
Producer Performance Tuning for Apache KafkaProducer Performance Tuning for Apache Kafka
Producer Performance Tuning for Apache Kafka
 
[232] 성능어디까지쥐어짜봤니 송태웅
[232] 성능어디까지쥐어짜봤니 송태웅[232] 성능어디까지쥐어짜봤니 송태웅
[232] 성능어디까지쥐어짜봤니 송태웅
 
Storing 16 Bytes at Scale
Storing 16 Bytes at ScaleStoring 16 Bytes at Scale
Storing 16 Bytes at Scale
 
Disaster Recovery Options Running Apache Kafka in Kubernetes with Rema Subra...
Disaster Recovery Options Running Apache Kafka in Kubernetes with Rema Subra... Disaster Recovery Options Running Apache Kafka in Kubernetes with Rema Subra...
Disaster Recovery Options Running Apache Kafka in Kubernetes with Rema Subra...
 
Oak, the Architecture of the new Repository
Oak, the Architecture of the new RepositoryOak, the Architecture of the new Repository
Oak, the Architecture of the new Repository
 
Meet cute-between-ebpf-and-tracing
Meet cute-between-ebpf-and-tracingMeet cute-between-ebpf-and-tracing
Meet cute-between-ebpf-and-tracing
 
Anatomy of a Container: Namespaces, cgroups & Some Filesystem Magic - LinuxCon
Anatomy of a Container: Namespaces, cgroups & Some Filesystem Magic - LinuxConAnatomy of a Container: Namespaces, cgroups & Some Filesystem Magic - LinuxCon
Anatomy of a Container: Namespaces, cgroups & Some Filesystem Magic - LinuxCon
 
Virtual Flink Forward 2020: A deep dive into Flink SQL - Jark Wu
Virtual Flink Forward 2020: A deep dive into Flink SQL - Jark WuVirtual Flink Forward 2020: A deep dive into Flink SQL - Jark Wu
Virtual Flink Forward 2020: A deep dive into Flink SQL - Jark Wu
 
eBPF Perf Tools 2019
eBPF Perf Tools 2019eBPF Perf Tools 2019
eBPF Perf Tools 2019
 
Introduction to eBPF
Introduction to eBPFIntroduction to eBPF
Introduction to eBPF
 
Google Kubernetes Engine (GKE) deep dive
Google Kubernetes Engine (GKE) deep diveGoogle Kubernetes Engine (GKE) deep dive
Google Kubernetes Engine (GKE) deep dive
 
eBPF Trace from Kernel to Userspace
eBPF Trace from Kernel to UserspaceeBPF Trace from Kernel to Userspace
eBPF Trace from Kernel to Userspace
 
Receive side scaling (RSS) with eBPF in QEMU and virtio-net
Receive side scaling (RSS) with eBPF in QEMU and virtio-netReceive side scaling (RSS) with eBPF in QEMU and virtio-net
Receive side scaling (RSS) with eBPF in QEMU and virtio-net
 
Kafka tiered-storage-meetup-2022-final-presented
Kafka tiered-storage-meetup-2022-final-presentedKafka tiered-storage-meetup-2022-final-presented
Kafka tiered-storage-meetup-2022-final-presented
 

Destaque

Containerd internals: building a core container runtime
Containerd internals: building a core container runtimeContainerd internals: building a core container runtime
Containerd internals: building a core container runtime
Docker, Inc.
 
Modernizing .NET Apps
Modernizing .NET AppsModernizing .NET Apps
Modernizing .NET Apps
Docker, Inc.
 
Modernizing Java Apps with Docker
Modernizing Java Apps with DockerModernizing Java Apps with Docker
Modernizing Java Apps with Docker
Docker, Inc.
 
Deep Dive into Docker Swarm Mode
Deep Dive into Docker Swarm ModeDeep Dive into Docker Swarm Mode
Deep Dive into Docker Swarm Mode
Ajeet Singh Raina
 
Plug-ins: Building, Shipping, Storing, and Running - Nandhini Santhanam and T...
Plug-ins: Building, Shipping, Storing, and Running - Nandhini Santhanam and T...Plug-ins: Building, Shipping, Storing, and Running - Nandhini Santhanam and T...
Plug-ins: Building, Shipping, Storing, and Running - Nandhini Santhanam and T...
Docker, Inc.
 

Destaque (20)

Containerd internals: building a core container runtime
Containerd internals: building a core container runtimeContainerd internals: building a core container runtime
Containerd internals: building a core container runtime
 
containerd and CRI
containerd and CRIcontainerd and CRI
containerd and CRI
 
State of Builder and Buildkit by Tonis Tiigi (Docker)
State of Builder and Buildkit by Tonis Tiigi (Docker)State of Builder and Buildkit by Tonis Tiigi (Docker)
State of Builder and Buildkit by Tonis Tiigi (Docker)
 
LinuxKit: the first five months by Justin Cormack & Riyaz Faizullabhoy (Docker)
LinuxKit: the first five months by Justin Cormack & Riyaz Faizullabhoy (Docker)LinuxKit: the first five months by Justin Cormack & Riyaz Faizullabhoy (Docker)
LinuxKit: the first five months by Justin Cormack & Riyaz Faizullabhoy (Docker)
 
Bucketbench: Benchmarking Container Runtime Performance
Bucketbench: Benchmarking Container Runtime PerformanceBucketbench: Benchmarking Container Runtime Performance
Bucketbench: Benchmarking Container Runtime Performance
 
Container Orchestration from Theory to Practice
Container Orchestration from Theory to PracticeContainer Orchestration from Theory to Practice
Container Orchestration from Theory to Practice
 
Deeper Dive in Docker Overlay Networks
Deeper Dive in Docker Overlay NetworksDeeper Dive in Docker Overlay Networks
Deeper Dive in Docker Overlay Networks
 
Container-relevant Upstream Kernel Developments
Container-relevant Upstream Kernel DevelopmentsContainer-relevant Upstream Kernel Developments
Container-relevant Upstream Kernel Developments
 
Modernizing .NET Apps
Modernizing .NET AppsModernizing .NET Apps
Modernizing .NET Apps
 
Modernizing Java Apps with Docker
Modernizing Java Apps with DockerModernizing Java Apps with Docker
Modernizing Java Apps with Docker
 
Docker summit 2015: 以 Docker Swarm 打造多主機叢集環境
Docker summit 2015: 以 Docker Swarm 打造多主機叢集環境Docker summit 2015: 以 Docker Swarm 打造多主機叢集環境
Docker summit 2015: 以 Docker Swarm 打造多主機叢集環境
 
Introduction to Docker - IndiaOpsUG
Introduction to Docker - IndiaOpsUGIntroduction to Docker - IndiaOpsUG
Introduction to Docker - IndiaOpsUG
 
Kubernetes in Docker
Kubernetes in DockerKubernetes in Docker
Kubernetes in Docker
 
Docker on Docker
Docker on DockerDocker on Docker
Docker on Docker
 
Monitoring Dell Infrastructure using Docker & Microservices
Monitoring Dell Infrastructure using Docker & MicroservicesMonitoring Dell Infrastructure using Docker & Microservices
Monitoring Dell Infrastructure using Docker & Microservices
 
Practical Design Patterns in Docker Networking
Practical Design Patterns in Docker NetworkingPractical Design Patterns in Docker Networking
Practical Design Patterns in Docker Networking
 
Deep Dive into Docker Swarm Mode
Deep Dive into Docker Swarm ModeDeep Dive into Docker Swarm Mode
Deep Dive into Docker Swarm Mode
 
Service Discovery & Load-Balancing under Docker 1.12.0 @ Docker Meetup #22
Service Discovery & Load-Balancing under Docker 1.12.0 @ Docker Meetup #22Service Discovery & Load-Balancing under Docker 1.12.0 @ Docker Meetup #22
Service Discovery & Load-Balancing under Docker 1.12.0 @ Docker Meetup #22
 
What's New in Docker 1.12?
What's New in Docker 1.12?What's New in Docker 1.12?
What's New in Docker 1.12?
 
Plug-ins: Building, Shipping, Storing, and Running - Nandhini Santhanam and T...
Plug-ins: Building, Shipping, Storing, and Running - Nandhini Santhanam and T...Plug-ins: Building, Shipping, Storing, and Running - Nandhini Santhanam and T...
Plug-ins: Building, Shipping, Storing, and Running - Nandhini Santhanam and T...
 

Semelhante a Kubernetes CRI containerd integration by Lantao Liu (Google)

Introduction to Container Storage Interface (CSI)
Introduction to Container Storage Interface (CSI)Introduction to Container Storage Interface (CSI)
Introduction to Container Storage Interface (CSI)
Idan Atias
 
containerd the universal container runtime
containerd the universal container runtimecontainerd the universal container runtime
containerd the universal container runtime
Docker, Inc.
 
Kubernetes for Beginners
Kubernetes for BeginnersKubernetes for Beginners
Kubernetes for Beginners
DigitalOcean
 
4. CNCF kubernetes Comparison of-existing-cni-plugins-for-kubernetes
4. CNCF kubernetes Comparison of-existing-cni-plugins-for-kubernetes4. CNCF kubernetes Comparison of-existing-cni-plugins-for-kubernetes
4. CNCF kubernetes Comparison of-existing-cni-plugins-for-kubernetes
Juraj Hantak
 

Semelhante a Kubernetes CRI containerd integration by Lantao Liu (Google) (20)

CRI-containerd
CRI-containerdCRI-containerd
CRI-containerd
 
Introduction to Kubernetes Workshop
Introduction to Kubernetes WorkshopIntroduction to Kubernetes Workshop
Introduction to Kubernetes Workshop
 
Introduction to Container Storage Interface (CSI)
Introduction to Container Storage Interface (CSI)Introduction to Container Storage Interface (CSI)
Introduction to Container Storage Interface (CSI)
 
Introduction to kubernetes
Introduction to kubernetesIntroduction to kubernetes
Introduction to kubernetes
 
Cicd pixelfederation
Cicd pixelfederationCicd pixelfederation
Cicd pixelfederation
 
containerd the universal container runtime
containerd the universal container runtimecontainerd the universal container runtime
containerd the universal container runtime
 
Cinder On-boarding Room - Berlin (11-13-2018)
Cinder On-boarding Room - Berlin (11-13-2018)Cinder On-boarding Room - Berlin (11-13-2018)
Cinder On-boarding Room - Berlin (11-13-2018)
 
Kubernetes & Google Kubernetes Engine (GKE)
Kubernetes & Google Kubernetes Engine (GKE)Kubernetes & Google Kubernetes Engine (GKE)
Kubernetes & Google Kubernetes Engine (GKE)
 
[Global logic] container runtimes and kubernetes
[Global logic] container runtimes and kubernetes[Global logic] container runtimes and kubernetes
[Global logic] container runtimes and kubernetes
 
Kubernetes for Beginners
Kubernetes for BeginnersKubernetes for Beginners
Kubernetes for Beginners
 
kubernetes.pdf
kubernetes.pdfkubernetes.pdf
kubernetes.pdf
 
To Russia with Love: Deploying Kubernetes in Exotic Locations On Prem
To Russia with Love: Deploying Kubernetes in Exotic Locations On PremTo Russia with Love: Deploying Kubernetes in Exotic Locations On Prem
To Russia with Love: Deploying Kubernetes in Exotic Locations On Prem
 
OpenStack Cinder On-Boarding Room - Vancouver Summit 2018
OpenStack Cinder On-Boarding Room - Vancouver Summit 2018OpenStack Cinder On-Boarding Room - Vancouver Summit 2018
OpenStack Cinder On-Boarding Room - Vancouver Summit 2018
 
[KubeCon EU 2020] containerd Deep Dive
[KubeCon EU 2020] containerd Deep Dive[KubeCon EU 2020] containerd Deep Dive
[KubeCon EU 2020] containerd Deep Dive
 
4. CNCF kubernetes Comparison of-existing-cni-plugins-for-kubernetes
4. CNCF kubernetes Comparison of-existing-cni-plugins-for-kubernetes4. CNCF kubernetes Comparison of-existing-cni-plugins-for-kubernetes
4. CNCF kubernetes Comparison of-existing-cni-plugins-for-kubernetes
 
reBuy on Kubernetes
reBuy on KubernetesreBuy on Kubernetes
reBuy on Kubernetes
 
Kubernetes and Cloud Native Update Q4 2018
Kubernetes and Cloud Native Update Q4 2018Kubernetes and Cloud Native Update Q4 2018
Kubernetes and Cloud Native Update Q4 2018
 
Comparison of existing cni plugins for kubernetes
Comparison of existing cni plugins for kubernetesComparison of existing cni plugins for kubernetes
Comparison of existing cni plugins for kubernetes
 
Containerizing MongoDB with kubernetes
Containerizing MongoDB with kubernetesContainerizing MongoDB with kubernetes
Containerizing MongoDB with kubernetes
 
Cinder Update, OpenInfra Meetup Q3 China, 2020-09-26
Cinder Update, OpenInfra Meetup Q3 China, 2020-09-26Cinder Update, OpenInfra Meetup Q3 China, 2020-09-26
Cinder Update, OpenInfra Meetup Q3 China, 2020-09-26
 

Mais de Docker, Inc.

Build & Deploy Multi-Container Applications to AWS
Build & Deploy Multi-Container Applications to AWSBuild & Deploy Multi-Container Applications to AWS
Build & Deploy Multi-Container Applications to AWS
Docker, Inc.
 
Distributed Deep Learning with Docker at Salesforce
Distributed Deep Learning with Docker at SalesforceDistributed Deep Learning with Docker at Salesforce
Distributed Deep Learning with Docker at Salesforce
Docker, Inc.
 
Monitoring in a Microservices World
Monitoring in a Microservices WorldMonitoring in a Microservices World
Monitoring in a Microservices World
Docker, Inc.
 
COVID-19 in Italy: How Docker is Helping the Biggest Italian IT Company Conti...
COVID-19 in Italy: How Docker is Helping the Biggest Italian IT Company Conti...COVID-19 in Italy: How Docker is Helping the Biggest Italian IT Company Conti...
COVID-19 in Italy: How Docker is Helping the Biggest Italian IT Company Conti...
Docker, Inc.
 
Predicting Space Weather with Docker
Predicting Space Weather with DockerPredicting Space Weather with Docker
Predicting Space Weather with Docker
Docker, Inc.
 
Monolithic to Microservices + Docker = SDLC on Steroids!
Monolithic to Microservices + Docker = SDLC on Steroids!Monolithic to Microservices + Docker = SDLC on Steroids!
Monolithic to Microservices + Docker = SDLC on Steroids!
Docker, Inc.
 
Kubernetes at Datadog Scale
Kubernetes at Datadog ScaleKubernetes at Datadog Scale
Kubernetes at Datadog Scale
Docker, Inc.
 
Build & Deploy Multi-Container Applications to AWS
Build & Deploy Multi-Container Applications to AWSBuild & Deploy Multi-Container Applications to AWS
Build & Deploy Multi-Container Applications to AWS
Docker, Inc.
 
From Fortran on the Desktop to Kubernetes in the Cloud: A Windows Migration S...
From Fortran on the Desktop to Kubernetes in the Cloud: A Windows Migration S...From Fortran on the Desktop to Kubernetes in the Cloud: A Windows Migration S...
From Fortran on the Desktop to Kubernetes in the Cloud: A Windows Migration S...
Docker, Inc.
 

Mais de Docker, Inc. (20)

Containerize Your Game Server for the Best Multiplayer Experience
Containerize Your Game Server for the Best Multiplayer Experience Containerize Your Game Server for the Best Multiplayer Experience
Containerize Your Game Server for the Best Multiplayer Experience
 
How to Improve Your Image Builds Using Advance Docker Build
How to Improve Your Image Builds Using Advance Docker BuildHow to Improve Your Image Builds Using Advance Docker Build
How to Improve Your Image Builds Using Advance Docker Build
 
Build & Deploy Multi-Container Applications to AWS
Build & Deploy Multi-Container Applications to AWSBuild & Deploy Multi-Container Applications to AWS
Build & Deploy Multi-Container Applications to AWS
 
Securing Your Containerized Applications with NGINX
Securing Your Containerized Applications with NGINXSecuring Your Containerized Applications with NGINX
Securing Your Containerized Applications with NGINX
 
How To Build and Run Node Apps with Docker and Compose
How To Build and Run Node Apps with Docker and ComposeHow To Build and Run Node Apps with Docker and Compose
How To Build and Run Node Apps with Docker and Compose
 
Hands-on Helm
Hands-on Helm Hands-on Helm
Hands-on Helm
 
Distributed Deep Learning with Docker at Salesforce
Distributed Deep Learning with Docker at SalesforceDistributed Deep Learning with Docker at Salesforce
Distributed Deep Learning with Docker at Salesforce
 
The First 10M Pulls: Building The Official Curl Image for Docker Hub
The First 10M Pulls: Building The Official Curl Image for Docker HubThe First 10M Pulls: Building The Official Curl Image for Docker Hub
The First 10M Pulls: Building The Official Curl Image for Docker Hub
 
Monitoring in a Microservices World
Monitoring in a Microservices WorldMonitoring in a Microservices World
Monitoring in a Microservices World
 
COVID-19 in Italy: How Docker is Helping the Biggest Italian IT Company Conti...
COVID-19 in Italy: How Docker is Helping the Biggest Italian IT Company Conti...COVID-19 in Italy: How Docker is Helping the Biggest Italian IT Company Conti...
COVID-19 in Italy: How Docker is Helping the Biggest Italian IT Company Conti...
 
Predicting Space Weather with Docker
Predicting Space Weather with DockerPredicting Space Weather with Docker
Predicting Space Weather with Docker
 
Become a Docker Power User With Microsoft Visual Studio Code
Become a Docker Power User With Microsoft Visual Studio CodeBecome a Docker Power User With Microsoft Visual Studio Code
Become a Docker Power User With Microsoft Visual Studio Code
 
How to Use Mirroring and Caching to Optimize your Container Registry
How to Use Mirroring and Caching to Optimize your Container RegistryHow to Use Mirroring and Caching to Optimize your Container Registry
How to Use Mirroring and Caching to Optimize your Container Registry
 
Monolithic to Microservices + Docker = SDLC on Steroids!
Monolithic to Microservices + Docker = SDLC on Steroids!Monolithic to Microservices + Docker = SDLC on Steroids!
Monolithic to Microservices + Docker = SDLC on Steroids!
 
Kubernetes at Datadog Scale
Kubernetes at Datadog ScaleKubernetes at Datadog Scale
Kubernetes at Datadog Scale
 
Labels, Labels, Labels
Labels, Labels, Labels Labels, Labels, Labels
Labels, Labels, Labels
 
Using Docker Hub at Scale to Support Micro Focus' Delivery and Deployment Model
Using Docker Hub at Scale to Support Micro Focus' Delivery and Deployment ModelUsing Docker Hub at Scale to Support Micro Focus' Delivery and Deployment Model
Using Docker Hub at Scale to Support Micro Focus' Delivery and Deployment Model
 
Build & Deploy Multi-Container Applications to AWS
Build & Deploy Multi-Container Applications to AWSBuild & Deploy Multi-Container Applications to AWS
Build & Deploy Multi-Container Applications to AWS
 
From Fortran on the Desktop to Kubernetes in the Cloud: A Windows Migration S...
From Fortran on the Desktop to Kubernetes in the Cloud: A Windows Migration S...From Fortran on the Desktop to Kubernetes in the Cloud: A Windows Migration S...
From Fortran on the Desktop to Kubernetes in the Cloud: A Windows Migration S...
 
Developing with Docker for the Arm Architecture
Developing with Docker for the Arm ArchitectureDeveloping with Docker for the Arm Architecture
Developing with Docker for the Arm Architecture
 

Último

Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Miguel Araújo
 
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FMECloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Safe Software
 
Ransomware_Q4_2023. The report. [EN].pdf
Ransomware_Q4_2023. The report. [EN].pdfRansomware_Q4_2023. The report. [EN].pdf
Ransomware_Q4_2023. The report. [EN].pdf
Overkill Security
 
Why Teams call analytics are critical to your entire business
Why Teams call analytics are critical to your entire businessWhy Teams call analytics are critical to your entire business
Why Teams call analytics are critical to your entire business
panagenda
 
A Year of the Servo Reboot: Where Are We Now?
A Year of the Servo Reboot: Where Are We Now?A Year of the Servo Reboot: Where Are We Now?
A Year of the Servo Reboot: Where Are We Now?
Igalia
 

Último (20)

Manulife - Insurer Transformation Award 2024
Manulife - Insurer Transformation Award 2024Manulife - Insurer Transformation Award 2024
Manulife - Insurer Transformation Award 2024
 
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemkeProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
 
Apidays Singapore 2024 - Modernizing Securities Finance by Madhu Subbu
Apidays Singapore 2024 - Modernizing Securities Finance by Madhu SubbuApidays Singapore 2024 - Modernizing Securities Finance by Madhu Subbu
Apidays Singapore 2024 - Modernizing Securities Finance by Madhu Subbu
 
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
 
Apidays New York 2024 - The value of a flexible API Management solution for O...
Apidays New York 2024 - The value of a flexible API Management solution for O...Apidays New York 2024 - The value of a flexible API Management solution for O...
Apidays New York 2024 - The value of a flexible API Management solution for O...
 
EMPOWERMENT TECHNOLOGY GRADE 11 QUARTER 2 REVIEWER
EMPOWERMENT TECHNOLOGY GRADE 11 QUARTER 2 REVIEWEREMPOWERMENT TECHNOLOGY GRADE 11 QUARTER 2 REVIEWER
EMPOWERMENT TECHNOLOGY GRADE 11 QUARTER 2 REVIEWER
 
Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...
Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...
Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...
 
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FMECloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
 
DBX First Quarter 2024 Investor Presentation
DBX First Quarter 2024 Investor PresentationDBX First Quarter 2024 Investor Presentation
DBX First Quarter 2024 Investor Presentation
 
Powerful Google developer tools for immediate impact! (2023-24 C)
Powerful Google developer tools for immediate impact! (2023-24 C)Powerful Google developer tools for immediate impact! (2023-24 C)
Powerful Google developer tools for immediate impact! (2023-24 C)
 
Boost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdfBoost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdf
 
Apidays New York 2024 - Accelerating FinTech Innovation by Vasa Krishnan, Fin...
Apidays New York 2024 - Accelerating FinTech Innovation by Vasa Krishnan, Fin...Apidays New York 2024 - Accelerating FinTech Innovation by Vasa Krishnan, Fin...
Apidays New York 2024 - Accelerating FinTech Innovation by Vasa Krishnan, Fin...
 
Ransomware_Q4_2023. The report. [EN].pdf
Ransomware_Q4_2023. The report. [EN].pdfRansomware_Q4_2023. The report. [EN].pdf
Ransomware_Q4_2023. The report. [EN].pdf
 
Why Teams call analytics are critical to your entire business
Why Teams call analytics are critical to your entire businessWhy Teams call analytics are critical to your entire business
Why Teams call analytics are critical to your entire business
 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected Worker
 
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, AdobeApidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe
 
ICT role in 21st century education and its challenges
ICT role in 21st century education and its challengesICT role in 21st century education and its challenges
ICT role in 21st century education and its challenges
 
A Year of the Servo Reboot: Where Are We Now?
A Year of the Servo Reboot: Where Are We Now?A Year of the Servo Reboot: Where Are We Now?
A Year of the Servo Reboot: Where Are We Now?
 
AXA XL - Insurer Innovation Award Americas 2024
AXA XL - Insurer Innovation Award Americas 2024AXA XL - Insurer Innovation Award Americas 2024
AXA XL - Insurer Innovation Award Americas 2024
 
Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost Saving
Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost SavingRepurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost Saving
Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost Saving
 

Kubernetes CRI containerd integration by Lantao Liu (Google)

  • 1. Kubernetes Container Integration - CRI-Container 14 Sept, 2017 Lantao Liu <Random-Liu@github> Google Kubernetes Abhinandan Prativadi <abhinandanpb@github> Docker
  • 2. Contents ● Container Runtime Interface (CRI) ● CRI & Containerd ● CRI-Containerd ● Q & A
  • 3. Contents ● Container Runtime Interface (CRI) ● CRI & Containerd ● CRI-Containerd ● Q & A
  • 4. Container Runtime Interface ● What is Container Runtime Interface (CRI) ? ○ A gRPC interface and a group of libraries ○ Enables Kubernetes to use a wide variety of container runtimes ○ Introduced in Kubernetes 1.5 Kubelet CRI gRPC client CRI shim CRI gRPC server container runtime container container container container container
  • 5. Container Runtime Interface ● CRI Runtimes ○ cri-containerd: https://github.com/kubernetes-incubator/cri-containerd ○ cri-o: https://github.com/kubernetes-incubator/cri-o ○ Docker (Upstream): https://github.com/kubernetes/kubernetes/tree/master/pkg/kubelet/dockershim ○ frakti: https://github.com/kubernetes/frakti ○ rktlet: https://github.com/kubernetes-incubator/rktlet ○ virtlet: https://github.com/Mirantis/virtlet ● CRI Tools https://github.com/kubernetes-incubator/cri-tools ○ critest: CRI Validation Test Suite ○ crictl: CRI Command Line Tool
  • 6. Contents ● Container Runtime Interface (CRI) ● CRI & Containerd ● CRI-Containerd ● Q & A
  • 7. CRI & Containerd ● The scope of containerd 1.0 aligns with the requirement of CRI. Name CRI Requirement Containerd 1.0 Scope Container Lifecycle Management Create/Start/Stop/Delete/Lis t/Inspect In Image Management Pull/List/Inspect In Networking K8s handles pod and service network, container runtime SHOULD NOT provide extra network solution. Out No concrete network solution. User can setup network namespace, and put container into it.
  • 8. CRI & Containerd ● Continued Name CRI Requirement Containerd Scope Volumes K8s manages volumes. Container runtime SHOULD NOT provide extra volume support. Out No volume management. User can setup host path, and mount into container. Persistent Container Logging K8s has specific requirements for persistent container logging, namely format and path. Container runtime SHOULD NOT persist an unmanageable log. Out No persistent container logging. Container stdio is provided as FIFOs, which can be redirected/decorated as is required.
  • 9. CRI & Containerd ● Continued Name CRI Requirement Containerd Scope Metrics K8s expects container runtime to provide container metrics (CPU, Memory, Writable Layer Size etc.) and image filesystem usage. In Containerd provides these metrics as part of the API.
  • 10. CRI & Containerd ● Other alignments with Kubernetes: ○ Decentralized container management - containerd-shim. ■ Live restore. ■ Charge container management overhead to corresponding pod. ○ Decoupled image and container management. ■ Support other image formats (e.g. tarball) ○ Extensible image management: ■ Client-driven Image Download ■ Snapshotter ○ Support OCI image/runtime spec. ○ CNCF project. ○ ...
  • 11. Contents ● Container Runtime Interface (CRI) ● CRI & Containerd ● CRI-Containerd ● Q & A
  • 12. CRI-Containerd ● cri-containerd: A containerd based implementation of CRI. ○ https://github.com/kubernetes-incubator/cri-containerd ○ Kubernetes incubator project. ○ Started in April 2017. containercontainerKubelet dockershim docker container d container container CRI containercontainer Kubelet cri-containerd container d container container CRI dockershim cri-containerd
  • 13. CRI-Containerd Architecture Pod B Pod A Cgroups Pod A Namespaces cri-containerd sandbox container containerd shim image service runtime service Kubelet gRPC Client containerd shim container A ocicni
  • 14. CRI-Containerd Status ● Dependencies: ○ Kubernetes: >= v1.7 ○ containerd: v1.0.0-beta.0 (daily/weekly update) ○ CNI: v0.6.0 (Spec Version: 0.3.1) ● All features in CRI (K8s 1.8) supported other than 3 missing features being added soon: ○ Seccomp. Under review. ○ Metrics. Kubelet and containerd changes merged, cri-containerd support in 1-2 weeks. ○ Mount Propagation (K8s 1.8): Under review. ● 37/37 CRI validation tests passing (Per-PR test) ● 180/182 node e2e tests passing (Per-PR test) ○ Running the same set of K8s PR node e2e test.
  • 15. CRI-Containerd Plan for 2017 ● 1.0.0-alpha.0 by the end of September. ○ Feature Complete. ○ All Kubernetes PR node e2e tests passing. ○ Use kubeadm to bring up Kubernetes cri-containerd cluster. ○ Release tarball for distribution and installation. ● Q4: Additional testing, bug fixes and documentation. ○ Test: Setup FULL SET of node/cluster e2e test in Kubernetes test infra. ■ Suites: Slow, Serial, Reboot, Performance etc. ■ OS: Ubuntu, COS (Container-Optimized OS) etc. ○ Ease of use: ■ Documentation. ■ Polish kubeadm integration. ■ kube-up.sh integration. ○ 1.0.0-beta.0 by the end of 2017.
  • 16. Demo ● Demo Focus: ○ Installation ○ Cluster lifecycle ○ Networking ○ Namespace management ○ Mount Propagation ○ Pod operations ○ Sample Demo App
  • 17. Recap ● CRI is the standard way to integrate Container Runtime with Kubernetes. ● New containerd matches CRI and Kubernetes’ requirement very well. ● CRI-Containerd 1.0.0-alpha.0 is releasing by the end of September. It will be feature complete.
  • 18. Links ● Github: https://github.com/kubernetes-incubator/cri-containerd ● Slack: https://kubernetes.slack.com/messages/sig-node ● Mailing List: https://groups.google.com/forum/#!forum/kubernetes- sig-node ● Maintainers: ○ Lantao Liu <lantaol@google.com> ○ Abhi Prativadi <abhi@docker.com> ○ Mike Brown <brownwm@us.ibm.com>
  • 19. Q & A