Kubernetes is a container orchestrator platform, not the docker platform. It means we can switch to a different container solutions in the Kubernetes environment and the key point is the CRI, container runtime intface. We will talked about what is the CRI and how to use it in the Kubernetes world, we also introduce what is the OCI, the basic concept of the OCI, inclduing Runtime spec and Image spec.
5. Open Container Initiative
Established in June 2015 by Docker and other leaders in the container industry.
The OCI currently contains two speci
fi
cations
Runtime speci
fi
cation
Image speci
fi
cation
OCI would download an OCI image then unpack that image into an OCI Runtime
fi
lesystem bundle.
The OCI Runtime Bundle would be run by an OCI Runtime.
6. Workfl ow
Image (spec)
Con
fi
g layers
Bundle Container Process
Runtime Con
fi
g Roots
Image Spec Runtime Spec
unpack create
delete
An OCI image will be downloaded from somewhere (Docker hub) and then
it will be unpacked into an OCI Runtime
fi
lesystem bundle.
OCI Runtime Bundle will be run by an OCI Runtime, The Runtime
Speci
fi
cation de
fi
nes how to run a "
fi
lesystem bundle"
7. Image Speci
fi
cation
De
fi
nes the archive format of OCI container images
Consist of a manifest, an image index, a set of
fi
lesystem
layers and a con
fi
guration.
Enable the creation of interoperable tools for building,
transporting, and preparing a container image to run.
9. Runtime Speci
fi
cation
Speci
fi
es the con
fi
guration, execution environment, and lifecycle of a container.
Con
fi
guration
Metadata necessary to implement standard operations against the container.
Includes the process to run, environment variables.
Lifecycle
create/prestart/createRuntime/createContainer/poststart/delete/poststop
22. How Kubernetes Works(v4)
OCI/runtime-spec runc
libcontainer
containerd
dockerd
docker
Use
Use
Use
Implemente
Import
Donate
docker Inc
kubelet
CRI Plugin
CRI
Container Runtime Interface
CRI-O
Use
Common
23.
24. Demo
Install CRI-O, Containerd , Dockerd and Podman
Kubernetes with CRI-O
Operate by CLI tools
crictl (CLI for CRI shim)
ctr (CLR for contaienrd)
podman
30. Demo 4
Use the CRICTL to pull image and run a container
Change the endpoint from CRI-O to Containerd.
Use the CTR to check the status of Containerd.
31. Demo 5
Use the podman to pull image and run container.
Check the process information from `ps`