What containerd means for Rancher and RancherOS
containerd is an industry-standard core container runtime that
by Docker Inc. in December 2015 and contributed to
CNCF in March
2017. We’ve received a number of questions about the project, so I
thought I would provide you my perspective as well as some preliminary
thoughts on how how Rancher Labs will leverage it.
Docker, Kubernetes, and containerd
The containerd project represents an important step in the evolution of
the Docker platform. In the beginning, the Docker engine was quite
simple. It merely consisted of the minimum support required to run
Docker images on a single host. Over the last few years, however, the
Docker Engine has evolved significantly. The Docker engine now includes
sophisticated support for cluster management, multi-host networking, and
scheduling. Today, Docker is actually closer to a platform like
Kubernetes, even though Kubernetes was created to manage Docker.
containerd is a simple container runtime built for the sole purpose of
running Docker images on a single host. It is designed to be embedded in
larger systems like Docker and Kubernetes, which add higher-level
capabilities such as scheduling and orchestration.
Rancher and containerd
- Enables users to create multiple Docker Swarm and Kubernetes
clusters (called “environments”)
- Ensures users can create environments on any infrastructure,
including public cloud, private cloud, or data centers
- Includes a certified Kubernetes
distribution, and automatically
manages the install, upgrade, and on-going operation of Kubernetes
- Implements a powerful set of management capabilities such as user
authentication, RBAC, and security credentials and certificates
- Integrates with a wide variety of CI/CD, monitoring, and log
- Enables users to easily deploy and upgrade pre-packaged applications
from a catalog
As the following figure shows, the Rancher platform’s role will not
change when Docker and Kubernetes integrate with containerd. Rancher
will continue to manage Docker and Kubernetes as it does today.
RancherOS and containerd
RancherOS is a small footprint Linux distribution built for the sole
purpose of running Docker containers. It contains two Docker daemons:
system Docker and user Docker. System Docker plays the role of the init
systemd) and runs system services such as udev and DHCP.
User Docker runs application containers. In the future, containerd will
take over as system Docker. containerd provides sufficient capabilities
to function as an init program. A smaller system Docker will result in
an even slimmer RancherOS distro and a more robust system.
Work is underway to build containerd 1.0 and the Kubernetes CRI
(Container Runtime Interface) plug-in for containerd. Rancher and
RancherOS will take advantage of containerd as it becomes ready for
production. Stay tuned for product announcements.