• This repository has been archived on 09/Mar/2022
  • Stars
    star
    905
  • Rank 50,477 (Top 1.0 %)
  • Language
    Go
  • License
    Apache License 2.0
  • Created over 7 years ago
  • Updated over 2 years ago

Reviews

There are no reviews yet. Be the first to send feedback to the community and the maintainers!

Repository Details

Moved to https://github.com/containerd/containerd/tree/master/pkg/cri . If you wish to submit issues/PRs, please submit to https://github.com/containerd/containerd

Moved to github.com/containerd/containerd/pkg/cri

On October 7, 2020, the contents of this repo were merged into the containerd/containerd repo. For example, the source code previously stored under containerd/cri/pkg was moved to containerd/containerd/pkg/cri package.

Pull requests are no longer accepted in the master branch of this repo.

Bug-fix PRs for release/1.3 and release/1.4 branches are still accepted in this repo. However, the master branch for containerd/cri integration work is now located in the containerd/containerd repository, and as such new commits should be merged there.

This repo will be archived after the EOL of containerd 1.4.


cri

Build Status Go Report Card

cri is a containerd plugin implementation of Kubernetes container runtime interface (CRI).

With it, you could run Kubernetes using containerd as the container runtime. cri

Current Status

cri is a native plugin of containerd 1.1 and above. It is built into containerd and enabled by default.

cri is in GA:

See test dashboard

Support Metrics

CRI-Containerd Version Containerd Version Kubernetes Version CRI Version
v1.0.0-alpha.x 1.7, 1.8 v1alpha1
v1.0.0-beta.x 1.9 v1alpha1
End-Of-Life v1.1 (End-Of-Life) 1.10+ v1alpha2
v1.2 (Extended) 1.10+ v1alpha2
v1.3 1.12+ v1alpha2
v1.4 1.19+ v1alpha2

Note: The support table above specifies the Kubernetes Version that was supported at time of release of the containerd - cri integration.

The following is the current support table for containerd CRI integration taking into account that Kubernetes only supports n-3 minor release versions.

Containerd Version Kubernetes Version CRI Version
v1.2 1.15+ v1alpha2
v1.3 1.15+ v1alpha2
v1.4 1.19+ v1alpha2

Production Quality Cluster on GCE

For a production quality cluster on GCE brought up with kube-up.sh refer here.

Installing with Ansible and Kubeadm

For a multi node cluster installer and bring up steps using ansible and kubeadm refer here.

Custom Installation

For non ansible users, you can download the cri-containerd release tarball and deploy kubernetes cluster using kubeadm as described here.

Getting Started for Developers

Binary Dependencies and Specifications

The current release of the cri plugin has the following dependencies:

See versions of these dependencies cri is tested with.

As containerd and runc move to their respective general availability releases, we will do our best to rebase/retest cri with these releases on a weekly/monthly basis. Similarly, given that cri uses the Open Container Initiative (OCI) image and runtime specifications, we will also do our best to update cri to the latest releases of these specifications as appropriate.

Install Dependencies

  1. Install development libraries:
  • libseccomp development library. Required by cri and runc seccomp support. libseccomp-dev (Ubuntu, Debian) / libseccomp-devel (Fedora, CentOS, RHEL). On releases of Ubuntu <=Trusty and Debian <=jessie a backport version of libseccomp-dev is required. See travis.yml for an example on trusty.
  • btrfs development library. Required by containerd btrfs support. btrfs-tools(Ubuntu, Debian) / btrfs-progs-devel(Fedora, CentOS, RHEL)
  1. Install pkg-config (required for linking with libseccomp).
  2. Install and setup a Go 1.15.14 development environment.
  3. Make a local clone of this repository.
  4. Install binary dependencies by running the following command from your cloned cri/ project directory:
# Note: install.deps installs the above mentioned runc, containerd, and CNI
# binary dependencies. install.deps is only provided for general use and ease of
# testing. To customize `runc` and `containerd` build tags and/or to configure
# `cni`, please follow instructions in their documents.
make install.deps

Build and Install cri

To build and install a version of containerd with the cri plugin, enter the following commands from your cri project directory:

make
sudo make install

NOTE: The version of containerd built and installed from the Makefile is only for testing purposes. The version tag carries the suffix "-TEST".

Build Tags

cri supports optional build tags for compiling support of various features. To add build tags to the make option the BUILD_TAGS variable must be set.

make BUILD_TAGS='seccomp apparmor selinux'
Build Tag Feature Dependency
seccomp syscall filtering libseccomp development library
selinux selinux process and mount labeling
apparmor apparmor profile support

Validate Your cri Setup

A Kubernetes incubator project called cri-tools includes programs for exercising CRI implementations such as the cri plugin. More importantly, cri-tools includes the program critest which is used for running CRI Validation Testing.

Run the CRI Validation test to validate your installation of containerd with cri built in:

make test-cri

Running a Kubernetes local cluster

If you already have a working development environment for supported Kubernetes version, you can try cri in a local cluster:

  1. Start the version of containerd with cri plugin that you built and installed above as root in a first terminal:
sudo containerd
  1. From the Kubernetes project directory startup a local cluster using containerd:
CONTAINER_RUNTIME=remote CONTAINER_RUNTIME_ENDPOINT='unix:///run/containerd/containerd.sock' ./hack/local-up-cluster.sh

Test

See here for information about test.

Using crictl

See here for information about using crictl to debug pods, containers, and images.

Configurations

See here for information about how to configure cri plugins and here for information about how to configure containerd

Documentation

See here for additional documentation.

Communication

For async communication and long running discussions please use issues and pull requests on this github repo. This will be the best place to discuss design and implementation.

For sync communication we have a community slack with a #containerd channel that everyone is welcome to join and chat about development.

Slack: Catch us in the #containerd and #containerd-dev channels on dockercommunity.slack.com. Click here for an invite to docker community slack.

Other Communications

As this project is tightly coupled to CRI and CRI-Tools and they are Kubernetes projects, some of our project communications take place in the Kubernetes' SIG: sig-node.

For more information about sig-node, CRI, and the CRI-Tools projects:

Reporting Security Issues

If you are reporting a security issue, please reach out discreetly at [email protected].

Licenses

The containerd codebase is released under the Apache 2.0 license. The README.md file, and files in the "docs" folder are licensed under the Creative Commons Attribution 4.0 International License under the terms and conditions set forth in the file "LICENSE.docs". You may obtain a duplicate copy of the same license, titled CC-BY-4.0, at http://creativecommons.org/licenses/by/4.0/.

Project details

cri is a containerd sub-project. This project was originally established in April of 2017 in the Kubernetes Incubator program. After reaching the Beta stage, In January of 2018, the project was merged into containerd. As a containerd sub-project, you will find the:

information in our containerd/project repository.

More Repositories

1

containerd

An open and reliable container runtime
Go
16,882
star
2

nerdctl

contaiNERD CTL - Docker-compatible CLI for containerd, with support for Compose, Rootless, eStargz, OCIcrypt, IPFS, ...
Go
7,909
star
3

cgroups

cgroups package for Go
Go
1,085
star
4

runwasi

Facilitates running Wasm / WASI workloads managed by containerd
Rust
1,047
star
5

stargz-snapshotter

Fast container image distribution plugin with lazy pulling
Go
884
star
6

ttrpc

GRPC for low-memory environments
Go
548
star
7

accelerated-container-image

A production-ready remote container image format (overlaybd) and snapshotter based on block-device.
Go
405
star
8

imgcrypt

OCI Image Encryption Package
Go
332
star
9

overlaybd

Overlaybd: a block based remote image format. The storage backend of containerd/accelerated-container-image.
C++
257
star
10

ttrpc-rust

Rust implementation of ttrpc (GRPC for low-memory environments)
Rust
196
star
11

console

console package for Go
Go
178
star
12

rust-extensions

Rust crates to extend containerd
Rust
170
star
13

nydus-snapshotter

A containerd snapshotter with data deduplication and lazy loading in P2P fashion
Go
165
star
14

go-runc

runc bindings for Go
Go
163
star
15

go-cni

A generic CNI library to provide APIs for CNI plugin interactions
Go
146
star
16

continuity

A transport-agnostic, filesystem metadata manifest system
Go
142
star
17

nri

Node Resource Interface
Go
128
star
18

protobuild

Build protobufs in Go, easily
Go
122
star
19

fifo

fifo pkg for Go
Go
86
star
20

project

Cross-project utilities, scripts, etc.
Shell
72
star
21

btrfs

Btrfs bindings for Go
Go
68
star
22

zfs

ZFS snapshotter plugin for containerd
Go
64
star
23

typeurl

Go package for managing marshaled types to protobuf.Any
Go
49
star
24

containerd.io

Website repo for https://containerd.io
JavaScript
37
star
25

fuse-overlayfs-snapshotter

fuse-overlayfs plugin for rootless containerd
Go
37
star
26

release-tool

A release tool for generating detailed release notes
Go
34
star
27

aufs

AUFS Snapshotter for containerd
Go
26
star
28

ltag

Prepends project files with given template.
Go
16
star
29

project-checks

This cross-project repository holds utilities, scripts, and common files used across the containerd master project and many sub-projects within the containerd organization
Shell
5
star