4.8 KiB
- original_name
cce_10_0462.html
Container Engine
Introduction to Container Engines
Container engines, one of the most important components of Kubernetes, manage the lifecycle of images and containers. The kubelet interacts with a container runtime through the Container Runtime Interface (CRI).
Mapping between Node OSs and Container Engines
| OS | Kernel Version | Container Engine | Container Storage Rootfs | Container Runtime |
|---|---|---|---|---|
| CentOS 7.x | 3.x | Docker Clusters of v1.23 and later support containerd. |
Clusters of v1.19.16 and earlier use Device Mapper. Clusters of v1.19.16 and later use OverlayFS. |
runC |
| EulerOS 2.5 | 3.x | Docker | Device Mapper | runC |
| EulerOS 2.9 | 4.x | Docker Clusters of v1.23 and later support containerd. |
OverlayFS | runC |
| Node Type | OS | Kernel Version | Container Engine | Container Storage Rootfs | Container Runtime |
|---|---|---|---|---|---|
| Elastic Cloud Server (VM) | CentOS 7.x EulerOS 2.9 |
3.x | Docker | OverlayFS | runC |
| Elastic Cloud Server (physical machine) | EulerOS 2.9 | 4.x | containerd | Device Mapper | Kata |
Differences in Tracing
Docker (Kubernetes 1.23 and earlier versions):
kubelet --> docker shim (in the kubelet process) --> docker --> containerd
Docker (community solution for Kubernetes v1.24 or later):
kubelet --> cri-dockerd (kubelet uses CRI to connect to cri-dockerd) --> docker--> containerd
containerd:
kubelet --> cri plugin (in the containerd process) --> containerd
Although Docker has added functions such as swarm cluster, docker build, and Docker APIs, it also introduces bugs. Compared with containerd, Docker has one more layer of calling. Therefore, containerd is more resource-saving and secure.
Container Engine Version Description
- Docker
- EulerOS/CentOS: docker-engine 18.9.0, a Docker version customized for CCE. Security vulnerabilities will be fixed in a timely manner.
- containerd: 1.4.1