71 lines
4.8 KiB
ReStructuredText
71 lines
4.8 KiB
ReStructuredText
:original_name: cce_10_0462.html
|
|
|
|
.. _cce_10_0462:
|
|
|
|
Container Engine
|
|
================
|
|
|
|
Introduction to Container Engines
|
|
---------------------------------
|
|
|
|
Container engines, one of the most important components of Kubernetes, manage the lifecycle of images and containers. The kubelet interacts with a container runtime through the Container Runtime Interface (CRI).
|
|
|
|
.. _cce_10_0462__section159298451879:
|
|
|
|
Mapping between Node OSs and Container Engines
|
|
----------------------------------------------
|
|
|
|
.. table:: **Table 1** Node OSs and container engines in CCE clusters
|
|
|
|
+-------------+----------------+-------------------------------------------------+-----------------------------------------------------+-------------------+
|
|
| OS | Kernel Version | Container Engine | Container Storage Rootfs | Container Runtime |
|
|
+=============+================+=================================================+=====================================================+===================+
|
|
| CentOS 7.x | 3.x | Docker | Clusters of v1.19.16 and earlier use Device Mapper. | runC |
|
|
| | | | | |
|
|
| | | Clusters of v1.23 and later support containerd. | Clusters of v1.19.16 and later use OverlayFS. | |
|
|
+-------------+----------------+-------------------------------------------------+-----------------------------------------------------+-------------------+
|
|
| EulerOS 2.5 | 3.x | Docker | Device Mapper | runC |
|
|
+-------------+----------------+-------------------------------------------------+-----------------------------------------------------+-------------------+
|
|
| EulerOS 2.9 | 4.x | Docker | OverlayFS | runC |
|
|
| | | | | |
|
|
| | | Clusters of v1.23 and later support containerd. | | |
|
|
+-------------+----------------+-------------------------------------------------+-----------------------------------------------------+-------------------+
|
|
|
|
.. table:: **Table 2** Node OSs and container engines in CCE Turbo clusters
|
|
|
|
+-----------------------------------------+-------------+----------------+------------------+--------------------------+-------------------+
|
|
| Node Type | OS | Kernel Version | Container Engine | Container Storage Rootfs | Container Runtime |
|
|
+=========================================+=============+================+==================+==========================+===================+
|
|
| Elastic Cloud Server (VM) | CentOS 7.x | 3.x | Docker | OverlayFS | runC |
|
|
| | | | | | |
|
|
| | EulerOS 2.9 | | | | |
|
|
+-----------------------------------------+-------------+----------------+------------------+--------------------------+-------------------+
|
|
| Elastic Cloud Server (physical machine) | EulerOS 2.9 | 4.x | containerd | Device Mapper | Kata |
|
|
+-----------------------------------------+-------------+----------------+------------------+--------------------------+-------------------+
|
|
|
|
Differences in Tracing
|
|
----------------------
|
|
|
|
- Docker (Kubernetes 1.23 and earlier versions):
|
|
|
|
kubelet --> docker shim (in the kubelet process) --> docker --> containerd
|
|
|
|
- Docker (community solution for Kubernetes v1.24 or later):
|
|
|
|
kubelet --> cri-dockerd (kubelet uses CRI to connect to cri-dockerd) --> docker--> containerd
|
|
|
|
- containerd:
|
|
|
|
kubelet --> cri plugin (in the containerd process) --> containerd
|
|
|
|
Although Docker has added functions such as swarm cluster, docker build, and Docker APIs, it also introduces bugs. Compared with containerd, Docker has one more layer of calling. **Therefore, containerd is more resource-saving and secure.**
|
|
|
|
Container Engine Version Description
|
|
------------------------------------
|
|
|
|
- Docker
|
|
|
|
- EulerOS/CentOS: docker-engine 18.9.0, a Docker version customized for CCE. Security vulnerabilities will be fixed in a timely manner.
|
|
|
|
- containerd: 1.4.1
|