criruntimesdeepdivewhosrunningmykubernetespod

2020-02-27 57浏览

  • 1.@estesp CRIRuntimes:Who is running my pod?
  • 2.@estesp Hello! I’m Phil Estes Distinguished Engineer & CTO, Linux OS & Container Architecture IBM Watson & Cloud Platform Docker Captain, containerd maintainer @estesp
  • 3.@estesp Docker Containers $ docker run redis $ docker ps $ docker stop redis $ docker build -t myapp .
  • 4.@estesp You are using Kubernetes aren’t you? ? (See the CNCF CCoC CoC)
  • 5.@estesp Kubernetes is an orchestrator
  • 6.@estesp Kubernetes doesn’t run your containershttps://github.com/kubernetes/kubernetes/tree/release-1.4/pkg/kubelet/dockershimkubelet dockershim dockerd containerd runc
  • 7.@estesp
  • 8.@estesp Kubernetes ▧ K8s API ▧ Storage ▧ Networking (CNI) ▧ Healthchecks ▧ Placement ▧ Custom resources CRI Container Runtime ▧ Pod container lifecycle ○ Start/stop/delete ▧ Image management ○ Push/pull/status ▧ Status ▧ Container interactions ○ attach, exec, ports, log
  • 9.@estesp What Runtimes Exist? kubelet kubelet kubelet kubelet dockershim cri-containerd cri-o frakti dockerd containerd runc runV dockerd kubelet --container-runtime {string} --container-runtime-endpoint {string}
  • 10.@estesp But... why should I care?
  • 11.@estesp The benefits of runtime pluggability are mostly focused on operational concerns.
  • 12.@estesp runtimes
  • 13.@estesp What do I need? ▧ Performance ▧ Stability ▧ (Optional) Hypervisor Isolation ▧ Security Capabilities ▧ Broad Usage ▧ Multi-architecture Support
  • 14.@estespContainerd:A Core Runtime containerd runc
  • 15.@estesp Containerd Benefits ● Designed with broad usage as a core containerruntime:○ Docker, LinuxKit, Kubernetes and embedded core runtime use cases (OpenWhisk, Cloud Foundry) ● Stress testing for stability and performance guarantees 24/7 ● Usable Go library (or gRPC) for ease of embedding ● Compatibility guarantees; bug fix backports for stable support
  • 16.@estesp Containerd + CRIhttps://kubernetes.io/blog/2018/05/24/kubernetes-containerd-integration-goes-ga/
  • 17.@estesp Containerd in the Cloud(s) ▧ Kelsey Hightower’s “Kubernetes the Hard Way” deploys containerd as the kubelet runtime ▧ GKEalpha:containerd-based K8s clusters ▧ IBMCloud:containerd-based clusters in staging ▧Azure:OSS acs-engine includes containerd; AKS moving to containerd (but CRI-O for OpenShift) ▧Amazon:still reviewing runtime options for EKS ▧CloudFoundry:moving to containerd from runc
  • 18.@estesp Kubernetes 1.11 + contained 1.1.0
  • 19.@estesp Demo time
  • 20.@estesp Going Further ▧ crictl User’sGuide:https://github.com/containerd/cri/blob/master/docs/crictl.md▧ Stephen Day’s KubeCon 2018 containerdtalk:https://www.youtube.com/watch?v=3AynH3c0F8M▧ Containerdproject:https://github.com/containerd/containerd
  • 21.@estesp Thanks! Any questions? You can find meat:@estesp estesp@gmail.com
  • 22.@estesp Credits Special thanks to all the people who made and released these awesome resources forfree:▧ Presentation template by SlidesCarnival ▧ Photographs by Unsplash ▧ Backgrounds by Pixeden