Docker takes another step towards fully integrating containerd

Others 2023-09-08 18:08:11 views: null

Docker has added experimental features to the just-released Docker Desktop 4.12.0 : further integrating containerd and using containerd to manage and store images.

Docker 4.12.0

Why do you say "further integration"? This is about looking at the history of Docker and containerd.

The birth of containerd

containerd first appeared in Docker Engine. Later, in order to make Docker Engine more lightweight, fast and robust, in 2016, Docker separated containerd from daemon() dockerdand completed the integration with daemon. The independent containerd fully supports the startup and life cycle management of OCI ( Open Container Initiative ) resources. Therefore, containerd can support other OCI implementations besides runc (formerly libcontainer in Docker and later donated to LF). In 2017, Docker donated containerd to CNCF; in February 2019, containerd graduated.

docker with containerd

After containerd is independent, the request sent to Docker Engine:

  1. Docker daemon completes image management operations (pulling, updating images)
  2. The daemon will make preparations for creating containers (creating OCI bundles ): image information and runtime information.
  3. The daemon calls the API of containerd.
  4. After receiving the request, containerd will not directly operate the container (it will not directly serve as the parent process of the container to prevent containerd from hanging up and affecting the container). Instead, it will first create a container-shim process.
  5. container-shim calls runc cli to run the container, and starts the Unix domain socket to expose the API to containerd for container management.

With the continuous evolution of containerd, in addition to container creation and container life cycle management, containerd has added support for CRI (Container Runtime Interface) starting from 1.1.

CRI

In the middle of "Source code analysis kubectl port-forward working principle", it is mentioned that kubelet will call the gRPC interface of rumtime service. In addition to the stream server used for portforward flow, there are actually CRI interfaces RuntimeServiceand ImageService and .RuntimeServiceServerImageServiceServer

RuntimeServiceServeris used to receive and process operations related to containers and their life cycles, while ImageServiceServeris used to process operations related to images. containerd provides functions such as image pulling, deletion, inspection, and storage.

Since containerd can manage images and Docker is already using it, there is no need for Docker to continue to maintain the same set of functions.

Switch to containerd's image management

After starting containerd to manage the image in the settings of Docker Desktop, you docker infowill find that the storage driver overlay2has changed from the original to containerd stargz.

Before switching:

Before switching

After switching:

After switching

Since containerd's snapshotters are used to manage storage (hanging on the root file system of the container), it can support a variety of snapshotters, such as stargz 's delayed pull.

In addition, thanks to containerd's native support for multi-platform image storage, or because of snapshotters, you can use docker to build multi-platform images.

#切换前
docker buildx build -t demo --no-cache --platform linux/amd64,linux/arm64 .
[+] Building 0.0s (0/0)
error: multiple platforms feature is currently not supported for docker driver. Please switch to a different driver (eg. "docker buildx create --use")

Summarize

Using containerd as Docker image management is still in the experimental stage, and problems are bound to be avoided. Please be careful when using it.

As Docker Swarm loses in the container orchestration war, Kubernetes's voice becomes stronger and stronger. The docker shim code was removed in Kubernetes 1.24.0. It seems more like containerd has replaced Docker's former position, and Docker is becoming less and less famous. Judging from the trend, Docker will fully integrate containerd in the future.

reference

Articles are published uniformly on the public account云原生指北

The web version of Windows 12 deepin-IDE compiled by junior high school students was officially unveiled. It is known as "truly independently developed" QQ has achieved "three-terminal simultaneous updates", and the underlying NT architecture is based on Electron QQ for Linux officially released 3.2.0 "Father of Hongmeng" Wang Chenglu : Hongmeng PC version system will be launched next year to challenge ChatGPT, these 8 domestic AI large model products GitUI v0.24.0 are released, the default wallpaper of Ubuntu 23.10, a Git terminal written in Rust, is revealed, the "Tauren" in the maze JetBrains announces the WebStorm 2023.3 roadmap China Human Java Ecosystem, Solon v2.5.3 released
{{o.name}}
{{m.name}}

Guess you like

Origin my.oschina.net/u/5110404/blog/5572885
Recommended
Ranking
[Algorithm] greedy _ program scheduling issues
Spring 控制反转(IOC)
Data structure-6.6 figure
Indicates that the class or member method has abstract properties
Huawei v5 server installed Linux operating system
Postgresql source code analysis - creating ordinary tables
Chapter 10 Evaluation Classification Results
Cloud service Ubuntu 20.04 version uses Nginx to deploy static web pages
Java Exercise 17.1
Solve the problem that git cannot automatically push submission in IDEA Push failed: Failed with error: Could not read from remote repository.
Daily
More
2024-05-09(32)
2024-05-08(18)
2024-05-07(34)
2024-05-06(6)
2024-05-05(0)
2024-05-04(18)
2024-05-03(8)
2024-05-02(0)
2024-05-01(4)
2024-04-30(36)

Code World

© 2018 codetd.com