Definition v1.0 Cloud native technologies empower organizations to build and run scalable applications in modern, dynamic environments such as public, private, and hybrid clouds. Containers, service meshes, microservices, immutable infrastructure, and declarative APIs exemplify this approach. These techniques enable loosely coupled systems that are resilient, manageable, and observable. Combined with robust automation, they allow engineers to make high-impact changes frequently and predictably with minimal toil.
OCI The Open Container Initiative Runtime Specification aims to specify the configuration, execution environment, and lifecycle of a container. https://bit.ly/oci-runtimespec The goal of The Open Container Initiative Image Format Specification is to enable the creation of interoperable tools for building, transporting, and preparing a container image to run. https://bit.ly/oci-imagespec
(CRI) -- 2016 CRI a plugin interface that gives kubelet (a cluster node agent used to create pods and start containers) the ability to use different OCI-compliant container runtimes, without needing to recompile Kubernetes.
Runtime Interface (CRI) ? ◦ A gRPC interface and a group of libraries ◦ Enables Kubernetes to use a wide variety of container runtimes ◦ Introduced in Kubernetes 1.5
• An implementation of the Kubernetes CRI (Container Runtime Interface) to enable using OCI (Open Container Initiative) compatible runtimes • It allows Kubernetes to use any OCI-compliant runtime as the container runtime for running pods • Today it supports runc and Kata Containers as the container runtimes but any OCI-conformant runtime can be plugged in principle. • It is a lightweight alternative to using Docker, Moby or rkt as the runtime for Kubernetes.
Foundation • Nonprofit, part of the Linux Foundation; founded Dec. 2015 • Platinum members: Incubating Service Mesh Storage Service Discovery Graduated Package Management Distributed Tracing API Messaging Distributed Tracing Software Update Spec Security Networking API Orchestration Monitoring Registry Key/Value Store Policy Container Runtime Container Runtime Logging Remote Procedure Call Storage Serverless Container Security Continuous Integration & Deployment Image Distribution Network Proxy Key/Value Store
/etc/systemd/system/kubelet.service | grep Wants Wants=docker.socket crio.service # cat /etc/kubernetes/kubelet.env | grep KUBELET_ARGS KUBELET_ARGS="--pod-manifest-path=/etc/kubernetes/manifests --pod-infra-container-image=gcr.io/google_containers/pause-amd64:3.0 --cluster_dns=10.233.0.3 --cluster_domain=cluster.local --resolv-conf=/etc/resolv.conf --kubeconfig=/etc/kubernetes/node-kubeconfig.yaml --require-kubeconfig" You need to add following parameters to KUBELET_ARGS: • --container-runtime=remote - Use remote runtime with provided socket. • --container-runtime-endpoint=unix:///var/run/crio/crio.sock - Socket for remote runtime (default criosocket localization). • --runtime-request-timeout=10m - Optional but useful. Some requests, especially pulling huge images, may take longer than default (2 minutes) and will cause an error. # cat /etc/cni/net.d/10-crio.conf { "name": "crio", "type": "flannel" } # systemctl start crio # systemctl start kubelet