The container runtime is software that is responsible for managing containers and container images on a Kubernetes node. Containerd is a CNCF (Cloud Native Cloud Foundation) graduated container runtime. It supports Kubernetes natively, and is considered more resource efficient and secure than the Docker Engine for Kubernetes. Until Kubernetes 1.20, Docker Engine was the primary container runtime. However, Dockershim, the Docker Engine integration code in Kubernetes, was deprecated in Kubernetes 1.20, and will be removed in Kubernetes 1.24. Thus, Google Distributed Cloud users should plan to use containerd for their container runtime as soon as possible.
Support for Containerd in Google Distributed Cloud admin cluster nodes
In Google Distributed Cloud 1.8, the admin cluster uses containerd on all nodes: the admin master node, admin addon nodes and user master nodes. This applies to both new admin clusters and existing admin clusters upgraded from 1.7.x.
Support for Containerd in Google Distributed Cloud user cluster nodes
Google Distributed Cloud 1.8 introduces a new ubuntu_containerd
OS image type. The ubuntu_containerd
OS image type uses the identical OS image as ubuntu
, but the node is configured to use containerd
as the container runtime instead of Docker Engine.
In version 1.8, the ubuntu_containerd
OS image type is used for a new node pool by default if osImageType
if not specified. However, if you upgrade an existing node pool from v1.7.x, the node pools will continue to use the Docker Engine after the upgrade.
If you want to continue using the Docker Engine for a new node pool, starting with version 1.8, you must explicitly specify ubuntu
as the osImageType
. As Docker Engine support will be removed in Kubernetes 1.24, you should plan to convert your node pools to use the ubuntu_containerd
OS image type.
Update osImageType used by a node pool
See Update the osImageType of a node pool.
Migration from Docker Engine to containerd
These resources provide general information about migrating from Docker Engine to containerd.
Checking the node image type
You can check which image type is used for existing nodes.
To check with kubectl:
kubectl get nodes -o wide --kubeconfig ADMIN_CLUSTER_KUBECONFIG
where:
- ADMIN_CLUSTER_KUBECONFIG is the path of the kubeconfig file for your admin cluster.
The output is similar to the following:
NAME ... OS-IMAGE ... CONTAINER-RUNTIME node-1 Ubuntu 18.04.5 LTS containerd://1.4.3 node-2 Ubuntu 18.04.5 LTS containerd://1.4.3 node-3 Ubuntu 18.04.5 LTS containerd://1.4.3
The column CONTAINER-RUNTIME
outputs the runtime and its version.
To check within the node, run:
sudo crictl version
The output is similar to the following:
Version: 0.1.0 RuntimeName: containerd RuntimeVersion: 1.4.3-0ubuntu0~18.04.1 RuntimeApiVersion: v1alpha2