Tuesday, April 4, 2017

Container Runtime Interface in Kubernetes 1.6

Kubernetes 1.6 was released March 26, 2017.

What’s new in Release 1.6

According to the blog post from Kubernetes, this release focuses on scale and automation. Mirantis has a very good “What’s new in Kubernetes 1.6”. In this article, it listed the following categories of major changes:
  • DaemonSet rolling updates
  • Kubernetes Federation
  • Authentication and access control improvement
  • Scheduling changes
  • Container Runtime Interface is now the default
  • Storage improvements
  • Networking Improvements
  • Other Changes
“Other changes” is the catchall category for those changes that are also important. For all the changes in release 1.6, check out the release notes on GitHub.

Kubernetes also has a blog post describing release 1.6.

Container Runtime

 Kubernetes is a container orchestration engine. For container to run on the host, it needs to have a container runtime. Back in release 1.0, Kubernetes only support the Docker container runtime – runc. In release 1.3, rkt is added. In release 1.5 the Container Runtime Interface is added to allow Kubernetes to support a wider range of container runtime to integrate with kubelet on a node. The container runtime interface in Kubernetes 1.5 release as alpha and the Docker container runtime remains to be the default. With this interface, for Kubernetes to support a new container runtime, it does not need to be integrating deep in the kubelet source code.

What is Container Runtime Interface?

 In brief, the Container Runtime Interface is an abstraction layer allowing kubelet to interface with any container runtime. Before release 1.5, without this interface, adding container runtime support will have to make coding changes to the kubelet source code.

This diagram explains how the Container Runtime Interface works:

 image source: http://blog.kubernetes.io/2016/12/container-runtime-interface-cri-in-kubernetes.html

Container Runtime Interface interacts with kubelet uses the gRPC protocol. This blog post from Kubernetes has a more detailed description on Container Runtime Interface. Like any open source project GitHub usually has good documentation on the subject.

Container Runtime Interface is turned on as the default behavior in Kubernetes 1.6 even it is still in beta status. Beside runc and rkt, currently these container runtime are in developement to work with CRI:

cri-o: OCI conformant runtimes.
rktlet: the rkt container runtime.
frakti: hypervisor-based container runtimes.
docker CRI shim.

Kubernetes Resources