Red Hat Releases CRI-O 1.0 for Kubernetes Container Runtime

by Sean Michael Kerner

The new container runtime means Kubernetes doesn't necessarily need to depend on Docker anymore.

Red Hat announced the official 1.0 general availability release of CRI-O on Oct. 16, providing a competitive alternative to running the Docker runtime in Kubernetes deployments. The news comes as the DockerCon EU conference gets underway in Copenhagen, Denmark from Oct. 16-19.

CRI-O makes use of the Container Runtime Interface (CRI) within Kubernetes, which makes it easier for organizations to choose a container runtime rather than just relying on Docker as a default.

Mrunal Patel, principal software engineer, Red Hat, explained that CRI-O implements the CRI interface using Open Container Initiative (OCI)-based Red Hatcomponents such as runc. He added that Kubernetes can be run with CRI-O without running docker at all.

"It's important to also note that Kubernetes does not cover the building of container images," Patel said. "If customers want to create/build container images, they would still have to use a tool like Docker for this."

To that end, Red Hat is also building a package called "buildah" to give users another option for developing container images that conform to the OCI standard.

In contrast to other container runtimes that can be called from CRI, Patel said CRI-O is dedicated to being a Kubernetes container runtime.

"It only implements what is necessary for the Kubernetes CRI and nothing more," Patel said. "The CRI-O project only merges pull requests that pass the Kubernetes end-to-end tests, which helps to provide stability and keep the project in-line with Kubernetes community advances."

Compliance with the OCI 1.0 Standard

The goal with CRI-O is to be compliant with the Open Container Initiative (OCI) 1.0 standard. Currently the OCI is made of the runtime specification and the image specification.

"Runtime-wise, CRI-O supports runc, and for now, the OCI certification process for runtimes is still in development," Daniel Walsh, consulting engineer, Red Hat, told ServerWatch. "However, any runtime that implements the runtime specification 1.0 (like runc) is supported in CRI-O."

Walsh added that in terms of the image specification, Red Hat is working on adding support in the coming releases around storing images on disk following the specification.

Among the benefits of CRI-O is a smaller footprint in terms of memory utilization. Walsh said CRI-O should be smaller than docker/rkt from a memory utilization perspective as it does less than those runtimes.

"By design, CRI-O does just what Kubernetes CRI requires and nothing more," Walsh said. "That said, our performance team is benchmarking the project and will provide further information once they complete their testing. It has certain parts such as container monitoring process written in C to be more efficient in memory usage."

OpenShift to Integrate CRI-O

OpenShift is Red Hat's commercially supported distribution of Kubernetes and will integrate CRI-O in an upcoming release.

"It's our intent to make CRI-O available as a technology preview in an upcoming release of OpenShift Container Platform, with a future goal to have it fully supported in future versions if all goes well," Patel said.

Sean Michael Kerner is a senior editor at ServerWatch and InternetNews.com. Follow him on Twitter @TechJournalist.

This article was originally published on Monday Oct 16th 2017
Mobile Site | Full Site