containerd/ADOPTERS.md

5.5 KiB

containerd Adopters

A non-exhaustive list of containerd adopters is provided below.

Docker/Moby engine - Containerd began life prior to its CNCF adoption as a lower-layer runtime manager for runc processes below the Docker engine. Continuing today, containerd has extremely broad production usage as a component of the Docker engine stack. Note that this includes any use of the open source Moby engine project; including the Balena project listed below.

IBM Cloud Kubernetes Service (IKS) - offers containerd as the CRI runtime for v1.11 and higher versions.

IBM Cloud Private (ICP) - IBM's on-premises cloud offering has containerd as a "tech preview" CRI runtime for the Kubernetes offered within this product for the past two releases, and plans to fully migrate to containerd in a future release.

Google Cloud Kubernetes Engine (GKE) - offers containerd as the CRI runtime in beta for recent versions of Kubernetes.

AWS Fargate - uses containerd + Firecracker (noted below) as the runtime and isolation technology for containers run in the Fargate platform. Fargate is a serverless, container-native compute offering from Amazon Web Services.

Cloud Foundry - The Guardian container manager for CF has been using OCI runC directly with additional code from CF managing the container image and filesystem interactions, but have recently migrated to use containerd as a replacement for the extra code they had written around runC.

Alibaba's PouchContainer - The Alibaba PouchContainer project uses containerd as its runtime for a cloud native offering that has unique isolation and image distribution capabilities.

Rancher's k3s project - Rancher Labs k3s is a lightweight Kubernetes distribution; in their words: "Easy to install, half the memory, all in a binary less than 40mb." k8s uses containerd as the embedded runtime for this popular lightweight Kubernetes variant.

Rancher's Rio project - Rancher Labs Rio project uses containerd as the runtime for a combined Kubernetes, Istio, and container "Cloud Native Container Distribution" platform.

Eliot - The Eliot container project for IoT device container management uses containerd as the runtime.

Balena - Resin's Balena container engine, based on moby/moby but for edge, embedded, and IoT use cases, uses the containerd and runc stack in the same way that the Docker engine uses containerd.

LinuxKit - the Moby project's LinuxKit for building secure, minimal Linux OS images in a container-native model uses containerd as the core runtime for system and service containers.

BuildKit - The Moby project's BuildKit can use either runC or containerd as build execution backends for building container images. BuildKit support has also been built into the Docker engine in recent releases, making BuildKit provide the backend to the docker build command.

Azure acs-engine - Microsoft Azure's acs-engine open source project has customizable deployment of Kubernetes clusters, where containerd is a selectable container runtime. At some point in the future Azure's AKS service will default to use containerd as the CRI runtime for deployed Kubernetes clusters.

Amazon Firecracker - The AWS Firecracker VMM project has extended containerd with a new snapshotter and v2 shim to allow containerd to drive virtualized container processes via their VMM implementation. More details on their containerd integration are available in their GitHub project.

Kata Containers - The Kata containers lightweight-virtualized container runtime project integrates with containerd via a custom v2 shim implementation that drives the Kata container runtime.

D2iQ Konvoy - D2iQ Inc Konvoy product uses containerd as the container runtime for its Kubernetes distribution.

Inclavare Containers - Inclavare Containers is an innovation of container runtime with the novel approach for launching protected containers in hardware-assisted Trusted Execution Environment (TEE) technology, aka Enclave, which can prevent the untrusted entity, such as Cloud Service Provider (CSP), from accessing the sensitive and confidential assets in use.

Other Projects - While the above list provides a cross-section of well known uses of containerd, the simplicity and clear API layer for containerd has inspired many smaller projects around providing simple container management platforms. Several examples of building higher layer functionality on top of the containerd base have come from various containerd community participants:

  • Michael Crosby's boss project,
  • Evan Hazlett's stellar project,
  • Paul Knopf's immutable Linux image builder project: darch.