Abstract
In Barcelona, we raced through seven different container runtime setups from Docker to cri-o to containerd–including interesting projects like AWS’s Firecracker, Kata containers and gVisor. For each we demonstrated how to allow Kubernetes to use each one of them using either RuntimeClass or standard kubelet CRI configuration parameters and then gave a quick highlight of their feature set, maturity, and usage in the ecosystem.
While we successfully demo’d each runtime, we didn’t have time to assess each of them with regards to the “why?” question: why would an operator or user choose one of these runtimes? In this “Part 2” talk we will take the time to walk back through each runtime, cover updates to the project since May, look at performance and security characteristics, and answer the why question for each one!
Phil Estes
Principal Software Engineer
I work on container runtime technology in upstream open source communities on behalf of AWS.