k2d icon indicating copy to clipboard operation
k2d copied to clipboard
verified publisher icon portainer

ContainerD Support

Open ncresswell opened this issue 2 years ago • 5 comments

K2D is based on translating Kubernetes APIs to Docker APIs, which makes Docker a must. It should be possible, in the future, to not require docker, by embedding contained as part of the k2d image. This would lower the memory footprint and increase security by removing unneeded docker features.

ncresswell avatar Aug 21 '23 07:08 ncresswell

We are using a Docker-based implementation, so it would require either a rewrite or the addition of a specific containerd interface. It's also rare to see containerd being used directly; its purpose is to be embedded into other systems. We could look to embed it directly into k2d.

deviantony avatar Aug 21 '23 09:08 deviantony

If k2d needs to support more container runtimes that are within the range of runtimes supported by k8s, maybe the Container Runtime Interface (CRI) could be considered.

m0ssc0de avatar Aug 21 '23 11:08 m0ssc0de

Honestly, I don't think that this is good idea because if you start embedding containerd directly to k2d binary and start utilize CRI, then you are re-creating k3s but still missing orchestrator features and end up to trouble that what to do with Docker support? Remove it completely or support two different ways?

Also it would mean that you cannot implement Ingress support #16 by utilizing Traefik because it have existing provider for Docker but not for containerd. That provider btw most probably works already now with Alpha if user just define those container labels which it is looking for.

If you other hand support Docker only then it would be possible to do it like I proposed https://github.com/portainer/k2d/issues/11#issuecomment-1686761669

If you think that Docker memory footprint is too big then it is probably better idea to contribute to Moby and try reduce it. Now it is possible again when they moved to faster release cycle. Also, Docker memory footprint most probably will reduce anyway in future after they are ready with containerd migration as currently they need support both old and new way.

olljanat avatar Aug 21 '23 18:08 olljanat

right now we are parking this request... it came from community feedback off the back of the Alpha, so I captured it... but for now, we will stick with Docker as the back end API that K2D translates into.

ncresswell avatar Aug 21 '23 18:08 ncresswell

I don't see a way to subscribe to notifications on this issue so I'll comment and say my use case. If k2d is meant for edge deployments then it would probably fit really good with https://talos.dev/ which has an extremely small footprint, API management, and wireguard connectivity. Unfortunately, it only has containerd so I can't try k2d with it. Just something to consider. I believe other container/kubernetes minimal operating systems bundle containerd and runtimes.

rothgar avatar Mar 26 '24 22:03 rothgar