Open in app

Sign in

Write

Sign in

Why Docker is so Fast? How Kubernetes dropped it & Adopted CRI-O/ Podman.

Deepak Parihari
5 min readApr 2, 2021

When it comes to managing and creating containers & images then Docker is often the first choice. In this article you will learn about how docker is so fast in creating containers just in 1 sec, What is CRI-O & Podman, there differences, and why Kubernetes dropped docker and adopted CRI-O/ Podman container engine.

What is Docker?

Docker is currently the most popular container platform. Docker is a container management tool, not the engine, that manages image creation, downloads images for us.

Docker has a docker server program called containerd which is actually called a container engine because when you launch the container their you are as a client. so the client needs some server so docker provides containerd.

containerd behind the scene do not launch the container their only task is to start or stop the container. containerd contacts the RunC(runtime container) with the specification runtime that contain the Configfile in JSON to launch the container.

we need to specify the command to be used. eg: bash, image, and which folder to create. Image is like a hard disk or the info of the OS and it comes in tar so need to untar it, this is not the duty of RunC. here the role of the Docker comes into play. Docker has the capability to download the image untar and unbundle the image.

So, remember Docker is not the one who launches the container. Behind the scene docker contacts, the RunC program to run the container and Docker manages the container by providing the image. there are more runtime tools also available in the market that launches the container like gvisor, kata, etc.

Why Docker is so fast?

Docker is so fast that it launches the container in just seconds. Behind the scene, docker is also a process & inside it, multiple processes run.

docker run -it name centos

(this is the command which is a process inside this process we have a different process).

we need to know that Process is an instance of an executing program and Docker is just a program that runs the container also we know that container is a process & process we know are very fast that's why docker is so fast, can launch multiple containers within a seconds.

What is Kubernetes?

Kubernetes is a container management orchestration tool that manages the container deployment, scaling, security, services, and workloads. In other words, you can cluster together groups of hosts running Linux containers and k8s helps you easily & efficiently manage the cluster.

Why Kubernetes Deprecated Docker & Adopted CRI-O?

Docker needs to manage the network, security, and storage, etc. so there are hectic loads on docker so to reduce the load and increase the performance we use Kubernetes to manage docker services.

Kubernetes and kubelet don't know how to launch the container. so kubelet contacts to container engine docker and docker has containerd who contacts to RunC to launch container.

Kubelet and docker are both good tools but the main problem is docker keeps on updating the software more and more. so, kubelet is hard to manage and cope up with the server containerd.

Docker has an API program called Dockershim in between the kubelet and containerd to manage the load but it's not working out. so Kubernetes has finally decided to depreciate docker and use the CRI-O as a container runtime engine.

Types of Container engine -

  1. Docker
  2. CRI-O
  3. Kata
  4. Rocket

If we wanted to change the container engine the kubelet has to change the code a lot and to do so it is hard to manage. so community a=of k8s has created an interface of container runtime known as CRI(container runtime interface).

While creating RunC you need to follow some standards so if anyone wants to switch from your product to cri-o, docker, etc. then they can do it easily. so, the community which creates the standard of runC then that is done by OCI(open container initiative).

CRI-O

It is a lightweight container runtime engine. it doesn't manage the storage and security it is managed by kubelet. CRI-O is only responsible to launch the container through the RunC.

Specifically, it implements the Container Runtime Interface (CRI) using OCI conformant runtimes. CRI-O uses runc as its default runtime to run Kubernetes pods.

Podman

Podman is a daemonless, serverless container engine for developing, managing, and running OCI Containers on your Linux System. Containers can either be run as root or in rootless mode. they don't have any client or server program we just have to tell podman to launch the container they will do. Simply put docker=podman.

They have almost the same commands as Docker like docker ps, run, start, stop, etc. you can use any of them.

Kubernetes
Cri O
Docker
Podman
Openshift

--

--

Deepak Parihari

Written by Deepak Parihari

29 Followers

DevOps, Cloud, MlOps, Linux

Help

Status

About

Careers

Blog

Privacy

Terms

Text to speech

Teams