Our great sponsors
-
QEMU
Official QEMU mirror. Please see https://www.qemu.org/contribute/ for how to submit changes to QEMU. Pull Requests are ignored. Please only use release tarballs from the QEMU website.
-
InfluxDB
Power Real-Time Data Analytics at Scale. Get real-time insights from all types of time series data with InfluxDB. Ingest, query, and analyze billions of data points in real-time with unbounded cardinality.
-
WorkOS
The modern identity platform for B2B SaaS. The APIs are flexible and easy-to-use, supporting authentication, user identity, and complex enterprise features like SSO and SCIM provisioning.
-
nerdctl
contaiNERD CTL - Docker-compatible CLI for containerd, with support for Compose, Rootless, eStargz, OCIcrypt, IPFS, ...
Example implementations of the container runtime interfaces in this context are dockershim (OCI wrapper for the original Docker Engine implementation, see this article), containerd (new implementation of Docker's container runtime interface (CRI)) and cri-o (implementation of the Kubernetes container runtime interface).
Lima - short for Linux virtual machines - is mainly used as an alternative for MacOS in this context and comes with QEMU (a hypervisor), containerd and nerdctl.
Implementations of the OCI images can be found in Docker, Buildah, kaniko, and Podman, for example. The OCI-compatible container images can then be executed on a CRI-compatible runtime (containerd, cri-o), which in turn calls an OCI runtime such as runc or runsc. Runc or runsc then start the actual container on the client.
Podman itself does not support Docker Compose to launch multiple containers locally. There are two alternatives for this. First, there is already a project called Podman-Compose that is supposed to fulfill the core functionalities of Docker-Compose, and second, Podman supports the pods described above. These can also be used to launch and manage multiple containers at once - even via a more Kubernetes-friendly path.
OCI stands for the Open Container Initiative and was initiated by Docker Inc. in 2015. They describe two specifications: The Runtime Specification and the Image Specification.
Besides Podman, there is another alternative worth mentioning: Lima.
Another useful alternative to Docker-Compose is, for example, the use of minikube or also k3d. These tools can be used to easily and quickly roll out local Kubernetes clusters. These can then be used for development purposes to deploy and test local Kubernetes objects such as deployments, services or pods.
Lima - short for Linux virtual machines - is mainly used as an alternative for MacOS in this context and comes with QEMU (a hypervisor), containerd and nerdctl.
Another possibility to switch from Docker containers are the so-called Unikernels. These are briefly mentioned here for the sake of completeness, even though they currently have no significance in the Kubernetes context. An interesting blog post on the topic can be found on Hackernoon. It is an interesting construct that may one day find its way into the world of Kubernetes if containers can be replaced by unikernels. Currently, the use of unikernels would not be feasible in my opinion.
This was a wrong assumption. Podman directly uses runC or crun instead of containerd using a technology named conmon. Some more useful information can be found in this article.
In addition to this, a rate limit was created in the central Docker registry - the DockerHub- so that anonymous users can only download 100 images and authenticated free users can only download 200 images in a six-hour period.
Example implementations of the container runtime interfaces in this context are dockershim (OCI wrapper for the original Docker Engine implementation, see this article), containerd (new implementation of Docker's container runtime interface (CRI)) and cri-o (implementation of the Kubernetes container runtime interface).