docs: update the runtime configuration section #4344
Conversation
dvdksn
force-pushed
the
docs/dockerd-runtimes-refresh
branch
from
ed75b50
to
b3c8d63
Compare
Codecov Report
Additional details and impacted files@@ Coverage Diff @@
## master #4344 +/- ##
==========================================
- Coverage 59.29% 59.29% -0.01%
==========================================
Files 288 288
Lines 24769 24769
==========================================
- Hits 14688 14687 -1
- Misses 9197 9198 +1
Partials 884 884 |
dvdksn
force-pushed
the
docs/dockerd-runtimes-refresh
branch
2 times, most recently
from
31dce4b
to
9760f3f
Compare
dvdksn
force-pushed
the
docs/dockerd-runtimes-refresh
branch
from
9760f3f
to
02ea3ae
Compare
dvdksn
force-pushed
the
docs/dockerd-runtimes-refresh
branch
2 times, most recently
from
1289063
to
9381bc4
Compare
dvdksn
force-pushed
the
docs/dockerd-runtimes-refresh
branch
from
9381bc4
to
5d4fc39
Compare
|
Thanks @corhere and @thaJeztah, I've addressed the comments, hopefully we can merge now |
|
@thaJeztah this needs to be backported to 24.0 as well (features are 23.0 and 24.0, nothing new in 25.0) |
| configuration section in | ||
| [CRI Plugin Config Guide](https://github.com/containerd/containerd/blob/main/docs/cri/config.md#full-configuration). | ||
|
|
||
| ##### Configure runc drop-in replacements |
There was a problem hiding this comment.
Probably for a follow-up; we don't use the regular template for this page (yet), but perhaps we should already add the anchor (and maybe manually create an Options table with links);
| ##### Configure runc drop-in replacements | |
| ##### <a name="add-runtime"></a> Configure runc drop-in replacements (--add-runtime) |
| For an example configuration for a runc drop-in replacment, see | ||
| [Alternative container runtimes > youki](https://docs.docker.com/engine/alternative-runtimes/#youki) | ||
|
|
||
| ##### Configure the default container runtime |
There was a problem hiding this comment.
| ##### Configure the default container runtime | |
| ##### <a name="default-runtime"></a> Configure the default container runtime (--default-runtime) |
| By default, the Docker daemon automatically starts `containerd`. If you want to | ||
| control `containerd` startup, manually start `containerd` and pass the path to | ||
| the `containerd` socket using the `--containerd` flag. For example: |
There was a problem hiding this comment.
This is not entirely true; automatic starting is mostly still there for backward-compatibility (and debugging), but the daemon will first check if /run/containerd/containerd.sock (default location for containerd's socket) is present. If that's not the case, it assumes containerd is not managed / running as a service, and it falls back to starting its own instance.
An unfortunate side-effect of that is that if (for any reason) the containerd service is not (or not YET) running, dockerd will start its own instance, which uses it's own storage location (different from the default) and other options. This can also lead to 2 instances of containerd running on the host (if the actual containerd service is started).
Setting the --containerd socket helps with such situations (race conditions, or containerd not running where it should be), as it disables the feature that automatically starts a new instance. This is also why we added this option as a default in the systemd unit we ship for docker engine; see
(I should mention that that there's things being discussed in this area, and we may consider using different defaults, and/or to make "starting containerd" an opt-in option (instead of opt-out)).
There was a problem hiding this comment.
OK, this is quite good information. I didn't actually change this section when updating the doc; I only moved it around. So for that reason (and because this is still under discussion) I will leave it as is for now.
|
|
||
| The `native.cgroupdriver` option specifies the management of the container's | ||
| cgroups. You can only specify `cgroupfs` or `systemd`. If you specify | ||
| #### Use a manually controlled containerd daemon |
There was a problem hiding this comment.
| #### Use a manually controlled containerd daemon | |
| #### <a name="containerd"></a> Use a manually controlled containerd daemon (--containerd) |
(see my other comment) not sure if "manually controlled" is the right wording here; this option would usually be if containerd is running as its own service (which is the default nowadays).
There was a problem hiding this comment.
"Run containerd standalone"?
| By default, the Docker daemon automatically starts `containerd`. If you want to | ||
| control `containerd` startup, manually start `containerd` and pass the path to | ||
| the `containerd` socket using the `--containerd` flag. For example: | ||
| #### Configure container runtimes |
There was a problem hiding this comment.
| #### Configure container runtimes | |
| #### <a name="runtime"></a> Configure container runtimes (--runtime) |
Signed-off-by: David Karlsson <35727626+dvdksn@users.noreply.github.com>
dvdksn
force-pushed
the
docs/dockerd-runtimes-refresh
branch
from
5d4fc39
to
6c7d17f
Compare
relates to: docker/docs#17517
- What I did
Updated the section about runtime options, it now includes how to configure
containerd shims using the
runtimeTypeandoptionsfields.Because there are now two ways to configure runtimes, it also demanded that I
refactor the entire section.
I've tried to add justification for when to use
runtimeType, and when to usepath. It's quite difficult to accurately capture the distinction, while alsokeeping the section somewhat intelligible. I tried.
- How I did it
- How to verify it
- Description for the changelog
- A picture of a cute animal (not mandatory but encouraged)
馃尛