CRI runtimes - Container Runtime Interface

Brouillon

Voir :

• https://blog.stephane-robert.info/docs/conteneurs/moteurs-conteneurs/
• Notes - nerdctl

Voir Docker est mort :

• https://medium.com/@oussamakhayali/docker-est-il-mort-ce-que-la-fin-dun-r%C3%A8gne-dit-sur-l-avenir-des-conteneurs-3d7a390a0132
• https://www.docker.com/blog/docker-myths-debunked/
• https://dev.to/dev_tips/kubernetes-without-docker-why-container-runtimes-are-changing-the-game-in-2025-4328
• https://medium.com/@haroldfinch01/kubernetes-without-docker-is-the-future-are-you-ready-d81ef45cadd4
• https://www.linkedin.com/posts/alfonsofernandez_the-end-of-docker-the-reasons-behind-developers-activity-7318234850149261312-J0-Q
• https://www.nucamp.co/blog/coding-bootcamp-backend-with-python-2025-containerization-beyond-kubernetes-exploring-alternatives-in-2025
• https://cicube.io/blog/docker-alternatives/
• https://blog.stackademic.com/docker-is-dead-not-so-fast-the-truth-behind-kubernetes-dropping-docker-839b3ba245f7
• https://sanj.dev/post/docker-vs-podman-comparison

CRI runtimes - Container Runtime Interface

Voir :

• https://blog.devops.dev/who-is-the-better-container-runtime-docker-podman-containerd-or-cri-o-034c8eee879b

https://www.mirantis.com/blog/cri-dockerd-faq-blog/ dockershim and cri-dockerd

mirantis migrate nodes from dockershim

Voir l'option --cri-containerd

Docker does not implement CRI. If you're going to use Docker you need to also install cri-dockerd to translate cri API to docker API.

Plus Docker (Dockershim) support was removed since 1.24 in K8S

https://kubernetes.io/docs/setup/production-environment/container-runtimes/

Mirantis Container Runtime (MCR) is a commercially available container runtime that was formerly known as Docker Enterprise Edition.

Compraratif https://medium.com/norma-dev/benchmarking-containerd-vs-dockerd-performance-efficiency-and-scalability-64c9043924b1

CRI-O vs Docker https://www.suse.com/c/fr/podman-et-cri-o-le-nouveau-duo-de-la-conteneurisation/ Podman utilise CRI-O

Podman Podman is a daemonless, open source containerization tool used in lab exercises as a replacement for Docker.

Podman implements CRI-O, while Docker implements “CRI”.

Isolation MicroVM des containers :

• Kata Container
• Firecracker

https://blog.octo.com/securite-pods-isolation-runtimeclass

https://blog.stephane-robert.info/docs/conteneurs/moteurs-conteneurs/incus/

https://blog.devops.dev/who-is-the-better-container-runtime-docker-podman-containerd-or-cri-o-034c8eee879b

crun a container runtime written in C (by contrast, runc is written in Go.) firecracker-containerd from AWS, which implements the OCI specification as individual lightweight VMs (and it is also the same technology which powers AWS Lambda) gVisor from Google, which creates containers that have their own kernel. It implements OCI in its runtime called runsc.

https://vineetcic.medium.com/the-differences-between-docker-containerd-cri-o-and-runc-a93ae4c9fdac