CNCF graduation: Containerd joins the likes of Kubernetes and Prometheus
It’s been almost two years since Docker donated containerd, its core container runtime, to CNCF. containerd is now the fifth project to graduate, following Kubernetes, Prometheus, Envoy, and CoreDNS.
Docker decided to donate containerd, an industry-standard runtime for building container solutions, in early 2017 in order to “unlock a whole new phase of innovation and growth across the entire container ecosystem.” The first containerd Summit was held one month later and, in December 2017, it had already reached its 1.0 milestone.
Now, containerd has reached a new milestone by becoming CNCF’s fifth project to graduate, following Kubernetes, Prometheus, Envoy, and CoreDNS. In order to move from incubation to graduation, projects must demonstrate thriving adoption, diversity, a formal governance process, and a strong commitment to community sustainability and inclusivity.
According to the blog post announcing the graduation, in order to officially graduate from incubating status, containerd also had to adopt the CNCF Code of Conduct, execute an independent security audit and define its own governance structure to grow the community. Furthermore, this industry-standard runtime for building container solutions had to earn (and maintain) a Core Infrastructure Initiative Best Practices Badge. The CII badge, which was completed on September 1, 2018, shows an ongoing commitment to code quality and security best practices.
When Docker contributed containerd to the community, our goal was to share a robust and extensible runtime that millions of users and tens of thousands of organizations have already standardized on as part of Docker Engine. It is rewarding to see increased adoption and further innovation with containerd over the past year as we expanded the scope to address the needs of modern container platforms like Docker platform and the Kubernetes ecosystem. As adoption of containerd continues to grow, we look forward to continued collaboration across the ecosystem to continue to push our industry forward.
– Michael Crosby, containerd maintainer and Docker engineer
What Docker Captains say about containerd
Two years ago, we launched an interview series with Docker Captains to hear more about their love stories with Docker, their likes and dislikes, their battle scars and more.
We also asked them what they think of Docker’s decision to donate containerd runtime to CNCF and here are their answers:
It’s a great and cool move. Containerd is basically the real engine behind Docker. The standardized container runtime benefits everyone in the community.
As I said, Docker’s technical value is not in container runtime, which is not a huge engineering effort to replicate. But for ecosystem health they need to ensure confidence and interoperability, so an open standard and a reference implementation is a must have.
As a Java developer, I’m used with such approach to have a standard to document API and reference implementation, which doesn’t prevent alternate implementations or innovation. Docker does the same with a distinct approach: it proves things can work, then extracts an open source component and makes sure it becomes part of the standardized container ecosystem driven by OCI.
Nicolas De Loof
Docker’s decision to move containerd to CNCF and make a split between Moby is an attempt to keep their feet buried in the sand. Let’s not sugarcoat it. This is a really hot space with competition brewing and lots of leapfrogging.
Docker doesn’t want to be replaced as the container runtime of choice. containerd and Project Moby are attempts to allow new container packaging tools emerge but still share the underlying base functionality. This keeps Docker relevant because everyone will see the tool they created isn’t as simple as it sounds. This gives anyone the freedom to try and realize that Docker is the route of least resistance and to continue using their tool in lieu of something else, including rkt.
I firmly believe that every decision thought leaders make based on what the community needs should be respected as they are the only horse power for future innovation.This is good for the container market as a whole. To me, it is full of excitement as we are going to see Docker containerd competing with CRI-O without affecting Docker’s business.
Ajeet Singh Raina
It’s a big move forward. My understanding — and please note the following is my own personal opinion — is that Docker Inc. has a vision to build a complete platform for building, deploying and managing software systems – a distributed cloud OS for lack of a better name. To this end, I would expect to see more Docker tooling that integrates with their own services like Docker Cloud and the Docker Store to provide useful features. This tooling will be built on top of the open source components that are part of the OCI and Moby project, but will also include components that are entirely owned by Docker and designed to interact with their own commercial offerings.
It is crucial for Docker to be the industry-wide accepted standard — to maintain the power position they currently have within the market they carved out. Companies such as Google have built on the work of Docker with their container orchestration frameworks such as Kubernetes (which CoreOS and RedHat built on to create OpenShift and Tectonic respectively). Within these frameworks (which have gained a lot of market traction, more so than Docker’s own orchestration solution), every component has very clearly defined roles and responsibilities.
If these players are no longer happy with the implementation Docker provides (due to Docker’s fast iteration, adopting roles it shouldn’t, or other concerns with Docker’s governance of the technology), more and more competing implementations (such as rkt from CoreOS) have emerged and matured as potential replacements.
Docker themselves iterated on many of the core implementations within Kubernetes to re-work their clustering offering called Swarm in last year’s introduction of Docker 1.12’s new “Swarm mode”. This creates an interesting dynamic where each improves on the weaknesses of the other offerings — driving every solution to become a complete offering. (Docker has since also separated their company’s products —Docker CE / EE— from the core technology by creating the Moby project at April’s DockerCon).
Vincent De Smet
The ecosystem moves faster than any single company. If Docker wasn’t open and willing to give back to the community, they will find that they would become a siloed center of hype that dies after a few years. By trying to get the community involved, it allows the conversation to continue and evolve with drive from many parties in the industry. Contributing the containerd runtime is just one example of Docker’s principle of developing in the open.