Welcome to the Linux Foundation Forum!

Podman vs Cri-o ?

elmoussaoui
elmoussaoui Posts: 6
in LFD259 Class Forum

Hi Everybody,

I am a little bit confused regarding the difference/relation between Podman and Cri-o.
As far as I could understand : Podman is a replacement for Docker, Cri-o is also intended to be a replacement to docker, but it's still marked "work in progress" as the course says. That makes sense so far.
But in the 3.2 lab when configuring a local repository to host images, We need to do sudo systemctl restart crio why not restart Podman instead, how Cri-o is used here in combination with Podman ?

Thank you for your help,

Answers

  • chrispokorni
    chrispokorni Posts: 2,451

    Hi @elmoussaoui,

    Podman is a daemonless, open source containerization tool used in lab exercises as a replacement for Docker. Operations to build container images, tag images, pull/push to and from registries, and run containers are performed with Podman. However, since it is daemonless (as opposed to Docker that relies on the docker daemon - dockerd), it does not need a restart.

    Cri-o is one of the container runtimes that Kubernetes can use to run and manage containers. It runs as daemon, therefore it needs a restart after configuration changes. While Docker was a preferred runtime for Kubernetes, its complex set of tools are not required by Kubernetes to run containers, one of the reasons why cri-o or conainerd are used in many recent Kubernetes cluster deployments.

    Regards,
    -Chris

  • elmoussaoui
    elmoussaoui Posts: 6

    Hi @chrispokorni ,
    Thanks for answering,

    So basically Kubernetes is using the combination CRI-O (as a container runtime) + Podman(for build, tag, pull images ..) as a replacement for Docker which was doing all of this , is that correct ? is this only an intermediate phase waiting that the dev of CRI-O finishes, or it will be always like this ?

    Regards,

  • chrispokorni
    chrispokorni Posts: 2,451

    Hi @elmoussaoui,

    Kubernetes uses cri-o as runtime for containers, while developers use Podman or Docker to build container images, run containers, pull/push images, etc...

    Kubernetes' support of the Docker runtime is expected to end with the removal of the dockershim from Kubernetes in release v1.24. As a result other runtimes such as cri-o or containerd will be used with Kubernetes to replace Docker, and the labs are reflecting that by introducing cri-o as runtime.

    Read more - Dockershim deprecation FAQ

    Regards,
    -Chris

  • elmoussaoui
    elmoussaoui Posts: 6

    @chrispokorni Thank makes sense now.
    Thanks for the clarification

Categories

Upcoming Training