Technology · Ebook
CRI-O: The Lightweight Kubernetes Runtime
by Shriira Press
CRI-O is a lightweight container runtime built for one job: running Kubernetes Pods. This free book teaches it from the ground up: the CRI and OCI standards it bridges, how it compares to containerd and Docker, its architecture and the conmon monitor that keeps containers alive across daemon restarts, OCI images and the shared containers/storage library, pod sandboxes and the container lifecycle (pause container and all), networking via CNI, configuration through its TOML files and the cgroup-driver pitfall, security and kernel isolation with sandboxed runtimes like Kata, and operating and troubleshooting CRI-O with crictl in production. Ten focused chapters with real config and clear diagrams that make this minimal, Kubernetes-native runtime something you can run and debug with confidence.
Contents
- 1Preface
- 2Chapter 1 — What CRI-O Is
- 3Chapter 2 — The CRI and OCI Standards
- 4Chapter 3 — CRI-O vs Other Runtimes
- 5Chapter 4 — Architecture
- 6Chapter 5 — Images and Storage
- 7Chapter 6 — Pods and the Container Lifecycle
- 8Chapter 7 — Networking with CNI
- 9Chapter 8 — Configuring CRI-O
- 10Chapter 9 — Security and Isolation
- 11Chapter 10 — Operating CRI-O and Putting It Together