Explore Courses
course iconScrum AllianceCertified ScrumMaster (CSM) Certification
  • 16 Hours
Best seller
course iconScrum AllianceCertified Scrum Product Owner (CSPO) Certification
  • 16 Hours
Best seller
course iconScaled AgileLeading SAFe 6.0 Certification
  • 16 Hours
Trending
course iconScrum.orgProfessional Scrum Master (PSM) Certification
  • 16 Hours
course iconScaled AgileSAFe 6.0 Scrum Master (SSM) Certification
  • 16 Hours
course iconScaled Agile, Inc.Implementing SAFe 6.0 (SPC) Certification
  • 32 Hours
Recommended
course iconScaled Agile, Inc.SAFe 6.0 Release Train Engineer (RTE) Certification
  • 24 Hours
course iconScaled Agile, Inc.SAFe® 6.0 Product Owner/Product Manager (POPM)
  • 16 Hours
Trending
course iconKanban UniversityKMP I: Kanban System Design Course
  • 16 Hours
course iconIC AgileICP Agile Certified Coaching (ICP-ACC)
  • 24 Hours
course iconScrum.orgProfessional Scrum Product Owner I (PSPO I) Training
  • 16 Hours
course iconAgile Management Master's Program
  • 32 Hours
Trending
course iconAgile Excellence Master's Program
  • 32 Hours
Agile and ScrumScrum MasterProduct OwnerSAFe AgilistAgile CoachFull Stack Developer BootcampData Science BootcampCloud Masters BootcampReactNode JsKubernetesCertified Ethical HackingAWS Solutions Artchitct AssociateAzure Data Engineercourse iconPMIProject Management Professional (PMP) Certification
  • 36 Hours
Best seller
course iconAxelosPRINCE2 Foundation & Practitioner Certificationn
  • 32 Hours
course iconAxelosPRINCE2 Foundation Certification
  • 16 Hours
course iconAxelosPRINCE2 Practitioner Certification
  • 16 Hours
Change ManagementProject Management TechniquesCertified Associate in Project Management (CAPM) CertificationOracle Primavera P6 CertificationMicrosoft Projectcourse iconJob OrientedProject Management Master's Program
  • 45 Hours
Trending
course iconProject Management Master's Program
  • 45 Hours
Trending
PRINCE2 Practitioner CoursePRINCE2 Foundation CoursePMP® Exam PrepProject ManagerProgram Management ProfessionalPortfolio Management Professionalcourse iconAWSAWS Certified Solutions Architect - Associate
  • 32 Hours
Best seller
course iconAWSAWS Cloud Practitioner Certification
  • 32 Hours
course iconAWSAWS DevOps Certification
  • 24 Hours
course iconMicrosoftAzure Fundamentals Certification
  • 16 Hours
course iconMicrosoftAzure Administrator Certification
  • 24 Hours
Best seller
course iconMicrosoftAzure Data Engineer Certification
  • 45 Hours
Recommended
course iconMicrosoftAzure Solution Architect Certification
  • 32 Hours
course iconMicrosoftAzure Devops Certification
  • 40 Hours
course iconAWSSystems Operations on AWS Certification Training
  • 24 Hours
course iconAWSArchitecting on AWS
  • 32 Hours
course iconAWSDeveloping on AWS
  • 24 Hours
course iconJob OrientedAWS Cloud Architect Masters Program
  • 48 Hours
New
course iconCareer KickstarterCloud Engineer Bootcamp
  • 100 Hours
Trending
Cloud EngineerCloud ArchitectAWS Certified Developer Associate - Complete GuideAWS Certified DevOps EngineerAWS Certified Solutions Architect AssociateMicrosoft Certified Azure Data Engineer AssociateMicrosoft Azure Administrator (AZ-104) CourseAWS Certified SysOps Administrator AssociateMicrosoft Certified Azure Developer AssociateAWS Certified Cloud Practitionercourse iconAxelosITIL 4 Foundation Certification
  • 16 Hours
Best seller
course iconAxelosITIL Practitioner Certification
  • 16 Hours
course iconPeopleCertISO 14001 Foundation Certification
  • 16 Hours
course iconPeopleCertISO 20000 Certification
  • 16 Hours
course iconPeopleCertISO 27000 Foundation Certification
  • 24 Hours
course iconAxelosITIL 4 Specialist: Create, Deliver and Support Training
  • 24 Hours
course iconAxelosITIL 4 Specialist: Drive Stakeholder Value Training
  • 24 Hours
course iconAxelosITIL 4 Strategist Direct, Plan and Improve Training
  • 16 Hours
ITIL 4 Specialist: Create, Deliver and Support ExamITIL 4 Specialist: Drive Stakeholder Value (DSV) CourseITIL 4 Strategist: Direct, Plan, and ImproveITIL 4 Foundationcourse iconJob OrientedData Science Bootcamp
  • 6 Months
Trending
course iconJob OrientedData Engineer Bootcamp
  • 289 Hours
course iconJob OrientedData Analyst Bootcamp
  • 6 Months
course iconJob OrientedAI Engineer Bootcamp
  • 288 Hours
New
Data Science with PythonMachine Learning with PythonData Science with RMachine Learning with RPython for Data ScienceDeep Learning Certification TrainingNatural Language Processing (NLP)TensorflowSQL For Data Analyticscourse iconIIIT BangaloreExecutive PG Program in Data Science from IIIT-Bangalore
  • 12 Months
course iconMaryland UniversityExecutive PG Program in DS & ML
  • 12 Months
course iconMaryland UniversityCertificate Program in DS and BA
  • 31 Weeks
course iconIIIT BangaloreAdvanced Certificate Program in Data Science
  • 8+ Months
course iconLiverpool John Moores UniversityMaster of Science in ML and AI
  • 750+ Hours
course iconIIIT BangaloreExecutive PGP in ML and AI
  • 600+ Hours
Data ScientistData AnalystData EngineerAI EngineerData Analysis Using ExcelDeep Learning with Keras and TensorFlowDeployment of Machine Learning ModelsFundamentals of Reinforcement LearningIntroduction to Cutting-Edge AI with TransformersMachine Learning with PythonMaster Python: Advance Data Analysis with PythonMaths and Stats FoundationNatural Language Processing (NLP) with PythonPython for Data ScienceSQL for Data Analytics CoursesAI Advanced: Computer Vision for AI ProfessionalsMaster Applied Machine LearningMaster Time Series Forecasting Using Pythoncourse iconDevOps InstituteDevOps Foundation Certification
  • 16 Hours
Best seller
course iconCNCFCertified Kubernetes Administrator
  • 32 Hours
New
course iconDevops InstituteDevops Leader
  • 16 Hours
KubernetesDocker with KubernetesDockerJenkinsOpenstackAnsibleChefPuppetDevOps EngineerDevOps ExpertCI/CD with Jenkins XDevOps Using JenkinsCI-CD and DevOpsDocker & KubernetesDevOps Fundamentals Crash CourseMicrosoft Certified DevOps Engineer ExperteAnsible for Beginners: The Complete Crash CourseContainer Orchestration Using KubernetesContainerization Using DockerMaster Infrastructure Provisioning with Terraformcourse iconTableau Certification
  • 24 Hours
Recommended
course iconData Visualisation with Tableau Certification
  • 24 Hours
course iconMicrosoftMicrosoft Power BI Certification
  • 24 Hours
Best seller
course iconTIBCO Spotfire Training
  • 36 Hours
course iconData Visualization with QlikView Certification
  • 30 Hours
course iconSisense BI Certification
  • 16 Hours
Data Visualization Using Tableau TrainingData Analysis Using Excelcourse iconEC-CouncilCertified Ethical Hacker (CEH v12) Certification
  • 40 Hours
course iconISACACertified Information Systems Auditor (CISA) Certification
  • 22 Hours
course iconISACACertified Information Security Manager (CISM) Certification
  • 40 Hours
course icon(ISC)²Certified Information Systems Security Professional (CISSP)
  • 40 Hours
course icon(ISC)²Certified Cloud Security Professional (CCSP) Certification
  • 40 Hours
course iconCertified Information Privacy Professional - Europe (CIPP-E) Certification
  • 16 Hours
course iconISACACOBIT5 Foundation
  • 16 Hours
course iconPayment Card Industry Security Standards (PCI-DSS) Certification
  • 16 Hours
course iconIntroduction to Forensic
  • 40 Hours
course iconPurdue UniversityCybersecurity Certificate Program
  • 8 Months
CISSPcourse iconCareer KickstarterFull-Stack Developer Bootcamp
  • 6 Months
Best seller
course iconJob OrientedUI/UX Design Bootcamp
  • 3 Months
Best seller
course iconEnterprise RecommendedJava Full Stack Developer Bootcamp
  • 6 Months
course iconCareer KickstarterFront-End Development Bootcamp
  • 490+ Hours
course iconCareer AcceleratorBackend Development Bootcamp (Node JS)
  • 4 Months
ReactNode JSAngularJavascriptPHP and MySQLcourse iconPurdue UniversityCloud Back-End Development Certificate Program
  • 8 Months
course iconPurdue UniversityFull Stack Development Certificate Program
  • 9 Months
course iconIIIT BangaloreExecutive Post Graduate Program in Software Development - Specialisation in FSD
  • 13 Months
Angular TrainingBasics of Spring Core and MVCFront-End Development BootcampReact JS TrainingSpring Boot and Spring CloudMongoDB Developer Coursecourse iconBlockchain Professional Certification
  • 40 Hours
course iconBlockchain Solutions Architect Certification
  • 32 Hours
course iconBlockchain Security Engineer Certification
  • 32 Hours
course iconBlockchain Quality Engineer Certification
  • 24 Hours
course iconBlockchain 101 Certification
  • 5+ Hours
NFT Essentials 101: A Beginner's GuideIntroduction to DeFiPython CertificationAdvanced Python CourseR Programming LanguageAdvanced R CourseJavaJava Deep DiveScalaAdvanced ScalaC# TrainingMicrosoft .Net Frameworkcourse iconSalary Hike GuaranteedSoftware Engineer Interview Prep
  • 3 Months
Data Structures and Algorithms with JavaScriptData Structures and Algorithms with Java: The Practical GuideLinux Essentials for Developers: The Complete MasterclassMaster Git and GitHubMaster Java Programming LanguageProgramming Essentials for BeginnersComplete Python Programming CourseSoftware Engineering Fundamentals and Lifecycle (SEFLC) CourseTest-Driven Development for Java ProgrammersTypeScript: Beginner to Advanced

Docker vs Containerd: Container Runtimes Compared

By Aashiya Mittal

Updated on Oct 06, 2022 | 14 min read

Share:

Containers have taken cloud technology to another level. Every industry is leveraging container technology to develop and deploy its applications. With containers, you can securely and efficiently package, distribute, and run applications along with their dependencies. In such a way, you do not have to worry about the underlying infrastructure to run your applications. Containers have overtaken the VMs as these are lightweight and do not require abstract physical resources. They can utilize the resources of the underlying system. But to choose the right container for your business needs, you need to conduct a comparative study of Docker vs containerd, and this blog does exactly the same for you.

Just like Docker and Containerd, there are many container runtimes available. But the most commonly used are Docker and Containerd. Both runtimes have their pros and cons and are widely adopted. As a result, businesses today encourage their IT engineers and developers for learning Docker online. In this article, we will discuss containerd vs Docker based on factors like cluster, Node type, monitoring, pos scheduling, plug-ins, and more. Let us start with a head-to-head comparison of the best container runtimes available today.

Docker and containerd: Quick Overview of Their History 

In 2013, the term container was introduced in the market that was started with Docker. Docker was the first container runtime. While on the other hand, Containerd was introduced as an alternative to Docker with its significant focus on simplicity, robustness, and portability.  

People often use the Docker runtime to pull genuine container images, create containers, manage the data center, and network. In contrast, the containerd uses the low-level engine to carry out similar tasks. In 2016, containerd separated from Docker to support other container ecosystems, such as Kubernetes, AWS Fargate, and Rancher.  

Docker vs containerd Head-to-head Comparison

Comparison in terms of implementations and limits

Item Containerd Docker Sandboxed-Container Description
Cluster type Managed Kubernetes clusters, dedicated Kubernetes clusters and managed edge Kubernetes clusters All types Managed Kubernetes clusters and dedicated Kubernetes clusters None
Node type

Supports: 

Supports: 

  • ECS 
  • EBM


 

Supports: 

  • EBM 


 

None
Node OS

Supports: 

  • CentOS 
  • Alibaba Cloud Linux 
  • ACK v1.20.4 version of Windows (Managed edge Kubernetes cluster) 

Supports: 

  • CentOS 
  • Alibaba Cloud Linux 
  • Windows 

Supports: 

  • Alibaba Cloud Linux Customized Edition 
  • You cannot deploy both Docker and Sandboxed-Container on a node. 
  • To deploy both Docker and Sandboxed-Container in a cluster, you can create node pools of different runtime types. 
Container engineer containerd Docker Engineer containerd None
Monitoring Supported Supported Supported None
Container log collection Supported Supported Supports log collection by using sidecar containers. Manual configuration is required. For more information about sidecar configurations, see Use CRDs to collect container text logs in Sidecar mode.
Container stdout collection Supported Supported Supported None
RuntimeClass Not supported Not supported Supported (runV) None
Pod scheduling No configuration is required. No configuration is required.

You must add configurations based on the following rules: 

  • For Kubernetes 1.14.x, you must add the following configuration to the nodeSelector field. 
  • alibabacloud.com/sandboxed-container: Sandboxed-Container.runv 
  • For Kubernetes V1.16.x and later, no extra configuration is required. 
None
HostNetwork Supported Supported Not supported None
exec/logs Supported Supported Supported None
Node data disk Optional Optional Required. The data disk must be at least 200 GiB. None
Network plug-in

Supports: 

Supports: 

  • Flannel 
  • Terway


 

Supports: 

  • Flannel 
  • Terway: supports only the inclusive ENI mode. 


 

None
kube-proxy mode

Supports: 

  • Iptables 
  • IPVS

Supports: 

  • Iptables 
  • IPVS 

Supports: 

  • Iptables 
  • IPVS 
None
Volume plug-in CSI (Excluding managed edge Kubernetes cluster) CSI CSI None
Container root file system OverlayFS OverlayFS DeviceMapper None

Comparison in Terms of Deployment Architectures

Runtime Deployment architecture
Docker kubelet -> dockerd -> containerd -> containerd-shim -> runC containers
containerd kubelet -> containerd -> containerd-shim -> runC containers
Sandboxed-Container V2 kubelet -> (CRI)containerd
                          \-> containerd-shim -> runC containers
                          \-> containerd-shim-rund-v2 -> runV sandboxed containers

Comparison of the commonly used commands provided by Docker Engine and containerd 

Docker uses Docker Engine for container lifecycle management. Sandboxed-Container uses containerd for container lifecycle management. These tools provide different commands that can be used to manage images and containers. The following table describes the commonly used commands provided by Docker Engine and containerd. 

Description Docker Containerd
  docker crictl (recommended)
 
ctr
Queries containers. docker ps crictl ps ctr -n k8s.io c ls
Queries information about one or more containers. docker inspect crictl inspect ctr -n k8s.io c info
Queries container logs. docker logs crictl logs N/A
Runs a command in a container. docker exec crictl exec N/A
Attaches to a container. docker attach crictl attach N/A
Queries resource usage statistics. docker stats crictl stats N/A
Creates a container. docker create crictl create  
Starts one or more containers. docker start crictl start  
Stops one or more containers. docker stop crictl stop N/A
Removes one or more containers. docker rm crictl rm  
Queries images. docker images crictl images  
Queries information about one or more images. docker inspect crictl inspecti N/A
Pulls an image. docker pull crictl pull  
Pushes an image. docker push N/A  
Removes one or more images. docker rmi crictl rmi  
Queries pods. N/A crictl pods N/A
Queries information about one or more pods. N/A crictl inspectp N/A
Starts a new pod. N/A crictl runp N/A
Stops one or more pods N/A crictl stopp N/A

A Deep Dive Into containerd

Docker consists of several different features that build up the container environment. Where the containerd is at its core, allowing you to allocate resources.

Containerd can do the following tasks. 

  • It takes a tap on the resources being allocated to the containers. 
  • It is capable of isolating the processes within containers from the host processes. 
  • You can extract any container image into any host, processing them within an isolated space so there will be no interference with any other container file.  
  • It lets you create a UID namespace within containers that can easily be mapped to different UID on the host system. 
  • It lets you set up environmental variables in any specific container.  
  • You can even add or delete any Linux capabilities while starting a container. 

However, the usage of Containerd is not limited to the above points. Once you start using it, you will get a chance to explore. 

CRI, runc, and CRI-O

CRI stands for container runtime interface, allowing and supporting Kubernetes to run containers efficiently using various types of runtime, but that runtime should be able to support CRI. It is the standard protocol that Kubernetes use for controlling or managing the different runtimes for creating and managing containers. 

CRI acts as an abstraction for another container runtime. Thus, CRI makes it easier for Kubernetes to use any type of container runtimes.  

CRI uses runc (low-level runtime) for implementing the interface. It is beneficial for providing all the low-level functionalities required by the containers to work with the Linux operating system. 

CRI-O is a high-level container runtime that implements the CRI, making it suitable to be used by Kubernetes. You can use CRI-O as an alternative to containerd. It lets the developers pull the desired container images from registries, manage them on disk, and allow you to launch a lower-level runtime for executing the container processes. 

runc is a container runtime that is compatible with OCI. It implements the OCI specification. 

runc is also referred to as reference implementation of OCI. 

It offers all the low-level functionality you can do with the containers. Not only this, it lets you interact with existing low-level Linux features, such as namespaces and control groups. It uses these essential features for developing and executing container processes. 

Below are some alternatives to runc- 

  • crun is a container runtime written in C. 
  • kata-runtime implements the OCI specification as individual lightweight VMs. 
  • gVisor from Google lets you create containers with a dedicated kernel.  

Networking

The significant difference between Docker and containerd is that containerd cannot manage complex networking configurations.  

But, if you want to manage simple networking, you need to tell the containerd for using the host networking. So, for managing more challenging container networking business requirements, you need to create the network namespace using the Container Network Interface (CNI) and link that to your containers. 

To get in-depth knowledge of how both works together, you must go through the best DevOps courses online

Calling containerd Directly

You can simply call the containerd directly. You should use the “ctr” command from the command line tool. This command helps you to pull and push the required images from the OCI-compliant repositories, such as Docker Hub. 

You can run commands that follow. 

ctr image pull Docker.io/library/nginx:latest 

The above command will help you to extract the NGINX image and put it into an isolated part of the host file system.  

Then you can run the following command to create and attach the required namespaces to begin the process. 

ctr run --net-host Docker.io/library/nginx:latest Nginx 

After running it, you will get the following page.  

A Deep Dive Into Docker

Docker is another popular container runtime that uses containerd as an internal runtime. But, the Docker container is easier to manage and run the same tasks as the containerd to get better and more efficient results.  

Docker has made it easier for developers to create, run, test, and deploy applications. It lets you build images as well. In the next section, we will see how you can run containers on the Docker server and create images using Docker CLI.

You can install Docker on any system with different tools for building and running containers. docker comes with a CLI where you can run simple commands for creating container images, pulling images from the repo, and managing containers.  

For a Docker to complete all these tasks successfully, it consists of- 

  • Docker-cli is a command line utility allowing you to interact with Docker. 
  • containerd, docker daemon process that manages the containers to run efficiently.  
  • runc is a low-level runtime. 

Using Docker CLI to Run Containers and Build Images

Unlike containerd, Docker can automatically download the required images from its repo if the command does not find the image locally.  

Another important thing to notice is that Docker names all the containers uniquely at startup, making it easier for everyone to locate a specific container.  

In the case of Docker, you can run the following command from the command-line tool to run the Nginx container.  

For creating new images using Docker, you need to use the Dockerfile. To create a customized image for the NGINX web server, create an index.html file with the following code.  

<!DOCTYPE html> 
<html> 
  <head> 
    <title>My Welcome page!</title> 
  <style> 
html { color-scheme: light dark; } 
body { width: 35em; margin: 0 auto; 
 } 
    </style> 
  </head> 
  <body> 
    <h1>My welcome page!</h1> 
    <p>successfully updated the nginx welcome page.</p> 
  </body> 
</html> 

Now, create a Dockerfile as follows. 

  • FROM nginx:latest 
COPY index.html /usr/share/nginx/html/index.html 
  • For creating the Docker image, use the following command 
Docker build -t mynginx:latest. 
  • For running the locally built container image, hit the following command. 
Docker run -p 80:80 mynginx: latest 

You will get the following page. 

Docker Networking

Docker has built-in drivers for offering network functionality. 

  • A bridge (default network driver) allows you to access the host network without any ingress access from outside. 
  • Host- specifies the host’s networking configuration. 
  • Overlay- it connects several hosts in a Docker swarm allowing different containers to communicate with each other while running on different hosts. 
  • Macvlan- it assigns a MAC address to a container. 

Docker Compose  

It lets you create and run applications in multiple containers. With Docker Compose, you must create a YAML file to define the containers. 

Below is a simple Compose file for a LAMP stack: 

services: 

  apache: 
    build: './apache' 
    restart: always 
    ports: 
      - 80:80 
      - 443:443 
    networks: 
      - frontend 
      - backend 
    volumes: 
      - ./public_html:/usr/local/apache2/htdocs 
      - ./cert/:/usr/local/apache2/cert/ 
    depends_on: 
      - php 
      - mysql 
  php: 
    build: './php' 
    restart: always 
    networks: 
      - backend 
    volumes: 
      - ./public_html:/usr/local/apache2/htdocs 
      - ./tmp:/usr/local/tmp 
  mysql: 
    build: './mysql' 
    restart: always 
    networks: 
      - backend 
    volumes: 
      - ./database:/var/lib/mysql 

Think Complementary, Not Competitive

A Docker is more suitable for a production setup from the developer's perspective. Docker is easier to learn and get along even with beginners. With Docker, you can leverage many features and functionalities that will make your work easier.  

If you are managing a production workload, you might require Docker over containerd.  The containerd runtime is suitable for limited-resource computing environments or for use with container management systems like Kubernetes. You may not be able to use it for development purposes because of its basic interface and lack of ability to build images.

Conclusion

Today, Docker runtime vs containerd is a great debate. But now you know which one wins the developer’s heart and trust. Choosing the right runtime environment for managing containers can be challenging. But it is up to you and your business requirements, which runtime suits well.  Both Docker and containerd have their standards and way of using them. The containerd is a lightweight container runtime for catering to limited-resource computing environments. But, it is considered less as it does not have an intuitive interface allowing users to create images, making it less suitable for the development process. 

There is a significant difference between Docker and containerd, so you cannot use one another as an alternative to each other. Thus, people use Docker to create, test, and execute their containers. If you want to learn more about Docker, you can go for the best way to learn Docker and Kubernetes.  

Frequently Asked Questions (FAQs)

1. Does containerd replace Docker?

2. Is containerd required for Docker?

3. Is Kubernetes dropping Docker?

Aashiya Mittal

Aashiya Mittal

7 articles published

Get Free Consultation

By submitting, I accept the T&C and
Privacy Policy

Suggested Blogs