How containerd compares to runc

Question

How do these two compare?

As far as I understand, runc is a runtime environment for containers. That means that this component provides the necessary environment to run containers. What is the role of containerd then?

If it does the rest (networking, volume management, etc) then what is the role of the Docker Engine? And what about containerd-shim? Basically, I'm trying to understand what each of these components do.

Answer 1

I will give a high level overview to get you started:

• containerd is a container runtime which can manage a complete container lifecycle - from image transfer/storage to container execution, supervision and networking.
• container-shim handle headless containers, meaning once runc initializes the containers, it exits handing the containers over to the container-shim which acts as some middleman.
• runc is lightweight universal run time container, which abides by the OCI specification. runc is used by containerd for spawning and running containers according to OCI spec. It is also the repackaging of libcontainer.
• grpc used for communication between containerd and docker-engine.
• OCI maintains the OCI specification for runtime and images. The current docker versions support OCI image and runtime specs.

More Links:

• Open Container Specification
• A nice dockercon 2016 presentation