Container Runtime Alternatives to runc

by ·0 Comments

What is a “Container Runtime” ?

As already explained in a previous blog (容器生态技术栈 – JciX ~), container runtimes are the components that will take the responsibility to run the container. They will be invoked by container engines (like containerd, and CRI-O), and will create the containers using Linux kernel primitives (like cgroups, and namespaces).

Runc, by all means, is the mostly used one, as it is the default runtime for both containerd and Docker. However, this blog will list some alternatives to runc, some of which are used in specialized domains like secure containers, while the others are trying to implement runtimes using more efficient language compared to runc’s Golang.

Alternatives to Runc

crun

containers/crun: A fast and lightweight fully featured OCI runtime and C library for running containers (github.com)
Crun is a container runtime written in C. As expected, it is more efficient than runc.

youki

containers/youki: A container runtime written in Rust (github.com)
Youki is a container runtime written in Rust. According to official reports, its performance lies between runc and crun.

kata containers

kata-containers/kata-containers: Kata Containers is an open source project and community working to build a standard implementation of lightweight Virtual Machines (VMs) that feel and perform like containers, but provide the workload isolation and security advantages of VMs. https://katacontainers.io/ (github.com)
kata is a container runtime that leverages virtual machines rather than namespaces & cgroups to build the sandbox.

runsc

google/gvisor: Application Kernel for Containers (github.com)
Runsc is the official container runtime of Google’s gVisor. gVisor supports KVM mode as well as ptrace mode.

krun (crun + libkrun)

containers/libkrun: A dynamic library providing Virtualization-based process isolation capabilities (github.com)
Much like kata, krun is a container runtime that leverages the KVM technology.

runwasi

containerd/runwasi: Facilitates running Wasm / WASI workloads managed by containerd (github.com)
The runwasi runtime supports running WASM programs using containerd.

Leave a Reply

Your email address will not be published. Required fields are marked *