Container runtimes

From 1.15 onwards, Charmed Kubernetes uses containerd as part of a pluggable architecture for container runtimes. This change has been demonstrated to increase performance, and also provides scope for using different runtimes on a case-by case basis.

Upstream support for the Docker container runtime was removed in the 1.24 release. Thus, the docker subordinate charm will no longer function from Charmed Kubernetes 1.24 onwards.

Configuring containerd

Settings which require additional explanation are described below.

name type Default Description
custom_registries string [] See notes
disable-juju-proxy boolean False Ignore juju-http(s) proxy settings on this charm. If set to true, all juju https proxy settings will be ignored
enable-cgroups boolean False Enable GRUB cgroup overrides cgroup_enable=memory swapaccount=1. WARNING changing this option will reboot the host - use with caution on production services.
gpu_driver string auto Override GPU driver installation. Options are "auto", "nvidia", "none".
http_proxy string URL to use for HTTP_PROXY to be used by Containerd. Useful in egress-filtered environments where a proxy is the only option for accessing the registry to pull images.
https_proxy string URL to use for HTTPS_PROXY to be used by Containerd. Useful in egress-filtered environments where a proxy is the only option for accessing the registry to pull images.
no_proxy string See notes
runtime string auto Set a custom containerd runtime. Set "auto" to select based on hardware.
shim string containerd-shim Set a custom containerd shim.

custom_registries

Description:

Registry credentials. Setting this config allows Kubelet to pull images from registries where auth is required.

The value for this config must be a JSON array of credential objects, like this: [{"url": "https://my.registry:port", "username": "user", "password": "pass"}]

Back to table

no_proxy

Description:

Comma-separated list of destinations (either domain names or IP addresses) which should be accessed directly, rather than through the proxy defined in http_proxy or https_proxy. Must be less than 2023 characters long.

Back to table

Checking the current configuration

To check the current configuration settings for containerd, run the command:

juju config containerd

Setting a config option

To set an option, simply run the config command with an additional <key>=<value> argument. For example, to explicitly turn off the nvidia driver:

juju config containerd gpu_driver=none

Migrating to containerd

If you are upgrading from a version of Charmed Kubernetes that uses the docker subordinate charm for the container runtime, transition to containerd by following the steps outlined in this section of the upgrade notes.

We appreciate your feedback on the documentation. You can edit this page or file a bug here.

See the guide to contributing or discuss these docs in our public Mattermost channel.