containerd

containerd [OPTIONS]
containerd command [COMMAND OPTIONS]

--config value, -c value
    Specify the path to the configuration file. Default is typically /etc/containerd/config.toml.

--root value
    Set the root directory for containerd state. This stores persistent data like images. Default is often /var/lib/containerd.

--state value
    Set the state directory for containerd runtime data. This stores volatile runtime data. Default is often /run/containerd.

--address value, -a value
    Define the address for the containerd gRPC API socket. Default is usually /run/containerd/containerd.sock.

--metrics-address value
    Specify the address to expose Prometheus metrics for monitoring containerd's performance.

--log-level value
    Set the level of logging detail for containerd (e.g., debug, info, warn, error). Default is info.

--help, -h
    Display help information for the containerd command or a specific subcommand.

--version, -v
    Print the version of the containerd daemon currently installed.

containerd is an industry-standard, open-source container runtime that manages the complete container lifecycle of its host system. It was originally a component of Docker and was later donated to the Cloud Native Computing Foundation (CNCF). containerd handles image transfer and storage, container execution, supervision, and low-level storage and network attachment. It provides a robust, stable, and extensible platform for managing containers.

While often running silently in the background, containerd serves as the core component for popular container orchestrators like Kubernetes and container engines like Docker. It abstracts away the complexities of interacting with the underlying operating system and OCI (Open Container Initiative) runtimes (like runc), providing a high-level API over gRPC for managing containers. Developers and operators typically interact with containerd through higher-level tools like docker or nerdctl, rather than directly. Its focus on stability, performance, and OCI compliance makes it a fundamental building block in modern containerized environments.

containerd is primarily a daemon process designed for programmatic interaction via its gRPC API, not direct command-line usage by end-users for daily container operations. Most users interact with it indirectly through higher-level tools like docker, kubelet, or nerdctl.

Its configuration, often handled via /etc/containerd/config.toml, can be complex and requires a good understanding of container runtimes. Debugging direct containerd issues often requires examining logs, inspecting its internal state, or using low-level tools like ctr (the containerd CLI) or nerdctl.

containerd typically runs as a long-running daemon process, usually managed by a service manager like systemd. It listens for gRPC requests on a Unix socket (default /run/containerd/containerd.sock) or a TCP port, handling container lifecycle events.

The primary configuration for containerd is done via the /etc/containerd/config.toml file. This TOML-formatted file allows specifying various settings, including plugin configurations, runtime options, CGroup drivers, and snapshotter details.

containerd utilizes runtime shims (like containerd-shim) to manage container processes. These shims provide a stable supervisor for each container, decoupling the container's lifecycle from the main containerd daemon, enhancing robustness and isolation.

containerd originated as a core component within the Docker engine. Recognizing the need for a standardized, pluggable container runtime that could serve a broader ecosystem, Docker Inc. donated containerd to the Cloud Native Computing Foundation (CNCF) in March 2017. This move aimed to foster greater collaboration and solidify containerd's role as a robust, industry-standard runtime. It has since progressed through the CNCF incubation process and achieved graduated status, signifying its maturity, widespread adoption, and a thriving community. Its development has consistently focused on OCI compliance, stability, and providing a clean, minimal interface for managing containers.

docker(1), dockerd(8), kubelet(8), nerdctl(1), runc(8), ctr(1), systemctl(1)