crictl

List containers

$ crictl ps

$ crictl ps -a

$ crictl images

$ crictl pull [image:tag]

$ crictl runp [pod.json]

$ crictl create [pod-id] [container.json] [pod.json]

$ crictl start [container-id]

$ crictl exec -it [container-id] [/bin/sh]

$ crictl logs [container-id]

$ crictl rm [container-id]

$ crictl stopp [pod-id] && crictl rmp [pod-id]

crictl [globaloptions] command [options] [arguments_]

crictl is a command-line interface for CRI-compatible container runtimes. CRI (Container Runtime Interface) is the plugin interface that enables Kubernetes to work with different container runtimes. crictl provides debugging and inspection tools for Kubernetes nodes, interacting directly with containerd, CRI-O, or other CRI-compliant runtimes.
Unlike docker or podman which are designed for general container management, crictl is specifically built for Kubernetes troubleshooting. It exposes the CRI API operations, allowing cluster administrators to inspect pod sandboxes, containers, and images as they exist in the CRI runtime layer, helping diagnose issues with pod scheduling, container creation, and image pulling.

-r, --runtime-endpoint endpoint

CRI runtime endpoint

CRI image endpoint

Connection timeout

Enable debug output

~/.crictl.yaml or /etc/crictl.yaml

$ runtime-endpoint: unix:///run/containerd/containerd.sock
image-endpoint: unix:///run/containerd/containerd.sock
timeout: 10
debug: false

ps

List containers

List pods

List images

Pull image

Run a new container

Execute command in container

View container logs

Attach to container

Start/stop container

Remove container

Remove image

Run/stop/remove pod

Inspect container

Inspect image

Inspect pod

Container resource usage

Runtime info

Must run with appropriate privileges. Different from docker CLI commands. Primarily for debugging Kubernetes nodes, not general container management.

kubectl(1), ctr(1), podman(1)