Understanding about Container’s and its ecosystem

Understanding about Container’s and its ecosystem

Here in this article we will try to understand on a high level about the different layers of technologies that get involved in container runtime implementation. Also we will try to get a brief about the specifications and standards that are in place to govern these container runtime and related tools implementations.

If you are interested in watching the video. Here is the YouTube video on the same.

What are Containers

Containers is layered and complex stack of libraries, runtimes, APIs and standards. A container is a standard unit of software that packages up code and all its dependencies so the application runs quickly and reliably from one computing. It is a OS level virtualization technology. Containers are instances that provide isolated runtime environment on top of Kernel to run the applications.

There are different terminologies that we encounter which are related to the containers but they may be related a runtime tools and technologies, runtime interfaces, runtime specifications and standards.

Let’s try to understand about container ecosystem using the below layered system level diagram of any machine which is being used to run containerized applications.

Cgroups and Namespaces

cgroups, short for control groups, allow administrators to limit and distribute resources among different groups of processes. Namespaces, on the other hand, create isolated environments for processes, separating them from the host system and other processes.

Container Runtimes

It is a low-level implementation of container runtime. It uses the native features of Linux to create and run containers. It follows the OCI standard, and it includes libcontainer, a Go library for creating containers.

runc, crun, gvisor and firecracker are some of the implementations of the container runtime.

Open Container Initiative (OCI)

OCI is a lightweight, open governance structure (project) under linux foundation that primarily focuses in providing open industry standards in the form of Runtime Specifications, Image Specifications and Distribution Specifications.

Container Engine

CRI-O is an implementation of the Kubernetes Container Runtime Interface (CRI) to enable using Open Container Initiative (OCI) compatible runtimes. It is a lightweight alternative to using Docker as the runtime for Kubernetes.

containerd, cri-o, docker are some of technologies that provide the container engine environment.

Container Runtime Interface (CRI)

The CRI is a plugin interface which enables the kubelet to use a wide variety of container runtimes, without having a need to recompile the cluster components. You need a working container runtime on each Node in your cluster, so that the kubelet can launch Pods and their containers.


Docker is a set of platform as a service products that use OS-level virtualization to deliver software in packages called containers.


Kubernetes is an open-source container orchestration system for automating software deployment, scaling, and management.


It is an opensource tool for developing, managing, and running containers on your Linux® systems​.


It is a command-line interface for CRI-compatible container runtimes. You can use it to inspect and debug container runtimes and applications on a Kubernetes node.

Hope you enjoyed reading this article. Thank you..