container switch in Open Shift - unix1998/technical_notes GitHub Wiki

OpenShift primarily uses CRI-O as its default container runtime due to its lightweight nature and compatibility with Kubernetes. However, OpenShift is flexible and can support other container runtimes, including Podman and Docker, although this usually requires some configuration adjustments and considerations.

Changing the Container Runtime in OpenShift

  1. Changing the Default Container Runtime: To switch from CRI-O to another container runtime like Docker or Podman, you would need to adjust the configuration of your OpenShift nodes. This involves:

    • Updating the Kubernetes configuration to point to the new container runtime.
    • Ensuring the chosen container runtime is properly installed and configured on all nodes in the cluster.
    • Making sure the container runtime adheres to the Container Runtime Interface (CRI) standards for compatibility.

  2. Using Multiple Container Runtimes Simultaneously: OpenShift clusters are typically configured to use a single container runtime across all nodes to maintain consistency and compatibility. Running multiple container runtimes in a single cluster is not the standard approach and might introduce complexity and potential issues in terms of management and orchestration.

Steps to Change Container Runtime

To switch from CRI-O to Docker, for example, follow these general steps:

  1. Install the Docker Daemon: Ensure that Docker is installed and running on each OpenShift node.

  2. Configure Kubernetes to Use Docker:

    • Modify the kubelet service configuration on each node to point to the Docker socket (usually /var/run/docker.sock).
    • Update the kubelet configuration file (often found at /etc/sysconfig/kubelet or /etc/kubernetes/kubelet) to include: 
      KUBELET_EXTRA_ARGS="--container-runtime=docker --docker-endpoint=unix:///var/run/docker.sock"

  3. Restart Kubelet:

    • Restart the kubelet service on each node to apply the changes: 
      systemctl restart kubelet

Using Podman

Podman is designed to be a drop-in replacement for Docker with additional features, such as being daemonless and more secure by default. However, as of now, Podman is typically used for building and managing containers on a local development environment rather than as a runtime in a Kubernetes or OpenShift cluster.

Important Considerations

  1. Compatibility: Ensure that the container runtime you choose is fully compatible with OpenShift and Kubernetes.
  2. Support: Check the support policies from Red Hat. Using a non-default container runtime might not be officially supported, which could impact your ability to get help from Red Hat in case of issues.
  3. Performance and Features: Different container runtimes have different performance characteristics and features. Choose the one that best fits your workload requirements and operational practices.

Conclusion

While OpenShift is designed to be flexible, CRI-O is the default and recommended container runtime. Changing to another runtime like Docker or Podman is possible but involves configuration changes and careful consideration of compatibility and support implications. Running multiple container runtimes simultaneously within a single OpenShift cluster is generally not recommended due to the increased complexity and potential for issues.