The runtime layer beneath every Kubernetes cluster
Day 1
Architecture, CLI & Kubernetes Integration
- Containerd architecture: containerd daemon, containerd-shim, runc, snapshotters — the full runtime stack
- CRI plugin: How Kubernetes talks to containerd via the Container Runtime Interface — the integration point
- nerdctl: The Docker-compatible CLI for containerd — daily operations without Docker
- ctr: Low-level containerd CLI for debugging — direct interaction with the daemon
- Image management: Pull, push, tag, convert — OCI and Docker image formats in containerd
- Namespace isolation in containerd: k8s.io vs default namespace — understanding the isolation model
- Snapshotters: overlayfs, native, devmapper, zfs — choosing and configuring the right snapshotter
- Runtime configuration: Sandbox images, registry mirrors, insecure registries — customizing the runtime
- Content store and lease management: How containerd stores and garbage collects image data
- Debugging container startup: containerd logs, shim state, runc state — systematic startup debugging
- Integration with Kubernetes: crictl, sandbox inspection, image garbage collection — node-level operations
What your team walks away with
A clear mental model of the container runtime layer and the tools to debug it — from image pull failures to container startup issues at the containerd level.
- Navigate containerd using nerdctl and ctr for image and container management
- Debug container startup issues at the containerd and shim layer
- Configure registry mirrors and snapshotter settings for your environment
- Understand the full CRI integration from Kubernetes to runc
Book the Containerd training
Ideal for Kubernetes administrators and SREs who need to understand and debug the runtime layer beneath their clusters.
Get in touch