Description
In #70 we switched to the final standalone version of the cri daemon which has now been integrated into containerd as a plugin. At some point we will need a newer CRI (e.g. to work with a newer Kubernetes) so we should arrange to switch to the plugin version once containerd v1.1 is released containing it (currently v1.1 is at the rc stage).
The plugin version works with Kube v1.10 so once #70 is merged and containerd v1.1 is released (and integrated with LinuxKit) we can update without waiting for a newer Kube to force the issue.
There are two options for integration I think:
- Enable the CRI plugin on the system containerd (can be done at runtime via the config file) and ditch the current cri-containerd container.
- Run an appropriately configured second containerd in a container, superceding the existing cri-containerd container.
Host mounts are currently resolved by the system containerd (having passed through the cri daemon) and we share most of the interesting paths such that cri and kubelet have a reasonably complete (for their needs) shared world with the host. It's unclear what the plugin might require to be running in the system context (CNI plugins? findmnt?) which might make it more desirable to continue running in a container.