ANN: cvmfs containerd remote snapshotter

Hello all,

This morning I completed some tests and the remote containerd snapshotter seems to work fine and it allow to run a simple image.

To recap: this will allow to run docker images in k8s without doing any pulling but getting the filesystem of the images directly from cvmfs.
Of course the filesystem of the image must be ingested in cvmfs, and it must follow the structure of

This is definitely a preliminary release and all the feedback is greatly appreciated.

It is possible to download the binary from github:

Also it is available on cvmfs: /cvmfs/

1 Like

Hi Simone,

this is interesting, I don’t have a large cluster to test it. Perhaps @rptaylor who wanted to move his cluster to containerd or @lbryant in UChicago can give it a go.


1 Like

of course @rbritoda too.

1 Like

Even now, quite a few months later, the latest version of Kubespray deploys containerd v1.3.9.
Not sure if I am interpreting the release notes for v.1.4.0 correctly:

Looks like it may have a dependence related to k8s API v1.19 , but our dev cluster is 1.19 so that’s okay, I should be able to start experimenting.

I see the containerd 1.5.0 beta is available, with several changes related to snapshotters:

Using the cvmfs remote snapshotter will require some new config so I will start working on integrating that into Kubespray( [plugins."io.containerd.grpc.v1.cri".containerd] and [proxy_plugins]).
@smosciat Do you know if the config syntax for setting up the containerd remote snapshotter is stable, or is expected to change?

Hi Ryan,

I believe that the general framework will stay in place, but I cannot guarantee that there won’t be any changes. I believe we can expect minor changes in the medium term horizon.

Stuff like change a setting values.

For instance, just yesterday we found a change in the minor containerd releases:

1 Like

GKE also offers older versions of containerd - 1.3.x for COS_containerd and 1.2.x for UBUNTU_containerd. Doing some tests with kubernetes 1.17.x at the time on GKE i wrote something on brute force upgrading the clusters containerd to 1.4.x:

It does work :slight_smile: , there is no dependency on 1.19.x.

At CERN clusters >=1.19 are being deployed with containerd 1.4.x.