finds.dev← search

// the find

containerd/containerd

★ 20,911 · Go · Apache-2.0 · updated Jul 2026

An open and reliable container runtime

containerd is the container runtime that sits underneath Docker and Kubernetes — it handles image pulls, container lifecycle, snapshotting, and the CRI interface that kubelets talk to. It's not something you use directly; it's something you embed or integrate with when you're building platforms, orchestrators, or dev tools that need to run containers without pulling in all of Docker.

The plugin architecture is genuinely well-designed — snapshotters (overlay, btrfs, devmapper, zfs) and runtimes (runc shim v2, kata, etc.) slot in without touching core code. The separation between ttrpc (for shim communication) and gRPC (for client-facing APIs) shows careful thought about performance on the hot path. It has real Windows support, not token Windows support — hcsshim integration and a separate Windows build pipeline. The lease system for garbage collection is one of the better solutions to the 'delete image while pulling' race condition problem.

The Go client API is stable but verbose — creating and starting a container takes 15+ lines and you have to understand snapshots, leases, and tasks as separate concepts before anything works. The ctr CLI is explicitly documented as a debugging tool, not a user-facing one, which means there's no good batteries-included story for anyone who wants containerd without Kubernetes. Documentation is scattered across docs/, the website, and the API protos with no single authoritative getting-started path for embedders. The shim protocol versioning (v2 ttrpc vs v3 gRPC) is a real compatibility headache if you're maintaining a custom runtime.

View on GitHub → Homepage ↗

// want more like this?

We dig through GitHub every week and send a few repos picked for what you actually care about — each with an honest take like this one.

Get finds in your inbox → Search again →