Today, the OCI runtime can be used to create a container that closely resembles a process running natively on the host. However, there are some use cases where a process would also require full access to the host filesystem. Therefore, I'd like to propose the creation of a new runtime in containerd, capable of managing uncontained processes. Such a runtime would allow containerd to manage the lifecycle of components that need to co-exist with containerd on the same host, such as the kubelet or the kube-proxy.
Ideally, this should be applicable for both Windows and Linux.
cc @stevvooe
Today, the OCI runtime can be used to create a container that closely resembles a process running natively on the host. However, there are some use cases where a process would also require full access to the host filesystem. Therefore, I'd like to propose the creation of a new runtime in containerd, capable of managing uncontained processes. Such a runtime would allow containerd to manage the lifecycle of components that need to co-exist with containerd on the same host, such as the
kubeletor thekube-proxy.Ideally, this should be applicable for both Windows and Linux.
cc @stevvooe