# containerd containerd is an industry-standard container runtime that manages the complete container lifecycle: image transfer and storage, container execution and supervision, and low-level storage and network attachments. It's the layer between high-level tools like [[Docker]] and the Linux kernel primitives (namespaces, cgroups) that actually isolate containers. Originally built as a core component of Docker, containerd was donated to the CNCF (Cloud Native Computing Foundation) and became a graduated project. This separation allows other tools to build on the same foundation—Kubernetes uses containerd directly as its default runtime, bypassing Docker entirely. This architecture means you can run Kubernetes without Docker installed, using containerd (or alternatives like CRI-O) instead. For most users, containerd is invisible: Docker and Kubernetes abstract it away. But understanding its role clarifies the container stack: CLI tools provide user experience, containerd handles runtime management, and runc (or similar) performs the actual kernel-level isolation. This layered design enables flexibility—swap any component without rebuilding the entire stack. ## Related - [[Docker]] - [[Containerization]] - [[Kubernetes]] - [[Podman]] ## References - https://containerd.io/