Comment by cmckn

3 months ago

> It's implementation of cri plugin.

Right, that’s the point. A user of the CRI should not have to care about this implementation detail.

> containerd is not the only CRI runtime out there.

Any CRI that needs a pause executable should come with one.

1 comment

cmckn

Reply
chupasaurus  3 months ago

> A user of the CRI should not have to care about this implementation detail.

This detail is implemented by K8s, not a container runtime. User has to care about the source of it due to supply chain attacks, though.

> Any CRI that needs a pause executable should come with one.

Which would introduce a simultaneous update across different projects, which is a problem harder than a line of config.