CRI-O follows the Kubernetes release cycles with respect to its minor versions (1. x.y). Patch releases (1.x.z) for Kubernetes are not in sync with those from CRI-O, because they are scheduled for each month, whereas CRI-O provides them only if necessary. If a Kubernetes release goes End of Life, then the corresponding CRI-O version can be considered in the same way. This means that CRI-O also follows the Kubernetes n-2 release version skew policy when it comes to feature graduation, deprecation or removal. This also applies to features that are independent of Kubernetes. Nevertheless, feature backports to supported release branches, which are independent from Kubernetes or other tools like cri-tools, are still possible. This allows CRI-O to decouple from the Kubernetes release cycle and have enough flexibility when it comes to implementing new features. Every feature to be backported will be a case-by-case decision of the community.
Features
- Support multiple image formats including the existing Docker image format
- Support for multiple means to download images including trust & image verification
- Container image management (managing image layers, overlay filesystems, etc)
- Container process lifecycle management
- Monitoring and logging required to satisfy the CRI
- Resource isolation as required by the CRI