containerd #24

Supports: bionic xenial


containerd manages the complete container lifecycle of its host system, from image transfer and storage to container execution and supervision to low-level storage to network attachments and beyond.

Charm for Containerd

This subordinate charm deploys the Containerd engine within a running Juju charm application. Containerd is an open platform for developers and sysadmins to build, ship, and run distributed applications in containers.

Containerd focuses on distributing applications as containers that can be quickly assembled from components that are run the same on different servers without environmental dependencies. This eliminates the friction between development, QA, and production environments.


The following states are set by this subordinate:

  • endpoint.{relation name}.available

This state is set when containerd is available for use.

Using the Containerd subordinate charm

The Containerd subordinate charm is to be used with principal charms that need a container runtime. To use, we deploy the Containerd subordinate charm and then relate it to the principal charm.

juju deploy containerd
juju add-relation containerd [principal charm]

Scale out Usage

This charm will automatically scale out with the principal charm.


See config.yaml for list of configuration options.

Contact Information

This charm is available at and contains the open source operations code to deploy on all public clouds in the Juju ecosystem.

Containerd links


(string) Registry credentials. Setting this config allows Kubelet to pull images from registries where auth is required. The value for this config must be a JSON array of credential objects, like this: [{"url": "https://my.registry:port", "username": "user", "password": "pass"}]
(boolean) Enable GRUB cgroup overrides cgroup_enable=memory swapaccount=1. WARNING changing this option will reboot the host - use with caution on production services.
(string) Space separated list of extra deb packages to install.
(string) Override GPU driver installation. Options are "auto", "nvidia", "none".
(string) URL to use for HTTP_PROXY to be used by Docker. Useful in egress-filtered environments where a proxy is the only option for accessing the registry to pull images.
(string) URL to use for HTTPS_PROXY to be used by Docker. Useful in egress-filtered environments where a proxy is the only option for accessing the registry to pull images.
(string) List of signing keys for install_sources package sources, per charmhelpers standard format (a yaml list of strings encoded as a string). The keys should be the full ASCII armoured GPG public keys. While GPG key ids are also supported and looked up on a keyserver, operators should be aware that this mechanism is insecure. null can be used if a standard package signing key is used that will already be installed on the machine, and for PPA sources where the package signing key is securely retrieved from Launchpad.
(string) Set install source.
(string) Comma-separated list of destinations (either domain names or IP addresses) which should be accessed directly, rather than through the proxy defined in http_proxy or https_proxy. Must be less than 2023 characters long.
(string) The status of service-affecting packages will be set to this value in the dpkg database. Valid values are "install" and "hold".
(string) Set a custom containerd shim.