Why RunC Is Overtaking Docker in Modern CaaS Platforms

1. CaaS projects replacing Docker with RunC

Major Container‑as‑a‑Service (CaaS) platforms are abstracting Docker by standardizing on the OCI‑compliant runtime RunC and exposing container functionality through a plugin architecture. The three concrete implementations are:

Kubernetes – CRI‑O : CRI‑O replaces the Docker daemon with an OCI daemon (originally named OCID) that implements the Container Runtime Interface (CRI). It delegates container lifecycle management to RunC and provides its own image management and network plugins (e.g., CNM). The project was created after internal debates at Google and is positioned as a non‑Docker branch of the container stack.

Mesos – Unified Containerizer : Mesos now supports both Docker and its native containerizer, moving toward a single “Unified Containerizer”. The design defines three plugin categories: (1) process management, (2) isolation extensions (network, disk, filesystem, volume), and (3) image management (including VM images). The Unified Containerizer aims to provide Docker‑like features while using RunC as the underlying runtime.

Cloud Foundry – Garden : Garden adopts RunC as its runtime and implements a three‑layer abstraction that originated from Warden. It supports network plugins compatible with Kubernetes CNM and can run .NET applications on any Windows version by simulating a container environment. Garden also integrates its own image repository while remaining able to pull Docker images.

All three projects share the core idea of using RunC plus a plugin system to replace Docker’s monolithic daemon.

2. Evolution of the container ecosystem around RunC

After extensive discussion about forking Docker, the industry converged on rebuilding the ecosystem around RunC. Major contributors (Google, Pivotal, Red Hat, Huawei, CoreOS, etc.) have accelerated RunC development, making it a stable, minimal runtime for production. Projects such as riddler (https://github.com/jfrazelle/riddler) demonstrate tooling that converts Docker images to RunC‑compatible images.

3. Recommendations for production use

Docker remains popular for development and testing, but for production‑grade CaaS platforms the consensus is to adopt RunC‑based runtimes. Relying solely on Docker can lead to compatibility and patch‑integration challenges, especially when third‑party vendors customize Docker/Swarm stacks. Evaluating RunC‑based solutions aligns deployments with emerging CaaS standards.

4. Frequently asked technical questions

Is RunC just Docker?

RunC originated from Docker’s libcontainer but has evolved under the OCI umbrella with contributions from many vendors. Docker now contributes only a small portion of RunC’s codebase.

Does RunC have active maintainers?

RunC is actively maintained by a broad community of companies and is the default runtime for Kubernetes, Mesos, and Cloud Foundry. The GitHub contribution graph shows over 100 contributors, with Docker accounting for only two of the top ten.

Why standardization matters

Standard OCI specifications enable collaborative development and prevent ecosystem fragmentation. RunC, as an OCI‑compliant runtime, avoids Docker’s trademark and proprietary extensions, providing a clean, stable base for production containers.

5. Outlook

Cloud Foundry has successfully operated a 250,000‑container cluster using RunC (see https://www.cloudfoundry.org/cloud-foundry-approaching-250000‑containers/).

CRI‑O is expected to become the default Kubernetes runtime once it reaches maturity.

Mesos’ Unified Containerizer is projected to adopt RunC within a year.

Docker is likely to retreat to development/testing scenarios, while RunC dominates production CaaS.

Future work includes broader Docker‑to‑RunC image conversion tools and expanding the plugin ecosystem for dynamic discovery and plug‑and‑play capabilities.

6. References

http://www.dockerinfo.net/1959.html

http://dockone.io/article/1672

http://weibo.com/1901150895/DzV6cDEC1

http://www.infoq.com/cn/articles/docker-standard-container-execution-engine-runc

https://segmentfault.com/a/1190000007157374

http://www.echojb.com/dotnet-other/2016/09/25/213618.html

http://www.wtoutiao.com/p/4fdLO2y.html

http://dockone.io/article/1770

http://dockone.io/article/776

http://www.kubernetes.org.cn/300.html

http://dockone.io/article/1327

http://mp.weixin.qq.com/s/NlyJtev6sVTCGSaGSmVtzg