1. Overview

Docker Engine is a general purpose container runtime. Docker can run containers from images, but it can also build images from Dockerfiles. Docker supports multiple different environmens and orchestrators, including Kubernetes.

Container Runtime Interface (CRI) is a plugin interface that lets Kubernetes use a wide variety of container runtimes, including Docker Engine. The interface implements only the features needed to run containers from images. Its goal is to be as simple as possible to complete its given task. Since its range of capabilities is tightly scoped, it can be more easily secured.

docker cri