mirantis-container-runtime-icon-medium

Mirantis Container Runtime

Industry Leading Container Runtime

Mirantis Container Runtime enables containers to run efficiently on any substrate, powering business critical applications at the world’s leading companies.

GET STARTED

Home > Mirantis Container Runtime

Running Containers Efficiently, Everywhere

Container runtimes activate and manage the components required to run containers. Mirantis Container Runtime is the industry-leading, high-level runtime at the heart of Mirantis Kubernetes Engine, enabling it to operate Swarm and Kubernetes containers efficiently on any substrate. It is based on containerd, the Cloud Native Computing Foundation (CNCF) core container runtime.

mcr-diagram
mcr-laptop-screen-illustrated

Preferred for Kubernetes

Mirantis Container Runtime is the most popular container runtime for Kubernetes and Swarm, and is validated to work with Kubernetes Container Runtime Interface (CRI).

Runs Anywhere

It ensures Mirantis Kubernetes Engine worker nodes operate efficiently on any substrate. Portable DevOps: operators can use familiar tools and consistent automation, everywhere.

Secure Supply Chain

The most efficient and secure solution for highly regulated industries, our runtime can be integrated with Mirantis Secure Registry and Mirantis Kubernetes Engine, and has the ability to run vulnerability scans on Docker containers.

Key Features & Capabilities

fips-icon-small

Intrinsic Security

Mirantis Container Runtime is secure by default, deploying with restricted host access, end-to-end encryption, secure mutual TLS authentication, and cryptographic node identity. Security features are supported by Mirantis Kubernetes Engine’s FIPS 140-2-compliant cryptographic module, validated by the National Institute of Science and Technology (NIST), and fulfilling key requirements of the Federal Information Security Management Act (FISMA).

illustration

Multiple Operating Systems and Infrastructures

Mirantis Container Runtime is certified to run on multiple operating systems including CentOS, RHEL, Ubuntu, and Windows for consistent runtime regardless of the platform — and orchestrate nodes in Kubernetes, Swarm, or ‘mixed’ configurations.

plugin-icon-small

Certified Plugins

Plugin support lets Mirantis Kubernetes Engine exploit best-in-class Kubernetes container networking fabrics like Calico, Kubernetes ingress solutions such as Istio, and GPU-equipped and other specialized hardware. Component and node capabilities discovered by the plugin are labeled in Mirantis Kubernetes Engine, appropriately tagged, and made immediately available to application deployments for scheduling.

image-signing-icon-small

Enforce Signed Images

Our Kubernetes container runtime lets you validate container provenance by requiring proper digital signing of images before they can be deployed. Users are prevented from using container images or composing containers using base layers from unknown sources.

Get started with Mirantis Container Runtime

Mirantis Container Runtime is the secure container runtime that forms the foundation of Mirantis Container Cloud and Mirantis Kubernetes Engine. Deploy with just two commands.

Get started Read the docs
image thumbnail

FAQ

Q:

What are the supported operating systems that I can host my containers using Mirantis Container Runtime?

A:

Mirantis Container Runtime supports a wide number of popular host operating systems, including RHEL (7.9, 8.2, 8.3, 8.4), Oracle Enterprise Linux (7.8, 7.9), SLES (12 SP5, 15 SP1, SP2, SP3), Ubuntu (18.04.4, 20.04.2), CentOS (7.8.2003, 8.1.1911) and Windows Server 2019 (10.0.17763).

Q:

How do I know my containers are secure when using Mirantis Container Runtime?

A:

Mirantis Container Runtime deploys with restricted host access, end-to-end encryption, secure mutual TLS authentication and cryptographic node identity. Security features are supported by Mirantis Kubernetes Engine’s FIPS 140-2-compliant cryptographic module, validated by the National Institute of Science and Technology (NIST), fulfilling key requirements of the Federal Information Security Management Act (FISMA).

Q:

How do I extend the functionality of my containers when using Mirantis Container Runtime?

A:

Mirantis Container Runtime supports validated and certified plugins for networking, storage, logging, and more.

Q:

Are my containers verified against the latest known vulnerabilities?

A:

Yes, by integrating with Mirantis Secure Registry, containers are validated and signed to ensure that only approved images can be run in your environment.

Q:

What more is provided with Mirantis Container Runtime over the upstream Docker runtime?

A:

Integration with Mirantis Kubernetes Engine and Mirantis Secure Registry, security scanned with CVE (Common Vulnerability & Exposures) fixes in patch releases, FIPS enabled, and optional support packages.