Wednesday, September 3, 2025
HomeGuest BlogsInstall CRI-O Container Runtime on Ubuntu 22.04|20.04|18.04

Install CRI-O Container Runtime on Ubuntu 22.04|20.04|18.04

This guide will walk you through the installation of CRI-O Container Runtime on Ubuntu 22.04|20.04|18.04. CRI-O is an OCI-based implementation of Kubernetes Container Runtime Interface (CRI) designed to provide an integration path between OCI conformant runtimes and the kubelet.

CRI-O is created to provide following core functionalities:

  • Support multiple image formats including the existing Docker image format
  • Support for multiple means to download images including trust & image verification
  • Container image management (managing image layers, overlay filesystems, etc)
  • Container process lifecycle management
  • Monitoring and logging required to satisfy the CRI
  • Resource isolation as required by the CRI

The libraries used by CRI-O are:

Install CRI-O Container Runtime on Ubuntu 22.04|20.04|18.04

We will use pre-built binary packages to install CRI-O container runtime. Follow the steps below to install CRI-O Container Runtime on Ubuntu 22.04|20.04|18.04.

Step 1: Update System

Ensure your Ubuntu system is updated. If you’re afraid this could break your system you can skip.

sudo apt update && sudo apt -y full-upgrade

It is recommended to reboot your system to ensure it is running on updated version.

[ -f /var/run/reboot-required ] && sudo reboot -f

Step 2: Add CRI-O Kubic repository

Add the Kubic repository which host binary packages for Debian based systems. If using CRI-O with Kubernetes, install the version matching Kubernetes version you’ll setup.

If your Kubernetes version is 1.26, install CRI-O version 1.26. We’ll start by adding the APT repository which contains CRI-O packages:

Ubuntu 22.04/20.04:

OS=xUbuntu_20.04
CRIO_VERSION=1.26
echo "deb https://download.opensuse.org/repositories/devel:/kubic:/libcontainers:/stable/$OS/ /"|sudo tee /etc/apt/sources.list.d/devel:kubic:libcontainers:stable.list
echo "deb http://download.opensuse.org/repositories/devel:/kubic:/libcontainers:/stable:/cri-o:/$CRIO_VERSION/$OS/ /"|sudo tee /etc/apt/sources.list.d/devel:kubic:libcontainers:stable:cri-o:$CRIO_VERSION.list

Ubuntu 18.04:

OS=xUbuntu_18.04
CRIO_VERSION=1.26
echo "deb https://download.opensuse.org/repositories/devel:/kubic:/libcontainers:/stable/$OS/ /"|sudo tee /etc/apt/sources.list.d/devel:kubic:libcontainers:stable.list
echo "deb http://download.opensuse.org/repositories/devel:/kubic:/libcontainers:/stable:/cri-o:/$CRIO_VERSION/$OS/ /"|sudo tee /etc/apt/sources.list.d/devel:kubic:libcontainers:stable:cri-o:$CRIO_VERSION.list

Once the repository is added to your system, import GPG key:

curl -L https://download.opensuse.org/repositories/devel:kubic:libcontainers:stable:cri-o:$CRIO_VERSION/$OS/Release.key | sudo apt-key add -
curl -L https://download.opensuse.org/repositories/devel:/kubic:/libcontainers:/stable/$OS/Release.key | sudo apt-key add -

Step 3: Install CRI-O on Ubuntu22.04|20.04|18.04

When repository is added, update apt cache and install CRI-O on Ubuntu.

sudo apt update
sudo apt install cri-o cri-o-runc

Accept installation prompt with y key.

The following additional packages will be installed:
  conmon containers-common
Suggested packages:
  cri-o-runc | runc containernetworking-plugins
The following NEW packages will be installed:
  conmon containers-common cri-o
0 upgraded, 3 newly installed, 0 to remove and 94 not upgraded.
Need to get 20.2 MB of archives.
After this operation, 99.4 MB of additional disk space will be used.
Do you want to continue? [Y/n] y

Checking the version of CRI-O installed on Ubuntu:

$ apt show cri-o
Package: cri-o
Version: 1.26.1~0
Priority: optional
Section: devel
Maintainer: Peter Hunt <[email protected]>
Installed-Size: 139 MB
Depends: libgpgme11, libseccomp2, conmon, containers-common (>= 0.1.27) | golang-github-containers-common, tzdata
Suggests: cri-o-runc | runc (>= 1.0.0), containernetworking-plugins
Replaces: cri-o-1.22, cri-o-1.23, cri-o-1.24
Homepage: https://github.com/cri-o/cri-o
Download-Size: 30.6 MB
APT-Manual-Installed: yes

Start and enable crio service:

sudo systemctl enable crio.service
sudo systemctl start crio.service

Service status can be checked with the command:

$ systemctl status crio
 crio.service - Container Runtime Interface for OCI (CRI-O)
     Loaded: loaded (/lib/systemd/system/crio.service; enabled; vendor preset: enabled)
     Active: active (running) since Wed 2023-02-15 09:24:21 UTC; 3s ago
       Docs: https://github.com/cri-o/cri-o
   Main PID: 18601 (crio)
      Tasks: 7
     Memory: 11.8M
        CPU: 184ms
     CGroup: /system.slice/crio.service
             └─18601 /usr/bin/crio

Feb 15 09:24:21 jammy crio[18601]: time="2023-02-15 09:24:21.509528773Z" level=warning msg="Error validating CNI config file /etc/cni/net.d/100-crio-bridge.conflist: [failed to find plugin \"bridge>
Feb 15 09:24:21 jammy crio[18601]: time="2023-02-15 09:24:21.509579946Z" level=error msg="Error loading CNI config list file /etc/cni/net.d/200-loopback.conflist: error parsing configuration list: >
Feb 15 09:24:21 jammy crio[18601]: time="2023-02-15 09:24:21.509657796Z" level=info msg="Updated default CNI network name to "
Feb 15 09:24:21 jammy crio[18601]: time="2023-02-15 09:24:21.528747854Z" level=warning msg="Error encountered when checking whether cri-o should wipe containers: open /var/run/crio/version: no such>
Feb 15 09:24:21 jammy crio[18601]: time="2023-02-15 09:24:21.529188571Z" level=info msg="Starting seccomp notifier watcher"
Feb 15 09:24:21 jammy crio[18601]: time="2023-02-15 09:24:21.529249385Z" level=info msg="Create NRI interface"
Feb 15 09:24:21 jammy crio[18601]: time="2023-02-15 09:24:21.529342425Z" level=info msg="NRI interface is disabled in the configuration."
Feb 15 09:24:21 jammy crio[18601]: time="2023-02-15 09:24:21.529632747Z" level=error msg="Writing clean shutdown supported file: open /var/lib/crio/clean.shutdown.supported: no such file or directo>
Feb 15 09:24:21 jammy crio[18601]: time="2023-02-15 09:24:21.529671360Z" level=error msg="Failed to sync parent directory of clean shutdown file: open /var/lib/crio: no such file or directory"
Feb 15 09:24:21 jammy systemd[1]: Started Container Runtime Interface for OCI (CRI-O).

Step 4: Using CRI-O on Ubuntu22.04|20.04|18.04

The command line tool crioctl can be installed through cri-tools package.

sudo apt install cri-tools

Check existence of crictl command:

$ sudo crictl info
{
  "status": {
    "conditions": [
      {
        "type": "RuntimeReady",
        "status": true,
        "reason": "",
        "message": ""
      },
      {
        "type": "NetworkReady",
        "status": false,
        "reason": "NetworkPluginNotReady",
        "message": "Network plugin returns error: Missing CNI default network"
      }
    ]
  }
}

Pull a test image:

$ sudo crictl pull nginx
Image is up to date for docker.io/library/nginx@sha256:c870bf53de0357813af37b9500cb1c2ff9fb4c00120d5fe1d75c21591293c34d

$ sudo crictl pull hello-world
Image is up to date for docker.io/library/hello-world@sha256:6a65f928fb91fcfbc963f7aa6d57c8eeb426ad9a20c7ee045538ef34847f44f1

$ sudo crictl pull busybox
Image is up to date for docker.io/library/busybox@sha256:95cf004f559831017cdf4628aaf1bb30133677be8702a8c5f2994629f637a209

List available images:

$ sudo crictl images
IMAGE                           TAG                 IMAGE ID            SIZE
docker.io/library/alpine        latest              a24bb4013296f       5.85MB
docker.io/library/busybox       latest              1c35c44120825       1.44MB
docker.io/library/hello-world   latest              bf756fb1ae65a       20kB
docker.io/library/nginx         latest              4392e5dad77db       136MB

Create pod sandbox config file:

cat >nginx.json<<EOF
{
  "metadata": {
    "name": "nginx-container",
    "attempt": 1
  },
  "image": {
    "image": "nginx"
  },
  "log_path": "nginx.log",
  "linux": {
    "security_context": {
      "namespace_options": {}
    }
  }
}
EOF

cat >net-pod.json<<EOF
{
  "metadata": {
    "name": "networking",
    "uid": "networking-pod-uid",
    "namespace": "default",
    "attempt": 1
  },
  "hostname": "networking",
  "port_mappings": [
    {
      "container_port": 80
    }
  ],
  "log_directory": "/tmp/net-pod",
  "linux": {}
}
EOF

Run the pod

sudo crictl runp net-pod.json
sudo crictl create nginx.json net-pod.json
sudo crictl ps -a

Enjoy using CRI-O on Ubuntu with Kubernetes. If you want to master Kubernetes administration, checkout the books below.

For installation of CRI-O on CentOS Linux, refer to:

RELATED ARTICLES

Most Popular

Dominic
32260 POSTS0 COMMENTS
Milvus
81 POSTS0 COMMENTS
Nango Kala
6625 POSTS0 COMMENTS
Nicole Veronica
11795 POSTS0 COMMENTS
Nokonwaba Nkukhwana
11854 POSTS0 COMMENTS
Shaida Kate Naidoo
6746 POSTS0 COMMENTS
Ted Musemwa
7023 POSTS0 COMMENTS
Thapelo Manthata
6694 POSTS0 COMMENTS
Umr Jansen
6714 POSTS0 COMMENTS