Use containerd in DIND scenario

[nmiekley]

use containerd instead of docker in DIND scenario

Motivation

Moved from Discussion to Pull Request:

The original idea of the scenario is that docker is running on the worker nodes and managing the containers for kubernetes. However, with kubernetes deprecation for docker shim this is no longer the case. Now, either containerd or cri-o is used as container runtime for kubernetes.

The same exploit can still be done, we only have to use the containerd. I tested it on AWS EKS and kind, but of course for a cluster with cri-o a different socket needs to be mounted.

I am not sure how to name the updated scenario so I am open to suggestion.

Btw, the current setup also has a funny effect in KIND: here the docker daemon you gain control over is the one on your machine running the kind node. You can still get control of the KIND node and the containerd inside, but that is not really a production relevant scenario. This pull request also avoids the special treatment of kind and you now correctly gain control of the daemon in the cluster nodes.

This would probably solve this: #127

[st4rtr3ck]

Nice work. Thanks for the update.

[madhuakula]

Thanks for the amazing work @nmiekley @st4rtr3ck 🙏