Add nerdctl support

[gothka]

Hey! We started using containerd as the runtime on our nodes instead of dockerd and would like to check whether it's possible to ship nerdctl as part of the EKS AMI so it's easier to install and manage container stuff on the node for debugging or any other purposes.

NerdCTL: https://github.com/containerd/nerdctl

Environment:

• AWS Region: us-east-2
• Instance Type(s): Graviton based
• EKS Platform version (use aws eks describe-cluster --name <name> --query cluster.platformVersion): v1.20
• Kubernetes version (use aws eks describe-cluster --name <name> --query cluster.version): v1.20
• AMI Version: ami-09aac4079b301ef20
• Kernel (e.g. uname -a):
• Release information (run cat /etc/eks/release on a node):

[cartermckinnon]

I'm not in favor of adding tools like this to the EKS-optimized AMI, because it:

1. Enlarges our attack surface and support matrix
2. Isn't well-aligned with our charter, which is to support Kubernetes; not a general-purpose container environment. The upcoming removal of the docker command-line is related to this focus.

We'd be more likely to add crictl (though its UX admittedly needs improvement, and is beta software).

@mmerkes what's your opinion on this?

[stevehipwell]

@abhishiekgowtham I think #830 would solve any requirements to modify the Containerd settings at bootstrapping time and if you want to debug the node you can create a container to do this with (Lens have an implementation you could borrow and use with an image with nerdctl).

[cartermckinnon]

I'm going to close this; I recommend you take the container-based approach that @stevehipwell suggested.