diff --git a/projects/kubernetes/Makefile b/projects/kubernetes/Makefile
index c9e5da86d..8862f2868 100644
--- a/projects/kubernetes/Makefile
+++ b/projects/kubernetes/Makefile
@@ -1,3 +1,5 @@
+KUBE_RUNTIME ?= docker
+
 all: tag-container-images build-vm-images
 
 tag-container-images:
@@ -12,11 +14,11 @@ push-container-images:
 
 build-vm-images: kube-master.iso kube-node.iso
 
-kube-master.iso: kube-master.yml
-	moby build -name kube-master -format iso-efi -format iso-bios kube-master.yml
+kube-master.iso: kube-master.yml $(KUBE_RUNTIME).yml $(KUBE_RUNTIME)-master.yml
+	moby build -name kube-master -format iso-efi -format iso-bios kube-master.yml $(KUBE_RUNTIME).yml $(KUBE_RUNTIME)-master.yml
 
-kube-node.iso: kube-node.yml
-	moby build -name kube-node -format iso-efi -format iso-bios kube-node.yml
+kube-node.iso: kube-node.yml $(KUBE_RUNTIME).yml
+	moby build -name kube-node -format iso-efi -format iso-bios kube-node.yml $(KUBE_RUNTIME).yml
 
 clean:
 	rm -f -r \
diff --git a/projects/kubernetes/README.md b/projects/kubernetes/README.md
index 536b65402..3a1c6300d 100644
--- a/projects/kubernetes/README.md
+++ b/projects/kubernetes/README.md
@@ -11,6 +11,11 @@ Build OS images:
 make build-vm-images
 ```
 
+By default this will build images using Docker Engine for execution. To instead use cri-containerd use:
+```
+make build-vm-images KUBE_RUNTIME=cri-containerd
+```
+
 Boot Kubernetes master OS image using `hyperkit` on macOS: or `qemu` on Linux:
 ```
 ./boot.sh
diff --git a/projects/kubernetes/cri-containerd-master.yml b/projects/kubernetes/cri-containerd-master.yml
new file mode 100644
index 000000000..e69de29bb
diff --git a/projects/kubernetes/cri-containerd.yml b/projects/kubernetes/cri-containerd.yml
new file mode 100644
index 000000000..a3520ef5d
--- /dev/null
+++ b/projects/kubernetes/cri-containerd.yml
@@ -0,0 +1,7 @@
+services:
+  - name: cri-containerd
+    image: linuxkitprojects/cri-containerd:b8b6a48426c2165055534b06fb0119f07e24506a
+files:
+  - path: /etc/kubelet.conf
+    contents: |
+      KUBELET_ARGS="--container-runtime=remote --container-runtime-endpoint=unix:///var/run/cri-containerd.sock"
diff --git a/projects/kubernetes/docker-master.yml b/projects/kubernetes/docker-master.yml
new file mode 100644
index 000000000..ec6298647
--- /dev/null
+++ b/projects/kubernetes/docker-master.yml
@@ -0,0 +1,3 @@
+services:
+  - name: kubernetes-image-cache-control-plane
+    image: linuxkitprojects/kubernetes-image-cache-control-plane:0d818c5b1a7a0a0aa52c2a52e23de784d7fd5e25
diff --git a/projects/kubernetes/docker.yml b/projects/kubernetes/docker.yml
new file mode 100644
index 000000000..03388d91b
--- /dev/null
+++ b/projects/kubernetes/docker.yml
@@ -0,0 +1,27 @@
+services:
+  - name: docker
+    image: docker:17.07.0-ce-dind
+    capabilities:
+     - all
+    pid: host
+    mounts:
+     - type: cgroup
+       options: ["rw","nosuid","noexec","nodev","relatime"]
+    binds:
+     - /dev:/dev
+     - /etc/resolv.conf:/etc/resolv.conf
+     - /lib/modules:/lib/modules
+     - /run:/run
+     - /var:/var:rshared,rbind
+     - /var/lib/kubeadm:/etc/kubernetes
+     - /var/lib/cni/etc:/etc/cni:rshared,rbind
+     - /var/lib/cni/opt:/opt/cni:rshared,rbind
+    rootfsPropagation: shared
+    command: ["/usr/local/bin/docker-init", "/usr/local/bin/dockerd"]
+    runtime:
+      mkdir: ["/var/lib/kubeadm", "/var/lib/cni/etc", "/var/lib/cni/opt"]
+  - name: kubernetes-image-cache-common
+    image: linuxkitprojects/kubernetes-image-cache-common:0d818c5b1a7a0a0aa52c2a52e23de784d7fd5e25
+files:
+  - path: /etc/kubelet.conf
+    contents: ""
diff --git a/projects/kubernetes/kube-master.yml b/projects/kubernetes/kube-master.yml
index d8e1b2f15..a561be679 100644
--- a/projects/kubernetes/kube-master.yml
+++ b/projects/kubernetes/kube-master.yml
@@ -35,38 +35,11 @@ services:
     image: linuxkit/openntpd:0d7befc79842849d0b88d6c3b64200e340d7cf67
   - name: sshd
     image: linuxkit/sshd:505a985d7bd7a90f15eca9cb4dc6ec92789d51a0
-  - name: docker
-    image: docker:17.07.0-ce-dind
-    capabilities:
-     - all
-    pid: host
-    mounts:
-     - type: cgroup
-       options: ["rw","nosuid","noexec","nodev","relatime"]
-    binds:
-     - /dev:/dev
-     - /etc/resolv.conf:/etc/resolv.conf
-     - /lib/modules:/lib/modules
-     - /run:/run
-     - /var:/var:rshared,rbind
-     - /var/lib/kubeadm:/etc/kubernetes
-     - /var/lib/cni/etc:/etc/cni:rshared,rbind
-     - /var/lib/cni/opt:/opt/cni:rshared,rbind
-    rootfsPropagation: shared
-    command: ["/usr/local/bin/docker-init", "/usr/local/bin/dockerd"]
-    runtime:
-      mkdir: ["/var/lib/kubeadm", "/var/lib/cni/etc", "/var/lib/cni/opt"]
-  - name: kubernetes-image-cache-common
-    image: linuxkitprojects/kubernetes-image-cache-common:0d818c5b1a7a0a0aa52c2a52e23de784d7fd5e25
-  - name: kubernetes-image-cache-control-plane
-    image: linuxkitprojects/kubernetes-image-cache-control-plane:0d818c5b1a7a0a0aa52c2a52e23de784d7fd5e25
   - name: kubelet
     image: linuxkitprojects/kubernetes:b73aacdfaad2167f7b193d9b68f7e52186eb188a
 files:
   - path: /etc/kubernetes
     symlink: "/var/lib/kubeadm"
-  - path: /etc/kubelet.conf
-    contents: ""
   - path: /etc/sysctl.d/01-kubernetes.conf
     contents: 'net.ipv4.ip_forward = 1'
   - path: /opt/cni
diff --git a/projects/kubernetes/kube-node.yml b/projects/kubernetes/kube-node.yml
index efc866fb4..a561be679 100644
--- a/projects/kubernetes/kube-node.yml
+++ b/projects/kubernetes/kube-node.yml
@@ -35,36 +35,11 @@ services:
     image: linuxkit/openntpd:0d7befc79842849d0b88d6c3b64200e340d7cf67
   - name: sshd
     image: linuxkit/sshd:505a985d7bd7a90f15eca9cb4dc6ec92789d51a0
-  - name: docker
-    image: docker:17.07.0-ce-dind
-    capabilities:
-     - all
-    pid: host
-    mounts:
-     - type: cgroup
-       options: ["rw","nosuid","noexec","nodev","relatime"]
-    binds:
-     - /dev:/dev
-     - /etc/resolv.conf:/etc/resolv.conf
-     - /lib/modules:/lib/modules
-     - /run:/run
-     - /var:/var:rshared,rbind
-     - /var/lib/kubeadm:/etc/kubernetes
-     - /var/lib/cni/etc:/etc/cni:rshared,rbind
-     - /var/lib/cni/opt:/opt/cni:rshared,rbind
-    rootfsPropagation: shared
-    command: ["/usr/local/bin/docker-init", "/usr/local/bin/dockerd"]
-    runtime:
-      mkdir: ["/var/lib/kubeadm", "/var/lib/cni/etc", "/var/lib/cni/opt"]
-  - name: kubernetes-image-cache-common
-    image: linuxkitprojects/kubernetes-image-cache-common:0d818c5b1a7a0a0aa52c2a52e23de784d7fd5e25
   - name: kubelet
     image: linuxkitprojects/kubernetes:b73aacdfaad2167f7b193d9b68f7e52186eb188a
 files:
   - path: /etc/kubernetes
     symlink: "/var/lib/kubeadm"
-  - path: /etc/kubelet.conf
-    contents: ""
   - path: /etc/sysctl.d/01-kubernetes.conf
     contents: 'net.ipv4.ip_forward = 1'
   - path: /opt/cni