In k8s processes, "kube-controller-manager" is "child process" from docker conainer. Why k8s has that architecture?

The process ID 21186 is runc. And 21257 is kube-controller-manager.

I can’t understand why host’s process is child process.

And, I didn’t know docker container can run host’s process.

Why k8s takes that architecture.

Other processes are same form.

Can you help please? Thank you

[[email protected] ~]# ps -ef | grep 21186
root     21186 10930  0 06:20 ?        00:00:00 containerd-shim -namespace moby -workdir /var/lib/containerd/io.containerd.runtime.v1.linux/moby/3fd66799d02cb2c2f195fd85fadf852b7a7c0905707e6c25d1fdec93c1dc850b -address /run/containerd/containerd.sock -containerd-binary /usr/bin/containerd -runtime-root /var/run/docker/runtime-runc
root     21257 21186  1 06:20 ?        00:00:08 kube-controller-manager --aut....

Source: StackOverflow