diff --git a/pkg/cri/config/config_unix.go b/pkg/cri/config/config_unix.go
index 54d6808fd..8c511bc5d 100644
--- a/pkg/cri/config/config_unix.go
+++ b/pkg/cri/config/config_unix.go
@@ -21,10 +21,46 @@ package config
 import (
 	"github.com/containerd/containerd"
 	"github.com/containerd/containerd/pkg/cri/streaming"
+	"github.com/pelletier/go-toml"
 )
 
 // DefaultConfig returns default configurations of cri plugin.
 func DefaultConfig() PluginConfig {
+	defaultRuncV2Opts := `
+	# NoPivotRoot disables pivot root when creating a container.
+	NoPivotRoot = false
+
+	# NoNewKeyring disables new keyring for the container.
+	NoNewKeyring = false
+
+	# ShimCgroup places the shim in a cgroup.
+	ShimCgroup = ""
+
+	# IoUid sets the I/O's pipes uid.
+	IoUid = 0
+
+	# IoGid sets the I/O's pipes gid.
+	IoGid = 0
+
+	# BinaryName is the binary name of the runc binary.
+	BinaryName = ""
+
+	# Root is the runc root directory.
+	Root = ""
+
+	# CriuPath is the criu binary path.
+	CriuPath = ""
+
+	# SystemdCgroup enables systemd cgroups.
+	SystemdCgroup = false
+
+	# CriuImagePath is the criu image path
+	CriuImagePath = ""
+
+	# CriuWorkPath is the criu work path.
+	CriuWorkPath = ""
+`
+	tree, _ := toml.Load(defaultRuncV2Opts)
 	return PluginConfig{
 		CniConfig: CniConfig{
 			NetworkPluginBinDir:       "/opt/cni/bin",
@@ -38,7 +74,8 @@ func DefaultConfig() PluginConfig {
 			NoPivot:            false,
 			Runtimes: map[string]Runtime{
 				"runc": {
-					Type: "io.containerd.runc.v2",
+					Type:    "io.containerd.runc.v2",
+					Options: tree,
 				},
 			},
 			DisableSnapshotAnnotations: true,