Kubernetes Updates

December 04, 2020

Kubernetes is deprecating Docker support and how should you prepare for it?

As of December 02, 2020 Kubernetes has announced that going forward Kubernetes is going to deprecate Docker as their preferred container runtime environment.

In the DevOps community Docker is considered as a backbone when it comes to virtualization and since the inception of Kubernetes in the DevOps community Docker has been the preferred choice by the developer community. So Docker being adopted widely by the developer(real human being) as well as Kubernetes(not a real human being).

1. Why kubernetes deprecating the Docker?

As we know Kubernetes runs a container inside the kubernetes cluster but to interact with container kubelet has to use dockershim which internally communicate with docker and then containerd and finally container

Kubernetes flow with Docker

graph LR A(kubelet) --> B(dockershim) B --> C(docker) C --> D(containerd) D --> E(container)

Here you can see Kubernetes has to deal with dockershim and docker first before it can actually access containerd

Kubernetes flow after deprecating Docker

graph LR A(kubelet) --> B(cri-containerd) B --> C(containerd) C --> D(container)

After deprecating docker Kubernetes need not worry about dockershim and docker, it can directly interact with cri-containerd. But we need to build container images which support CRI-OOpen container Initiative or Containerd

You can see the difference in the flow when Kubernetes is using Docker, it has to maintain overhead of dockershim which is entirely built for supporting UX aspects of the docker and it is really useful for the developers(real human being), not Kubernetes.

2. What about GKE, EKS, AKS ?

Should you need to be worried if you are on GKE, EKS, AKS?

The Answer is - YES

How to safeguard?

To safeguard from Docker deprecation you need to make sure that kubernetes nodes are using the supported container(CRI-OOpen container Initiative or Containerd) runtime otherwise it will be troublesome in the later stages.

Other than that if you have node customizations then you need to work with your cloud service provider to update the environment as well as runtime.

3. What is being planned in Kubernetes Upcoming release?

v1.20.0 - Once you upgarde to v1.20.0 then you will get deprecation warning.

v1.22.0 - The Docker runtime support(dockershim) will be completely removed and you will have to choose from CRI-OOpen container Initiative or Containerd

4. Would this deprecation break other functionalities?

This is a little diabolical because you need to be watchful for -

  1. Supporting scripts - All the scripts which are heavily relying on Docker will break, so you need to take care of the scripting.
  2. kube-imagepuller - If you are using the kube-imagepuller then this update would be a nightmare for you because it is gonna break a lot, so be mindful about it. It is highly recommended to get rid of it before its too late.
  3. Plugins - Any Kubernetes plugin which requires docker CLI will not work anymore
  4. docker CLI - Any scripts which are using docker CLI directly or indirectly will not work.
  5. Node provisioning - Any Node provisioning scripts which uses docker or docker socket will not work

5. What container tool should I use going forward?

Going forward it advisable to use following container tools -

  1. img
  2. buildah
  3. kaniko

Posts in this Series