Kubernetes is deprecating Docker(shim)

 In DevOps

The announcement which came in earlier this month on Kubernetes deprecating docker, left most of them surprised by reading the headline . Lets understand the actual impact .

Kubernetes v1.20 was released on 8th December, with 42 enhancements. One of the major changes include Dockershim deprecation. Its just one component and not the whole docker. Docker is more than just a container runtime.

What’s changing?

Kubernetes uses CRI (container runtime interface)- a plugin interface which enables kubelet to communicate with container runtime. In case of docker, kubelet uses one additional layer called ‘Dockershim’ to communicate with container runtime as docker isn’t compatible with Kubernetes CRI. If it would have been compliant with CRI , kubernetes would not impose this change. (ref the pic above)

Dockershim which is currently built into kubelet is being removed from kubelet as early as k8s v1.23 release, which removes the support for Docker as container runtime.

– K8S v1.20 (current version)- you will get deprecation warning for docker

– K8S v1.23 release in late 2021- docker container runtime support will be removed

Can I still use Docker in Kubernetes 1.20?

Yes, the only thing changing in 1.20 is a single warning log printed at kubelet startup if using Docker as the runtime

Alternate solution?

Start using CRI compliant container-runtime like containerd, cri-o – If you are using containerd directly and not through docker engine, then you are good as containerd is CRI-compliant container runtime – Until you have a concrete plan to upgrade/change your existing docker container runtime to a different container runtime which is CRI-compliant, stick to kubernetes version less than 1.20. – Mirantis and docker have agreed to continue supporting and developing dockershim.

What is container runtime?

Container runtime is responsible for pulling and running your container images. Among different container runtime, Docker is popular. Other container runtime’s include CRI-O, Containerd

What is CRI?

Docker is popular by its name ,features and the first container runtime to be supported by Kubernetes. But down the line, the kubernetes community wanted the ability to run many types of container runtime and not just docker. This resulted in introducing CRI-Container Runtime Interface. The Container Runtime Interface is an integration point between Kubernetes and container runtimes that makes pods (groups of containers) work in Kubernetes clusters.

What’s not changing?

Docker can still be used for building container images and within your CI/CD pipeline projects. Docker builds an OCI-standard container image(open container initiative).You can use the docker build images on any OCI-compliant container runtime – which again circle backs to containerd and cri-o

Recent Posts
Learn Devops

Become a Devops Engineer in 3 months