Kubernetes is Deprecating Docker as a Container Runtime

First of all, fear not! Kubernetes deprecating Docker as a Container Runtime after v1.20 is not as big a deal as it seems.

The confusion comes from people that misunderstand what Docker is and what it does. Docker is not a container, it is a tech stack that includes a container runtime called containerd. The container runtime is what runs the pods in your cluster.

Kubernetes is making a change and will stop using Dockershim as a tool in favor of runtimes that use the Container Runtime Interface (CRI) created for Kubernetes. There will be a deprecation warning from v1.20 but the change is slated for v1.22, expected to be released in late 2021. However, the containerd runtime will still be supported in Kubernetes.

You can still use Docker in development for building containers and building container images. There will be no change to the way container images are built, especially if you use docker for building images by running docker build. The change won’t affect much for anyone that is an end-user. The image produces by running docker build isn’t docker specific, it’s an Open Container Initiative (OCI) image and both containerd and CRI-O know how to pull and run the images.

The biggest change will be for anyone using a Kubernetes managed service such as AKS (defaults to containerd), EKS, or GKE. For anyone using those service, you will need to make sure your worker nodes use a CRI runtime before Docker support is removed. You might also need to update any node customizations based on the new runtime requirements and your specific environment.

The default runtime in AKS is containerd. So, there shouldn’t be any changes needed.

On GKE, chances are you’re already using a container-Optimized Image (COS) such as cos_optimized or ubuntu_containerd which both use containerd as the container runtime in your GKE cluster. If you need to change the runtime to a containerd runtime, you can use the following command: gcloud container clusters upgrade <CLUSTER_NAME> --image-type COS_CONTAINERD --node-pool <POOL_NAME>.

Currently EKS runs dockerd. There is an open issue to enable containerd as an option.

For anyone managing their own Kubernetes cluster updates, there will be some changes required since there will be a deprecation warning for Docker at v1.20. You would need to switch to a supported runtime such as containerd or CRI-O and ensure that whichever runtime you use can still support any docker daemon configurations you currently use (e.g. logging).

It should be stated, that most workloads aren’t container runtime dependent. This means that you shouldn’t need change much, if anything regarding how your workloads are configured or operate. The few workloads that might have Docker dependencies might be if you run privileged pods that execute docker commands, running scripts on nodes outside of your Kubernetes infrastructure, or when using third-party tools that utilize docker specific log messages.

*Cover Images from kubernetes.io