Kubernetes (K8) has announced that Docker is being deprecated and won't be supported anymore.

It sounds a drastical decision but we need to understand some details on how Kubernetes works in order to realize this is not a problem at all for most of their users and administrators, in fact it doesn't require any migration process.

Users have started receiving a warning message from Kubernetes 1.20, released on December 8th and the change will be effective in 1.22

Understanding Docker Engine components

Docker provides Docker engine as part of the main set of components required to manage and administrate their own containers.

Docker Engine components are:

  • Server
  • API, for interacting with the server
  • CLI, docker command line interface to use the server

And the server contains the following components:

  • Container runtime, which is responsible of starting and stopping containers, as well for managing lifecycle.
  • Volumes, for persistent data
  • Network, for the containers
  • Build images, required to create new docker images

Why Kubernetes deprecates Docker?

Currently, Kubernetes is installing Docker engine as part of the K8 infrastructure but not all of their components are being used.

It's using their own tools (Kubernetes CLI) in order to replace docker server, API and CLI, also is not making use of docker volumes and networks considering K8 has their own components to manage persistent data and network interfaces. Finally K8 is not in charge of building new docker containers, so it's not using that component either.

K8 is just using the container runtime and that's the main reason why is deprecating Docker in a way of reducing resources and security risk for the infrastructure.

How K8 will use the container runtime without Docker?

The answer is simple, Docker has extracted the container runtime as a separate component called containerd that can be deployed as a standalone container runtime and be used be used by K8 without installing docker engine.

Users will still be using Docker to build their own images through their CI/CD pipeline.

Docker images are using a standard called OCI (Open Container Initiative) that allow docker images to be used in any OCI compliance container runtime. Either containerd, CRI-O or any other runtime will be able to use docker images, meaning that K8 doesn't require extra steps, or any kind of migration process after docker engine is removed from their infrastructure.

Conclusion

This is an internal (and huge) update for K8, so most of the K8 users and administrator shouldn't be worry about the update as long as they are familiar with Kubernetes CLI and they were not using Docker CLI or the API underneath (this is a bad practice for a K8 infrastructure).