Microsoft Warns AKS Kubernetes Users of Docker Runtime Deprecation
Linux-based AKS users don't need to do anything. Windows users need to switch to containerd.
Microsoft warned users of its Azure Kubernetes Service (AKS) of the upcoming deprecation of the Docker runtime in the popular Kubernetes ecosystem.
However, while that sounds ominous, users alarmed by "Kubernetes Is Deprecating Docker" headlines can rest assured that it's really not that big of a deal. It's not like two joined-at-the-hip container kingpins are breaking up their relationship that changed the IT industry. Instead, the Docker runtime is being deprecated in favor of an industry standard in Kubernetes, the open source container orchestration system that's increasingly used for general automation of software deployment, scaling and management.
The deprecation's potential to cause alarm among Docker developers was recognized back in December 2020 when the upcoming move was announced, as the headline for the announcement post read "Don't Panic: Kubernetes and Docker."
The post quickly allayed fears with a TL;DR: "Docker as an underlying runtime is being deprecated in favor of runtimes that use the Container Runtime Interface (CRI) created for Kubernetes. Docker-produced images will continue to work in your cluster with all runtimes, as they always have."
A Jan. 7 update on the project explains more about the "why" of the move:
Docker was the first container runtime used by Kubernetes. This is one of the reasons why Docker is so familiar to many Kubernetes users and enthusiasts. Docker support was hardcoded into Kubernetes -- a component the project refers to as dockershim. As containerization became an industry standard, the Kubernetes project added support for additional runtimes. This culminated in the implementation of the container runtime interface (CRI), letting system components (like the kubelet) talk to container runtimes in a standardized way. As a result, dockershim became an anomaly in the Kubernetes project. Dependencies on Docker and dockershim have crept into various tools and projects in the CNCF ecosystem ecosystem, resulting in fragile code.
By removing the dockershim CRI, we're embracing the first value of CNCF: "Fast is better than slow". Stay tuned for future communications on the topic!
Microsoft issued its warning in a Jan. 21 post titled "Dockership deprecation and AKS." It noted that dockershim will be removed in the Kubernetes 1.24 release, planned for April.
"The huge success of Docker in energizing the tech community around containers has been truly amazing to see," said Justin Davies of the AKS team. "As containers are the foundation of Kubernetes, it goes hand in hand that Docker was a core part of the platform. As Kubernetes matured, and the needs of the community and our customers grew, the tight coupling of Docker to Kubernetes through dockershim (the interface between the Kubernetes platform and the Docker runtime) needed to evolve. On 2 December 2020, with the release of Kubernetes 1.20, Kubernetes announced it is deprecating Docker as a container runtime, through the use of dockershim, in a future release of Kubernetes."
Microsoft's advice for users of supported Kubernetes versions in AKS differs for Linux and Windows, but both camps of users were advised to use containerd as the container runtime. "Containerd Now Available as Runtime Option for Kubernetes" was announced way back in May 2018. Here's Microsoft's advice:
- For Linux node pools, there is no action required on your part. All supported Kubernetes versions on AKS use containerd as the default runtime for Kubernetes 1.19 and greater.
- For Windows Server 2019 node pools, in January 2021, we announced the general availability of containerd as the default container runtime for Kubernetes 1.23 and greater. If you are using a cluster with a Kubernetes version prior to 1.23, you can create a new node pool with containerd enabled before the switch over to it being the default in 1.23 then move your pods to the new pool.
David Ramel is an editor and writer for Converge360.