Kubernetes v1.24 and later on launches ship without Dockershim after its deprecation in December 2020’s v1.20 release. Dockershim’s no longer readily available as an integrated container runtime. You require to utilize a various supported runtime rather, such as containerd, CRI-O, or Docker Engine with the cri-dockerd adapter.
In this post, we’ll demonstrate how to inspect whether you’re impacted, then discuss how you can move to a various runtime. You must take these actions prior to you update to Kubernetes v1.24 or a later on variation so your cluster’s work aren’t affected.
What Was Dockershim?
Dockershim was established as an essential part so Kubernetes might support more container runtimes. At the start of the task, Kubernetes just dealt with Docker Engine. This constraint was gotten rid of by the intro of the CRI requirement. Any CRI-compatible runtime might now be utilized with Kubernetes, consisting of containerd and CRI-O, an OCI application of the requirement.
While CRI brought brand-new versatility to Kubernetes, it provided a problem for existing clusters. Docker did not have assistance for the CRI requirement so Dockershim was developed to let the Kubernetes group layer compatibility on top. Dockershim was a direct combination with Docker Engine that was constantly meant to be a short-term step.
The container motion is now far more than Docker, as the initial Kubernetes press to CRI shows. Docker itself has actually divided into specific elements with its runtime drawn out as containerd, a graduate of the Cloud Native Computing Foundation (CNCF).
containerd is completely supported by Kubernetes and more fit to standalone usage in cloud environments. Kubernetes does not need the Docker CLI and its bunch of functions to run your Pods; all it requires is the capability to begin and run containers at a fairly low level. Dockershim has actually been gotten rid of since it was challenging to preserve. Its usage produced vulnerable code that was firmly paired to Docker Engine’s application.
Checking Whether You’re Using Dockershim
Recently developed clusters on contemporary platforms are extremely not likely to be utilizing Dockershim. This consists of clusters handled by popular cloud service providers such as Amazon EKS, Azure AKS, Google GKE, and DigitalOcean DOKS.
You’re probably to require to do something about it if you preserve your own cluster and very first set it up numerous years earlier. You can examine whether you’re utilizing Dockershim as the runtime for any of your Nodes by running this Kubectl command:
$ kubectl get nodes -o large NAME STATUS VERSION CONTAINER-RUNTIME node-1 Ready v1.22.8 docker://193.1 node-2 Ready v1.228 containerd:// 1.4.13
In this example, among the nodes is utilizing containerd and can be left as-is. The other node is set up utilizing Docker and might be impacted by the Dockershim elimination. You can examine by running this command on the Node:
$ tr 0'' <
