Rancher Operational Advisory: Related to deprecation of dockershim in Kubernetes v1.20

Table of Contents

Dear Rancher Customer,

As announced on the official Kubernetes blog, the dockershim, which enables the use of the Docker Daemon as the container runtime in Kubernetes, will be deprecated with the upcoming Kubernetes v1.20 release.

What is dockershim?

The dockershim is built into Kubernetes to provide a Container Runtime Interface (CRI) compliant layer between the kubelet and the Docker Daemon. The shim is necessary because Docker Daemon is not CRI-compliant.

What does deprecation of dockershim in Kubernetes v1.20 mean?

The dockershim will only be deprecated in Kubernetes v1.20, and will not yet be removed from the kubelet. As a result, no immediate action needs to be taken and Kubernetes clusters can continue to operate with the Docker Daemon container runtime in Kubernetes v1.20. The only change at this time will be a deprecation warning printed in the kubelet logs when running on Docker.

What are Rancher's plans to ensure on-going container runtime support in future Kubernetes releases?

Update, Feb 5, 2021:

Rancher plans to implement the upstream open source community Dockershim announced by Mirantis and Docker to ensure RKE clusters can continue to leverage Docker as their container runtime. Users of RKE will be able to continue upgrading and building new RKE clusters leveraging Docker as the runtime and install method.

For users looking to use another container runtime, Rancher has the edge-focused K3s and datacenter-focused RKE2/RKE Government distributions based on the containerd runtime. Customers can deploy these today and import the clusters into Rancher. Imported RKE2/RKE Government and K3s clusters can then be upgraded and managed through Rancher going forward.

In the meantime, if you have any questions please reach out to your Customer Success Manager or Rancher Support via a Support Ticket.

We are working on our roadmap to ensure that all Rancher provisioned clusters will continue to operate on a CRI-compliant runtime. 

For existing RKE customers, users will continue to get Kubernetes updates until the shim is officially removed. The removal is currently targeted for late 2021 and will be supported with patches during the 12-month upstream maintenance window. Before the end of maintenance, we fully expect an upgrade path from RKE to RKE2. 

Looking forward, containerd is already the default runtime in both K3s and RKE2, so any removal of dockershim will have zero impact on future releases. As with RKE, organizations currently using K3s with the Docker runtime will continue to get Kubernetes updates until the shim is officially removed. The dockershim deprecation schedule is tracked by the upstream Kubernetes community in Kubernetes Enhancement Proposal (KEP) 1985. Rancher will continue to keep you updated with related news on the roadmap from our product management, as well as information related to migration off of Docker.


Simply submit a request via this portal referencing this article and we will track and respond to your question as a Support Ticket.


Rancher Support Team

Was this article helpful?
6 out of 6 found this helpful



Article is closed for comments.