Search icon CANCEL
Subscription
0
Cart icon
Your Cart (0 item)
Close icon
You have no products in your basket yet
Save more on your purchases! discount-offer-chevron-icon
Savings automatically calculated. No voucher code required.
Arrow left icon
Explore Products
Best Sellers
New Releases
Books
Videos
Audiobooks
Learning Hub
Free Learning
Arrow right icon
Arrow up icon
GO TO TOP
Kubernetes – An Enterprise Guide

You're reading from   Kubernetes – An Enterprise Guide Master containerized application deployments, integrate enterprise systems, and achieve scalability

Arrow left icon
Product type Paperback
Published in Aug 2024
Publisher Packt
ISBN-13 9781835086957
Length 682 pages
Edition 3rd Edition
Languages
Tools
Arrow right icon
Authors (2):
Arrow left icon
Marc Boorshtein Marc Boorshtein
Author Profile Icon Marc Boorshtein
Marc Boorshtein
Scott Surovich Scott Surovich
Author Profile Icon Scott Surovich
Scott Surovich
Arrow right icon
View More author details
Toc

Table of Contents (22) Chapters Close

Preface 1. Docker and Container Essentials FREE CHAPTER 2. Deploying Kubernetes Using KinD 3. Kubernetes Bootcamp 4. Services, Load Balancing, and Network Policies 5. External DNS and Global Load Balancing 6. Integrating Authentication into Your Cluster 7. RBAC Policies and Auditing 8. Managing Secrets 9. Building Multitenant Clusters with vClusters 10. Deploying a Secured Kubernetes Dashboard 11. Extending Security Using Open Policy Agent 12. Node Security with Gatekeeper 13. KubeArmor Securing Your Runtime 14. Backing Up Workloads 15. Monitoring Clusters and Workloads 16. An Introduction to Istio 17. Building and Deploying Applications on Istio 18. Provisioning a Multitenant Platform 19. Building a Developer Portal 20. Other Books You May Enjoy 21. Index

Understanding why Kubernetes removed Docker

Kubernetes removed all support for Docker in version 1.24 as a supported container runtime. While it has been removed as a runtime engine option, you can create new containers using Docker and they will run on any runtime that supports the Open Container Initiative (OCI) specification. OCI is a set of standards for containers and their runtimes. These standards ensure that containers remain portable, regardless of the container platform or the runtime used to execute them.

When you create a container using Docker, you are creating a container that is fully OCI compliant, so it will still run on Kubernetes clusters that are running any Kubernetes-compatible container runtime.

To fully explain the impact and the supported alternatives, we need to understand what a container runtime is. A high-level definition would be that a container runtime is the software layer that runs and manages containers. Like many components that make up a Kubernetes cluster, the runtime is not included as part of Kubernetes – it is a pluggable module that needs to be supplied by a vendor, or by you, to create a functioning cluster.

There are many technical reasons that led to the decision to deprecate and remove Docker, but at a high level, the main concerns were as follows:

  • Docker contains multiple pieces inside of the Docker runtime to support its own remote API and user experience (UX). Kubernetes only requires one component in the executable, dockerd, which is the runtime process that manages containers. All other pieces of the executable contribute nothing to using Docker in a Kubernetes cluster. These extra components make the binary bloated and can lead to additional bugs, security, or performance issues.
  • Docker does not conform to the Container Runtime Interface (CRI) standard, which was introduced to create a set of standards to easily integrate container runtimes in Kubernetes. Since it doesn’t comply, the Kubernetes team has had extra work that only caters to supporting Docker.

When it comes to local container testing and development, you can still use Docker on your workstation or server. Considering the previous statement, if you build a container on Docker and the container successfully runs on your Docker runtime system, it will run on a Kubernetes cluster that does not use Docker as the runtime.

Removing Docker will have very little impact on most users of Kubernetes in new clusters. Containers will still run using any standard method, as they would with Docker as the container runtime. If you happen to manage a cluster, you may need to learn new commands when you troubleshoot a Kubernetes node – you will not have a Docker command on the node to look at running containers, clean up volumes, and so on.

Kubernetes supports a number of runtimes in place of Docker. Two of the most commonly used runtimes are as follows:

  • containerd
  • CRI-O

While these are the two commonly used runtimes, there are a number of other compatible runtimes available. You can always view the latest supported runtimes on the Kubernetes GitHub page at https://github.com/kubernetes/community/blob/master/contributors/devel/sig-node/container-runtime-interface.md.

For more details on the impact of deprecating and removing Docker, refer to the article called Don’t Panic: Kubernetes and Docker on the Kubernetes.io site at https://kubernetes.io/blog/2020/12/02/dont-panic-kubernetes-and-docker/.

Introducing Docker

Both the industry and end users were seeking a solution that was both convenient and affordable, and this is where Docker containers came in. While containers have been utilized in different ways over time, Docker has brought about a transformation by providing a runtime and tools for everyday users and developers.

Docker brought an abstraction layer to the masses. It was easy to use and didn’t require a clean PC for every application before creating a package, thus offering a solution for dependency issues, but most attractive of all, it was free. Docker became a standard for many projects on GitHub, where teams would often create a Docker container and distribute the Docker image or Dockerfile to team members, providing a standard testing or development environment. This adoption by end users is what eventually brought Docker to the enterprise and, ultimately, what made it the standard it has become today.

Within the scope of this book, we will be focusing on what you will need to know when trying to use a local Kubernetes environment. Docker has a long and interesting history of how it evolved into the standard container image format that we use today. We encourage you to read about the company and how they ushered in the container world we know today.

While our focus is not to teach Docker inside out, we feel that those of you who are new to Docker would benefit from a quick primer on general container concepts.

If you have some Docker experience and understand terminology such as ephemeral and stateless, you can jump to the Installing Docker section.

Docker versus Moby

When the Docker runtime was developed, it was a single code base. The single code base contained every function that Docker offered, whether you have used them or not. This led to inefficiencies, and it started to hinder the progression of Docker and containers in general.

The following table shows the differences between the Docker and Moby projects.

Feature

Docker

Moby

Development

The primary contributor is Docker, with some community support

It is open-source software with heavy community development and support

Project scope

The complete platform that includes all components to build and run containers

It is a modular platform for building container-based components and solutions

Ownership

It is a branded product, offered by Docker, Inc.

It is an open-source project that is used to build various container solutions

Configuration

A full default configuration is included to make it easy for users to use it quickly

It has more available customizations, providing users with the ability to address their specific requirements

Commercial support

It offers full support, including enterprise support

It is offered as open-source software; there is no support direct from the Moby project

Table 1.1: Docker versus Moby features

To recap – Moby is a project that was started by Docker, but it is not the complete Docker runtime. The Docker runtime uses the components from Moby to create the Docker runtime, which includes the Moby open-source components and Docker’s own open-sourced components.

Now, let’s move on to understanding Docker a little more and how you can use it to create and manage containers.

You have been reading a chapter from
Kubernetes – An Enterprise Guide - Third Edition
Published in: Aug 2024
Publisher: Packt
ISBN-13: 9781835086957
Register for a free Packt account to unlock a world of extra content!
A free Packt account unlocks extra newsletters, articles, discounted offers, and much more. Start advancing your knowledge today.
Unlock this book and the full library FREE for 7 days
Get unlimited access to 7000+ expert-authored eBooks and videos courses covering every tech area you can think of
Renews at $19.99/month. Cancel anytime
Banner background image