The container runtime is software that is responsible for managing containers and container images on a Kubernetes node. containerd is a CNCF (Cloud Native Cloud Foundation) graduated container runtime. It supports Kubernetes natively, and is considered more resource efficient and secure than the Docker Engine for Kubernetes. Until Kubernetes 1.20, Docker Engine was the primary container runtime. However, Dockershim, the Docker Engine integration code in Kubernetes, was deprecated in Kubernetes 1.20, and has been removed in Kubernetes 1.24.
Going forward, you should use containerd in your clusters.
Support for containerd in an admin cluster
Google Distributed Cloud uses containerd for all admin cluster nodes.
Support for containerd in a user cluster
Google Distributed Cloud supports the following OS image types for user cluster nodes:
OS image type | Container runtime |
---|---|
ubuntu | Docker Engine |
ubuntu_containerd | containerd |
cos | containerd |
windows | Docker Engine or containerd |
Restrictions and recommendations
Starting in version 1.13.0, Google Distributed Cloud will no longer support the
ubuntu
OS image type. All cluster nodes will use the containerd runtime.You will not be able to upgrade a cluster that uses Docker Engine to version 1.13.
Starting in version 1.12.0, you can no longer create new clusters that use the
ubuntu
OS image type. That is, you can no longer create new clusters that use the Docker Engine container runtime.If you upgrade a user cluster from 1.11 to 1.12, you can continue using the Docker Engine runtime in your 1.12 cluster. But we strongly recommend that you update your 1.11 cluster to use the containerd runtime before you upgrade to 1.12.
Determine which node pools are using Docker Engine
Ubuntu
List the Ubuntu node pools that use Docker Engine:
kubectl --kubeconfig USER_CLUSTER_KUBECONFIG get onpremnodepools \ -o json -A | jq -r '.items[] |select(.spec.osImageType == "ubuntu")|.metadata.name'
Replace USER_CLUSTER_KUBECONFIG with the path of the user cluster kubeconfig file.
Example output:
ubuntu-node-pool-1 ubuntu-node-pool-3
Windows
All Windows node pools in a user cluster use the same container runtime. The
runtime for Windows nodes is determined by the value of
enableWindowsDataplaneV2
, which is a field in the user cluster
configuration'file.
If enableWindowsDataplaneV2
is true
, all Windows nodes in the user cluster
use containerd. If it is false
, all Windows nodes use Docker Engine.
Run the following command to determine which user clusters have
enableWindowsDataplaneV2
set to false
. This tells you which user clusters
are configured to use Docker Engine for Windows nodes.
kubectl --kubeconfig ADMIN_CLUSTER_KUBECONFIG get onpremuserclusters \ -A -o json | jq -r '.items[] |select(.spec.enableWindowsDataplaneV2 == false)|.metadata.name'
The output lists all user clusters that are configured to use Docker Engine for Windows nodes. For example:
user-cluster-1
Regardless of whether a user cluster has any Windows node pools, if the cluster
has enableWindowsDataplaneV2
set to false
, you will not be able to upgrade
it to version 1.13.
Update Linux node pools to use containerd
For each node pool in the user cluster configuration file, set
osImageType
ubuntu_containerd
or cos
.
Example:
nodePools - name: "my-node-pool" osImageType: "ubuntu_containerd"
Update the user cluster:
gkectl update cluster --kubeconfig ADMIN_CLUSTER_KUBECONFIG --config USER_CLUSTER_CONFIG
Replace the following:
ADMIN_CLUSTER_KUBECONFIG: the path of the admin custer kubeconfig file
USER_CLUSTER_CONFIG: the path of the user cluster configuration file
Update Windows nodes to use containerd
In the user cluster configuration file, set
enableWindowsDataplaneV2
to true
.
enableWindowsDataplaneV2: true
Update the user cluster:
gkectl update cluster --kubeconfig ADMIN_CLUSTER_KUBECONFIG --config USER_CLUSTER_CONFIG
The preceding command sets the container runtime to containerd for all Windows nodes in the cluster.