- Services: Container Engine for Kubernetes
- Release Date: July 20, 2021
Container Engine for Kubernetes now supports Kubernetes version 1.20.8, in addition to versions 1.19.12, and 1.18.10. Oracle recommends you upgrade your Kubernetes environment to version 1.20.8. For more information about Kubernetes 1.20.8, see the Kubernetes Changelog. With the availability of support for Kubernetes version 1.20.8, Container Engine for Kubernetes will cease support for Kubernetes versions 1.17.13 on August 19th, 2021.
Note the following:
- You can upgrade control plane nodes through unsupported minor versions. Kubernetes requires that you upgrade control plane nodes one minor version at a time. So if a control plane node is running Kubernetes version 1.15.7 (an unsupported minor version), upgrade it to Kubernetes version 1.16.8 (also an unsupported minor version), before upgrading it to 1.17.13.
- With the announcement of support for Kubernetes version 1.20.8, the container runtime used by Container Engine for Kubernetes changes from Docker to CRI-O. However, you don't have to change any of your existing Docker images because Docker images are Open Container Initiative (OCI) compliant. As far as Kubernetes is concerned, all OCI-compliant images look the same. Note the following:
- CRI-O is an implementation of the Kubernetes Container Runtime Interface (CRI), which enables the use of OCI-compatible runtimes. CRI-O can pull your existing Docker images and run them on your Kubernetes version 1.20.8 clusters.
- When using the Docker runtime, the default configuration captures the standard output and standard error streams of containers using the JSON format. In contrast, CRI-O uses the Logrus format. If you use a logging tool such as Fluentd or Fluent Bit, update the tool's configuration to use a new parser to parse CRI logs. For example: if you use Fluentd, use the fluent-plugin-parser-cri parser; if you use Fluent Bit, use the Container Runtime Interface (CRI) parser.
- You might have a workflow in a cluster that relies on the underlying docker socket /var/run/docker.sock (a pattern often referred to as Docker in Docker). Starting with Kubernetes version 1.20.8, such a workflow no longer functions.
- If you previously used the Docker CLI to run commands on a host, you have to use crictl (a CLI for CRI-compatible container runtimes) instead.
- The upstream Kubernetes project is deprecating Docker as a container runtime after Kubernetes version 1.20. For more information about the deprecation of the dockershim adapter (which previously enabled the kubelet to interact with Docker as if Docker were a CRI-compatible runtime), see the Dockershim Deprecation FAQ.
- Container Engine for Kubernetes will cease support for Kubernetes version 1.17.13, on August 19th, 2021. As a result, you will no longer be able to:
- create new clusters running Kubernetes versions 1.17.13
- add new node pools to existing clusters running Kubernetes versions 1.17.13
- If you currently have existing clusters running Kubernetes version 1.17.13, Oracle strongly recommends you immediately upgrade those clusters to Kubernetes versions 1.20.8, 1.19.12, or 1.18.10.
To upgrade a cluster to a new Kubernetes minor version:
- Upgrade the Kubernetes version running on the control plane by following the instructions here.
- Having upgraded the control plane, upgrade the Kubernetes version running on worker nodes in a node pool by following the instructions here.
Always follow the Kubernetes skew policy for Kubernetes minor version support.
Example skew policy:
- Kubernetes control plane nodes are at version 1.20.8
- Kubernetes worker nodes must be at version 1.20.8, 1.19.12, or 1.18.10
Note that although the worker nodes in a node pool must follow the Kubernetes skew policy, you do not have to upgrade them one minor version at a time.
For more information, see Upgrading Clusters to Newer Kubernetes Versions.