Bye-bye Docker! Welcome RKE2
Introduction
Docker is regarded as “the standard” when it comes to containers. Almost everyone knows the term “Docker” and often uses it as a synonym for containers. Docker itself quickly gained widespread adoption due to a good product and good timing. Container images are often also referred to as “Docker Images” – which, however, is not correct:
These are OCI Images that function with any OCI-compatible container runtime (the actual standard for containers), such as CRI-O or containerd.
Docker itself is a complete technology stack. The container runtime itself is “containerd”. However, a lot has been developed around it, such as a user interface for developers and much more. We do not need these things in scalable container and Kubernetes environments.
Docker is currently still relatively widespread – however, this product has an expiration date in the Kubernetes environment. Specifically, Docker has been deprecated since Kubernetes v1.20, and support for Docker via “dockershim” will be discontinued in Kubernetes v1.24.
What is “Dockershim”?
The first Kubernetes versions were based on Docker as the container runtime. However, due to its great openness, which also forms the basis for its innovation capability, the Kubernetes project evolved into a construct based on plugins and interfaces. Among other things, this change led to the
For this reason, “dockershim” was implemented. Via dockershim, the container runtime “containerd” can be addressed as a kind of “wrapper” over the CRI:
This architecture is inefficient and can be made leaner and more efficient:
SUSE Rancher RKE1 and RKE2
SUSE Rancher RKE1 provides a rock-solid, mature, and well-established, yet (relatively) old and Docker-technology-based Kubernetes distribution. FullStackS has so far used RKE1 due to its robustness and consistently very good experience.
The successor to RKE1 is RKE2 – also robust and mature – and furthermore highly hardened in terms of security (FIPS-140, CIS 1.6), and RKE2 is based on containerd.
Why has FullStackS used RKE1 until now and now recommends using RKE2?
The reason is that the new Cluster API for provisioning Kubernetes Downstream Clusters in SUSE Rancher was in so-called “Tech Preview” until version v2.6.3:
With the following SUSE Rancher versions, the new Cluster API-based provisioning of RKE2 (and K3S) clusters will become “GA”.
Furthermore, the new provisioning is optimally integrated into our modular Infrastructure as Code platform for SUSE Rancher across all environments (on-prem, edge, and cloud) and can be used immediately.
In our lab, we have developed, tested, and finalized the integration over the past months.
For the setup of new downstream clusters, we consistently recommend using RKE2 starting with the release of SUSE Rancher v2.6.4 and actively avoiding Docker in new projects.
Furthermore, our FullStackS Terraform modules meet all requirements for CIS 1.6 “hardened / restricted” & FIPS-140 compliant Kubernetes clusters.
Interested? Contact us!
TL;DR
More Blog Posts
Vienna, October 1, 2025 – FULLSTACKS, the leading provider of DevOps, Observability, Cloud-Native, and Security in the DACH region, is presenting its new brand image as of October 2025. [...]
In modern IT landscapes, transparency is the key to stable, reliable, and efficient services. Lack of visibility often leads to critical incidents being noticed only when they are already [...]
What is Changing? Bitnami is changing the way container images are published and used: Instead of managing dozens of immutable, version-specific Docker tags in the public Bitnami registry, [...]
Vienna, July 25, 2025 – FullStackS has reached an important milestone in its corporate development: As the only partner in the German-speaking region, FullStackS now holds the Splunk [...]
The financial industry is under immense pressure to change. Regulatory requirements such as DORA, the constant demand for digitalization, and the increasing need for cybersecurity and compliance challenge the [...]
Full Transparency. Real-time Overview. Proactive SAP Monitoring. Our SAP monitoring solution combines Splunk ITSI with the SAP-specific monitoring engine CSMon and customized dashboards from our partners Consult/R and [...]
Why are Standardized Pipelines a Game Changer?Maintaining CI/CD pipelines can quickly become confusing and redundant in larger organizations, especially if each project uses its own templates or manual pipeline [...]
FinOps as a Long-Term Lever, not a One-Off Project Many companies have successfully implemented FinOps and realized initial savings potential. However, the real challenge begins afterwards: How can [...]
Orlando, March 11, 2025 – FullStackS is pleased to announce that they were awarded the title of "Cloud Elevate Partner of the Year" at the SUSE Partner Summit [...]
Intro: how FullStackS Sustainably Operationalizes the Topic of "FinOpS" in Companies. Many companies recognize the importance of FinOps, but the real challenge lies in its implementation. Theory and [...]