Skip to content

dockershim

dockershim is a component within the Kubernetes architecture that acts as an adapter between the kubelet and the Docker Daemon^[400-devops__06-Kubernetes__k8s-paas__原理及源码解析__Kubernetes调度机制.md]. Its primary purpose is to translate Kubernetes-specific container operations into Docker API calls, allowing Docker to function as the container runtime for a Kubernetes cluster^[400-devops__06-Kubernetes__k8s-paas__原理及源码解析__Kubernetes调度机制.md].

Function and Architecture

The kubelet, the node agent responsible for running pods, does not interact directly with the Docker API. Instead, it relies on the CRI (container Runtime Interface), a standardized gRPC interface for container operations^[400-devops__06-Kubernetes__k8s-paas__原理及源码解析__Kubernetes调度机制.md]. When a container runtime does not natively implement CRI, a shim is required.

dockershim is responsible for responding to CRI requests (such as creating or starting containers) initiated by the kubelet. It extracts the relevant parameters from these requests and assembles them into Docker API commands, which are then sent to the Docker Daemon^[400-devops__06-Kubernetes__k8s-paas__原理及源码解析__Kubernetes调度机制.md].

Design Context

The existence of dockershim is largely due to historical and architectural reasons. Kubernetes evolved to support multiple container runtimes through CRI, but Docker's interface predates this standard^[400-devops__06-Kubernetes__k8s-paas__原理及源码解析__Kubernetes调度机制.md].

A key design principle of CRI is to focus solely on containers, deliberately avoiding the concept of a Pod^[400-devops__06-Kubernetes__k8s-paas__原理及源码解析__Kubernetes调度机制.md]. Since Pod is a Kubernetes abstraction and not a native concept for many container runtimes, the interface assumes the runtime may not understand Pods. This abstraction layer allows the shim to manage the translation of Kubernetes Pod logic into the specific container lifecycle management required by Docker^[400-devops__06-Kubernetes__k8s-paas__原理及源码解析__Kubernetes调度机制.md].

  • [[Container Runtime Interface (CRI)]]
  • kubelet
  • [[Docker]]

Sources

^[400-devops__06-Kubernetes__k8s-paas__原理及源码解析__Kubernetes调度机制.md]