We are using plain Kubernetes (without OpenShift) with Docker CE 18.3 as a container engine. I know that this is not supported combination now but it works and we need newer Docker for multistage builds.
Now one customer wants to run our application in OpenShift - will it be problem to use Docker version 18.3 instead of 1.13 which is tested with OpenShift 3.9?
Is there a plan to support new Docker versions in OpenShift even if they are not in official RHEL and Fedora repositories anymore?
Or is there any plan to leave Docker and use Cri-o instead of it?
Thanks a lot,
BTW: What a coincidence! I started with OpenShift yesterday ;-)
This has been the case for some time, due to some choices made within the docker (now moby) project. Using a more upstream version of docker could cause ... random weirdness. Or worse.
OpenShift will stay true to the testing/validation that's done in Kubernetes. That decision is a long discussion in a whole host of github issues for kubernetes and docker.
In version 3.10, our current plan is to make Cri-o fully supported, with docker as the default container runtime. In 3.11, we hope to make Cri-o the default container runtime, with docker fully supported.
When we released RHEL 7 we stated that we'd support docker for the entire 10 year lifecycle, and we'll stay true to that. The political stuff that comes with the versions of docker and how they're released is something that's way beyond my paygrade.
I'm using own Kubernetes 1.10 cluster installed by kubeadm.
Kubernetes 1.9 and 1.10 are also validated with Docker 17.03 as it is written in the linked change-log you provided:
The validated docker versions are the same as for v1.9: 1.11.2 to 1.13.1 and 17.03.x (ref)
Nevertheless multistage builds are from version 17.05 and there we had some problems with high CPU usage which was gone in version 18.03. This is the reason why we use this "unvalidated" combination now.
I understand that this is difficult - on one side there is enterprise world with long term support (10 years for RHEL) and on the other side are Kubernetes with 3 months release cycle. And who knows if there are friendly relations between Docker and Kubernetes community ...
You helped me for sure - now I know that I should finally try Cri-O and hope that multistage build will be also available there in the future ;-)