Remove docker entirely

pkg/apis/kubeone/config/config.go

@@ -348,10 +348,6 @@ func checkClusterFeatures(cluster kubeoneapi.KubeOneCluster, logger logrus.Field
 		logger.Warnf("Nutanix support is planned to graduate to beta/stable in KubeOne 1.5+")
 	}
 
-	if cluster.ContainerRuntime.Docker != nil {
-		logger.Warnf("Support for docker will be removed with Kubernetes 1.24 release. It is recommended to switch to containerd as container runtime using `kubeone migrate to-containerd`")
-	}
-
 	if cluster.CloudProvider.Vsphere != nil && !cluster.CloudProvider.External && len(cluster.CloudProvider.CSIConfig) > 0 {
 		logger.Warnf(".cloudProvider.csiConfig is provided, but is ignored when used with the in-tree cloud provider")
 	}

pkg/apis/kubeone/helpers.go

@@ -129,87 +129,70 @@ func (h *HostConfig) SetLeader(leader bool) {
 
 func (crc ContainerRuntimeConfig) MachineControllerFlags() []string {
 	var mcFlags []string
-	switch {
-	case crc.Docker != nil:
-		if len(crc.Docker.RegistryMirrors) > 0 {
-			mcFlags = append(mcFlags,
-				fmt.Sprintf("-node-registry-mirrors=%s", strings.Join(crc.Docker.RegistryMirrors, ",")),
-			)
-		}
-	case crc.Containerd != nil:
-		// example output:
-		// -node-containerd-registry-mirrors=docker.io=custom.tld
-		// -node-containerd-registry-mirrors=docker.io=https://secure-custom.tld
-		// -node-containerd-registry-mirrors=registry.k8s.io=http://somewhere
-		// -node-insecure-registries=docker.io,registry.k8s.io
-		var (
-			registryNames                 []string
-			insecureSet                   = map[string]struct{}{}
-			registryCredentialsSecretFlag bool
-		)
-
-		for registry := range crc.Containerd.Registries {
-			registryNames = append(registryNames, registry)
-		}
 
-		// because iterating over map is randomized, we need this to have a "stable" output list
-		sort.Strings(registryNames)
+	// example output:
+	// -node-containerd-registry-mirrors=docker.io=custom.tld
+	// -node-containerd-registry-mirrors=docker.io=https://secure-custom.tld
+	// -node-containerd-registry-mirrors=registry.k8s.io=http://somewhere
+	// -node-insecure-registries=docker.io,registry.k8s.io
+	var (
+		registryNames                 []string
+		insecureSet                   = map[string]struct{}{}
+		registryCredentialsSecretFlag bool
+	)
 
-		for _, registryName := range registryNames {
-			containerdRegistry := crc.Containerd.Registries[registryName]
-			if containerdRegistry.TLSConfig != nil && containerdRegistry.TLSConfig.InsecureSkipVerify {
-				insecureSet[registryName] = struct{}{}
-			}
+	for registry := range crc.Containerd.Registries {
+		registryNames = append(registryNames, registry)
+	}
 
-			for _, mirror := range containerdRegistry.Mirrors {
-				mcFlags = append(mcFlags,
-					fmt.Sprintf("-node-containerd-registry-mirrors=%s=%s", registryName, mirror),
-				)
-			}
+	// because iterating over map is randomized, we need this to have a "stable" output list
+	sort.Strings(registryNames)
 
-			if containerdRegistry.Auth != nil {
-				registryCredentialsSecretFlag = true
-			}
+	for _, registryName := range registryNames {
+		containerdRegistry := crc.Containerd.Registries[registryName]
+		if containerdRegistry.TLSConfig != nil && containerdRegistry.TLSConfig.InsecureSkipVerify {
+			insecureSet[registryName] = struct{}{}
 		}
 
-		if registryCredentialsSecretFlag {
+		for _, mirror := range containerdRegistry.Mirrors {
 			mcFlags = append(mcFlags,
-				fmt.Sprintf("-node-registry-credentials-secret=%s", credentialSecretName),
+				fmt.Sprintf("-node-containerd-registry-mirrors=%s=%s", registryName, mirror),
 			)
 		}
 
-		if len(insecureSet) > 0 {
-			insecureNames := []string{}
+		if containerdRegistry.Auth != nil {
+			registryCredentialsSecretFlag = true
+		}
+	}
 
-			for insecureName := range insecureSet {
-				insecureNames = append(insecureNames, insecureName)
-			}
+	if registryCredentialsSecretFlag {
+		mcFlags = append(mcFlags,
+			fmt.Sprintf("-node-registry-credentials-secret=%s", credentialSecretName),
+		)
+	}
 
-			sort.Strings(insecureNames)
-			mcFlags = append(mcFlags,
-				fmt.Sprintf("-node-insecure-registries=%s", strings.Join(insecureNames, ",")),
-			)
+	if len(insecureSet) > 0 {
+		insecureNames := []string{}
+
+		for insecureName := range insecureSet {
+			insecureNames = append(insecureNames, insecureName)
 		}
+
+		sort.Strings(insecureNames)
+		mcFlags = append(mcFlags,
+			fmt.Sprintf("-node-insecure-registries=%s", strings.Join(insecureNames, ",")),
+		)
 	}
 
 	return mcFlags
 }
 
 func (crc ContainerRuntimeConfig) String() string {
-	switch {
-	case crc.Containerd != nil:
-		return "containerd"
-	case crc.Docker != nil:
-		return "docker"
-	}
-
-	return "unknown"
+	return "containerd"
 }
 
 func (crc *ContainerRuntimeConfig) UnmarshalText(text []byte) error {
 	switch {
-	case bytes.Equal(text, []byte("docker")):
-		*crc = ContainerRuntimeConfig{Docker: &ContainerRuntimeDocker{}}
 	case bytes.Equal(text, []byte("containerd")):
 		*crc = ContainerRuntimeConfig{Containerd: &ContainerRuntimeContainerd{}}
 	default:
@@ -220,25 +203,11 @@ func (crc *ContainerRuntimeConfig) UnmarshalText(text []byte) error {
 }
 
 func (crc ContainerRuntimeConfig) ConfigPath() string {
-	switch {
-	case crc.Containerd != nil:
-		return "/etc/containerd/config.toml"
-	case crc.Docker != nil:
-		return "/etc/docker/daemon.json"
-	}
-
-	return ""
+	return "/etc/containerd/config.toml"
 }
 
 func (crc ContainerRuntimeConfig) CRISocket() string {
-	switch {
-	case crc.Containerd != nil:
-		return "/run/containerd/containerd.sock"
-	case crc.Docker != nil:
-		return "/var/run/dockershim.sock"
-	}
-
-	return ""
+	return "/run/containerd/containerd.sock"
 }
 
 // SandboxImage is used to determine the pause image version that should be used,

pkg/apis/kubeone/helpers_test.go

@@ -77,29 +77,13 @@ func TestFeatureGatesString(t *testing.T) {
 
 func TestContainerRuntimeConfig_MachineControllerFlags(t *testing.T) {
 	type fields struct {
-		Docker     *ContainerRuntimeDocker
 		Containerd *ContainerRuntimeContainerd
 	}
 	tests := []struct {
 		name   string
 		fields fields
 		want   []string
 	}{
-		{
-			name: "docker empty",
-			fields: fields{
-				Docker: &ContainerRuntimeDocker{},
-			},
-		},
-		{
-			name: "docker with mirrors",
-			fields: fields{
-				Docker: &ContainerRuntimeDocker{
-					RegistryMirrors: []string{"my-registry", "other-registry"},
-				},
-			},
-			want: []string{"-node-registry-mirrors=my-registry,other-registry"},
-		},
 		{
 			name: "containerd empty",
 			fields: fields{
@@ -141,10 +125,8 @@ func TestContainerRuntimeConfig_MachineControllerFlags(t *testing.T) {
 
 	for _, tt := range tests {
 		t.Run(tt.name, func(t *testing.T) {
-			crc := ContainerRuntimeConfig{
-				Docker:     tt.fields.Docker,
-				Containerd: tt.fields.Containerd,
-			}
+			crc := ContainerRuntimeConfig{Containerd: tt.fields.Containerd}
+
 			if got := crc.MachineControllerFlags(); !reflect.DeepEqual(got, tt.want) {
 				t.Errorf("ContainerRuntimeConfig.MachineControllerFlags() = \n%v, \nwant\n%v", got, tt.want)
 			}

pkg/apis/kubeone/types.go

@@ -140,19 +140,10 @@ type LoggingConfig struct {
 
 // ContainerRuntimeConfig
 type ContainerRuntimeConfig struct {
-	// Dockerd related configurations
-	Docker *ContainerRuntimeDocker `json:"docker,omitempty"`
-
 	// Containerd related configurations
 	Containerd *ContainerRuntimeContainerd `json:"containerd,omitempty"`
 }
 
-// ContainerRuntimeDocker defines docker container runtime
-type ContainerRuntimeDocker struct {
-	// Configures dockerd with "registry-mirrors"
-	RegistryMirrors []string `json:"registryMirrors"`
-}
-
 // ContainerRuntimeContainerd defines docker container runtime
 type ContainerRuntimeContainerd struct {
 	// A map of registries to use to render configs and mirrors for containerd registries

pkg/apis/kubeone/v1beta1/conversion.go

@@ -30,11 +30,6 @@ func Convert_kubeone_ContainerRuntimeContainerd_To_v1beta1_ContainerRuntimeConta
 	return nil
 }
 
-func Convert_kubeone_ContainerRuntimeDocker_To_v1beta1_ContainerRuntimeDocker(*kubeoneapi.ContainerRuntimeDocker, *ContainerRuntimeDocker, conversion.Scope) error {
-	// Skip conversion
-	return nil
-}
-
 // Convert_v1beta1_Features_To_kubeone_Features is an autogenerated conversion function.
 func Convert_v1beta1_Features_To_kubeone_Features(in *Features, out *kubeoneapi.Features, s conversion.Scope) error {
 	if err := autoConvert_v1beta1_Features_To_kubeone_Features(in, out, s); err != nil {
@@ -105,3 +100,7 @@ func Convert_kubeone_ProviderStaticNetworkConfig_To_v1beta1_ProviderStaticNetwor
 func Convert_kubeone_Addon_To_v1beta1_Addon(in *kubeoneapi.Addon, out *Addon, s conversion.Scope) error {
 	return autoConvert_kubeone_Addon_To_v1beta1_Addon(in, out, s)
 }
+
+func Convert_v1beta1_ContainerRuntimeConfig_To_kubeone_ContainerRuntimeConfig(in *ContainerRuntimeConfig, out *kubeoneapi.ContainerRuntimeConfig, scope conversion.Scope) error {
+	return autoConvert_v1beta1_ContainerRuntimeConfig_To_kubeone_ContainerRuntimeConfig(in, out, scope)
+}

pkg/apis/kubeone/v1beta2/conversion.go

@@ -26,3 +26,7 @@ func Convert_kubeone_KubeOneCluster_To_v1beta2_KubeOneCluster(in *kubeoneapi.Kub
 	// AssetsConfiguration has been removed in the v1beta2 API
 	return autoConvert_kubeone_KubeOneCluster_To_v1beta2_KubeOneCluster(in, out, scope)
 }
+
+func Convert_v1beta2_ContainerRuntimeConfig_To_kubeone_ContainerRuntimeConfig(in *ContainerRuntimeConfig, out *kubeoneapi.ContainerRuntimeConfig, scope conversion.Scope) error {
+	return autoConvert_v1beta2_ContainerRuntimeConfig_To_kubeone_ContainerRuntimeConfig(in, out, scope)
+}

pkg/apis/kubeone/v1beta2/defaults.go

@@ -156,14 +156,7 @@ func SetDefaults_Versions(obj *KubeOneCluster) {
 }
 
 func SetDefaults_ContainerRuntime(obj *KubeOneCluster) {
-	switch {
-	case obj.ContainerRuntime.Docker != nil:
-		return
-	case obj.ContainerRuntime.Containerd != nil:
-		return
-	default:
-		obj.ContainerRuntime.Containerd = &ContainerRuntimeContainerd{}
-	}
+	obj.ContainerRuntime.Containerd = &ContainerRuntimeContainerd{}
 }
 
 func SetDefaults_ClusterNetwork(obj *KubeOneCluster) {