Why do our apps have a Dockerfile , if AKS is not compatible with Docker anymore?

<aside> 💡

Kubernetes deprecated Docker as a container runtime in version 1.20 (2020) and removed it in 1.24 (2022). Instead, it now uses Containerd or CRI-O.

✅ The reason: Kubernetes uses the Container Runtime Interface (CRI) to communicate with container runtimes.

🚨 Problem with Docker: Docker does not natively support CRI, so Kubernetes had to use an extra layer called dockershim, which was inefficient.

🔹 What Changed?

Kubernetes dropped dockershim and directly uses Containerd or CRI-O.
Docker itself relies on Containerd internally, so nothing really changes for Kubernetes workloads. </aside>

<aside> 💡

Docker itself relies on containerd internally for container execution. So, when Kubernetes removed support for Docker as a container runtime, it wasn't really removing containerd—it was just removing the extra Docker layer (dockershim) that Kubernetes had to use to communicate with it.

</aside>

Even though AKS no longer directly supports Docker as a runtime, Dockerfiles are still widely used for containerized applications. Here’s why:

1. Dockerfile is Just a Standard for Building Images (OCI-Compatible)

A Dockerfile defines how an image is built, specifying the base image, dependencies, commands, and configurations.
The output of a docker build command is an OCI (Open Container Initiative) compliant image, which Containerd, CRI-O, and Kubernetes can all run.
Even though Docker is not the runtime, the images it produces are fully compatible with Kubernetes and AKS.

Example:

Your Dockerfile might look like this:

FROM node:18
WORKDIR /app
COPY . .
RUN npm install
CMD ["node", "server.js"]

After building it with docker build -t myapp:latest ., the image can be pushed to Azure Container Registry (ACR) or another registry, then deployed to AKS.

2. Kubernetes & AKS Still Use OCI Images (Which Docker Creates)

Kubernetes (and AKS) do not care how an image was built, only that it conforms to OCI standards.

The image can be built using Docker, Podman, Buildah, or Kaniko—but the final output is an OCI-compatible container image, which AKS can run with Containerd.

3. Docker is Still the Most Popular Tool for Building Images

Docker CLI & Docker Desktop are user-friendly and widely adopted.
CI/CD pipelines (GitHub Actions, Azure DevOps, Jenkins) still use Docker for image building.
Many developers are familiar with Dockerfile syntax, so switching to an alternative build system would require retraining.