Kubernetes to Docker

Frequently Asked Questions

What is k2d?

k2d is a container that runs on a Docker Host, and this container listens on port 6443 for Kubernetes API calls. When the container receives Kubernetes API calls, k2d parses and translates them into Docker API instructions, which it executes on the underlying Docker Host.

This allows Linux enabled devices to run JUST the docker engine (or podman) and the translator container (which uses just 20MB of RAM) to enable the Docker instance to understand and act upon Kubernetes API calls.

For example, you can request a pod's deployment, and k2d will parse it into the corresponding docker run command. You can request a deployment, and k2d will parse this into multiple docker run commands. You can request the publishing of a service, and k2d will create a docker network and publish the container on that network. Even request the list of all running pods, and k2d will translate appropriately.

‍Note that not all API commands are implemented. If k2d does not support a command, it will silently fail so as not to break Kubernetes tools that might be interfacing with the translator.

Will you support all Kubernetes APIs, and will k2d get Kubernetes compliance certified?

This project aims to provide a way to manage singular Docker devices at the far edge. The devices do not need to support the entire Kubernetes API command set, so we plan to support a core set of instructions required to deploy containers such as NodeRed, MQTT Broker, SoftPLC, etc. We assume the only requirement would be stateless containers and that only simple port exposure (NodePorts) would be sufficient. Of course, if there are APIs that the community thinks we should add, we will look at adding them accordingly.

Why not just use k3S, k0s, and MicroK8s?

Although these slimmed-down Kubernetes distributions are dramatically lighter than the full upstream Kubernetes, they each require at least 500MB of memory. These options are too heavy for devices at the edge (think IOT/IIOT), where 1GB of RAM is a luxury. In addition, Kubernetes quorum is write IO intensive, so for devices with an SD card as its only storage, the IO overhead can wear out the drives very quickly. Docker does not have a quorum in a single-node deployment, so it has a much lower IO footprint.

Is k2d Open Source?

We are not releasing it as an open-source project while working through the technical challenges and determining the most applicable license to apply. k2d will likely be made open source (under the AGPL license) once we get past early alpha releases.

Is k2d secure?

At first launch or start, the translator will generate a set of TLS certificates and a kubeconfig file. Each of these must be used by any remote connection to the translator (e.g., imported into the kubeconfig file on developer laptops). No anonymous access will be allowed!