Kubernetes 1.20 released in December 2020 with 43 enhancements. The most significant changes for production clusters: the deprecation of Dockershim (the Docker CRI shim) and improvements to graceful node shutdown.
The Dockershim deprecation
Kubernetes 1.20 deprecated Dockershim, the component that allows Kubernetes to use Docker as a container runtime. The deprecation (with actual removal planned for 1.22, then delayed to 1.24) signalled that production clusters should migrate to containerd or CRI-O as their container runtime. For most production workloads, the migration is transparent: container images built with Docker run identically on containerd. The change matters for clusters that use Docker-specific kubelet features.
Graceful node shutdown
Kubernetes 1.20 added graceful node shutdown: when a node is shut down via systemd, Kubernetes signals pods to terminate gracefully rather than having them killed abruptly. Previously, systemd-level node shutdown bypassed the Kubernetes lifecycle hooks, leaving pods without the opportunity to clean up connections or drain in-flight requests. The feature requires kubelet configuration and node-level systemd integration.
The CronJob GA
CronJobs reached GA in 1.20 after years in beta. The GA promotion brought a more stable API (batch/v1 vs batch/v1beta1) and improvements to concurrency policy and deadline handling. CronJobs are the appropriate Kubernetes primitive for periodic batch tasks that need the cluster's resource scheduling, namespace isolation, and monitoring.
Immutable Secrets and ConfigMaps
Kubernetes 1.21 (previewed in 1.20) added immutable Secrets and ConfigMaps. Marking a Secret or ConfigMap as immutable prevents modifications and reduces API server watch load for clusters with large numbers of Secrets (the API server does not need to watch immutable objects for changes). The operational implication: infrastructure patterns that use ConfigMap updates for rolling configuration changes must use mutable ConfigMaps.