diff --git a/pkg/kubelet/kubelet.go b/pkg/kubelet/kubelet.go
index e2133daa28a..2830f7c0709 100644
--- a/pkg/kubelet/kubelet.go
+++ b/pkg/kubelet/kubelet.go
@@ -850,12 +850,6 @@ func NewMainKubelet(kubeCfg *kubeletconfiginternal.KubeletConfiguration,
 	klet.admitHandlers.AddPodAdmitHandler(evictionAdmitHandler)
 
 	if utilfeature.DefaultFeatureGate.Enabled(features.Sysctls) {
-		// add sysctl admission
-		runtimeSupport, err := sysctl.NewRuntimeAdmitHandler(klet.containerRuntime)
-		if err != nil {
-			return nil, err
-		}
-
 		// Safe, whitelisted sysctls can always be used as unsafe sysctls in the spec.
 		// Hence, we concatenate those two lists.
 		safeAndUnsafeSysctls := append(sysctlwhitelist.SafeSysctlWhitelist(), allowedUnsafeSysctls...)
@@ -863,7 +857,6 @@ func NewMainKubelet(kubeCfg *kubeletconfiginternal.KubeletConfiguration,
 		if err != nil {
 			return nil, err
 		}
-		klet.admitHandlers.AddPodAdmitHandler(runtimeSupport)
 		klet.admitHandlers.AddPodAdmitHandler(sysctlsWhitelist)
 	}
 
diff --git a/pkg/kubelet/sysctl/BUILD b/pkg/kubelet/sysctl/BUILD
index f8c52b92d92..d9d32b5abda 100644
--- a/pkg/kubelet/sysctl/BUILD
+++ b/pkg/kubelet/sysctl/BUILD
@@ -10,14 +10,12 @@ go_library(
     name = "go_default_library",
     srcs = [
         "namespace.go",
-        "runtime.go",
         "whitelist.go",
     ],
     importpath = "k8s.io/kubernetes/pkg/kubelet/sysctl",
     deps = [
         "//pkg/apis/core/validation:go_default_library",
         "//pkg/apis/policy/validation:go_default_library",
-        "//pkg/kubelet/container:go_default_library",
         "//pkg/kubelet/lifecycle:go_default_library",
     ],
 )
diff --git a/pkg/kubelet/sysctl/runtime.go b/pkg/kubelet/sysctl/runtime.go
deleted file mode 100644
index 8b37c65c55a..00000000000
--- a/pkg/kubelet/sysctl/runtime.go
+++ /dev/null
@@ -1,95 +0,0 @@
-/*
-Copyright 2016 The Kubernetes Authors.
-
-Licensed under the Apache License, Version 2.0 (the "License");
-you may not use this file except in compliance with the License.
-You may obtain a copy of the License at
-
-    http://www.apache.org/licenses/LICENSE-2.0
-
-Unless required by applicable law or agreed to in writing, software
-distributed under the License is distributed on an "AS IS" BASIS,
-WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-See the License for the specific language governing permissions and
-limitations under the License.
-*/
-
-package sysctl
-
-import (
-	"fmt"
-
-	"k8s.io/kubernetes/pkg/kubelet/container"
-	"k8s.io/kubernetes/pkg/kubelet/lifecycle"
-)
-
-const (
-	UnsupportedReason = "SysctlUnsupported"
-	// CRI uses semver-compatible API version, while docker does not
-	// (e.g., 1.24). Append the version with a ".0".
-	dockerMinimumAPIVersion = "1.24.0"
-
-	dockerTypeName = "docker"
-)
-
-// TODO: The admission logic in this file is runtime-dependent. It should be
-// changed to be generic and CRI-compatible.
-
-type runtimeAdmitHandler struct {
-	result lifecycle.PodAdmitResult
-}
-
-var _ lifecycle.PodAdmitHandler = &runtimeAdmitHandler{}
-
-// NewRuntimeAdmitHandler returns a sysctlRuntimeAdmitHandler which checks whether
-// the given runtime support sysctls.
-func NewRuntimeAdmitHandler(runtime container.Runtime) (*runtimeAdmitHandler, error) {
-	switch runtime.Type() {
-	case dockerTypeName:
-		v, err := runtime.APIVersion()
-		if err != nil {
-			return nil, fmt.Errorf("failed to get runtime version: %v", err)
-		}
-
-		// only Docker API version >= 1.24 supports sysctls
-		c, err := v.Compare(dockerMinimumAPIVersion)
-		if err != nil {
-			return nil, fmt.Errorf("failed to compare Docker version for sysctl support: %v", err)
-		}
-		if c >= 0 {
-			return &runtimeAdmitHandler{
-				result: lifecycle.PodAdmitResult{
-					Admit: true,
-				},
-			}, nil
-		}
-		return &runtimeAdmitHandler{
-			result: lifecycle.PodAdmitResult{
-				Admit:   false,
-				Reason:  UnsupportedReason,
-				Message: "Docker API version before 1.24 does not support sysctls",
-			},
-		}, nil
-	default:
-		// Return admit for other runtimes.
-		return &runtimeAdmitHandler{
-			result: lifecycle.PodAdmitResult{
-				Admit: true,
-			},
-		}, nil
-	}
-}
-
-// Admit checks whether the runtime supports sysctls.
-func (w *runtimeAdmitHandler) Admit(attrs *lifecycle.PodAdmitAttributes) lifecycle.PodAdmitResult {
-	if attrs.Pod.Spec.SecurityContext != nil {
-
-		if len(attrs.Pod.Spec.SecurityContext.Sysctls) > 0 {
-			return w.result
-		}
-	}
-
-	return lifecycle.PodAdmitResult{
-		Admit: true,
-	}
-}
diff --git a/test/e2e/common/BUILD b/test/e2e/common/BUILD
index bdf819c2415..714bfeb2706 100644
--- a/test/e2e/common/BUILD
+++ b/test/e2e/common/BUILD
@@ -48,7 +48,6 @@ go_library(
         "//pkg/kubelet/events:go_default_library",
         "//pkg/kubelet/images:go_default_library",
         "//pkg/kubelet/runtimeclass/testing:go_default_library",
-        "//pkg/kubelet/sysctl:go_default_library",
         "//staging/src/k8s.io/api/coordination/v1:go_default_library",
         "//staging/src/k8s.io/api/core/v1:go_default_library",
         "//staging/src/k8s.io/apimachinery/pkg/api/equality:go_default_library",
diff --git a/test/e2e/common/sysctl.go b/test/e2e/common/sysctl.go
index 07081f81b7f..e51c0e380d0 100644
--- a/test/e2e/common/sysctl.go
+++ b/test/e2e/common/sysctl.go
@@ -20,7 +20,6 @@ import (
 	"k8s.io/api/core/v1"
 	metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
 	"k8s.io/apimachinery/pkg/util/uuid"
-	"k8s.io/kubernetes/pkg/kubelet/sysctl"
 	"k8s.io/kubernetes/test/e2e/framework"
 	e2epod "k8s.io/kubernetes/test/e2e/framework/pod"
 	e2eskipper "k8s.io/kubernetes/test/e2e/framework/skipper"
@@ -86,9 +85,6 @@ var _ = framework.KubeDescribe("Sysctls [LinuxOnly] [NodeFeature:Sysctls]", func
 		// might have already been deleted here.
 		ev, err := f.PodClient().WaitForErrorEventOrSuccess(pod)
 		framework.ExpectNoError(err)
-		if ev != nil && ev.Reason == sysctl.UnsupportedReason {
-			e2eskipper.Skipf("No sysctl support in Docker <1.12")
-		}
 		gomega.Expect(ev).To(gomega.BeNil())
 
 		ginkgo.By("Waiting for pod completion")
@@ -129,9 +125,6 @@ var _ = framework.KubeDescribe("Sysctls [LinuxOnly] [NodeFeature:Sysctls]", func
 		// might have already been deleted here.
 		ev, err := f.PodClient().WaitForErrorEventOrSuccess(pod)
 		framework.ExpectNoError(err)
-		if ev != nil && ev.Reason == sysctl.UnsupportedReason {
-			e2eskipper.Skipf("No sysctl support in Docker <1.12")
-		}
 		gomega.Expect(ev).To(gomega.BeNil())
 
 		ginkgo.By("Waiting for pod completion")
@@ -206,9 +199,6 @@ var _ = framework.KubeDescribe("Sysctls [LinuxOnly] [NodeFeature:Sysctls]", func
 		// might have already been deleted here.
 		ev, err := f.PodClient().WaitForErrorEventOrSuccess(pod)
 		framework.ExpectNoError(err)
-		if ev != nil && ev.Reason == sysctl.UnsupportedReason {
-			e2eskipper.Skipf("No sysctl support in Docker <1.12")
-		}
 
 		ginkgo.By("Checking that the pod was rejected")
 		gomega.Expect(ev).ToNot(gomega.BeNil())
diff --git a/test/e2e/framework/pods.go b/test/e2e/framework/pods.go
index 0bd6e37c334..97dfcf715c5 100644
--- a/test/e2e/framework/pods.go
+++ b/test/e2e/framework/pods.go
@@ -226,7 +226,7 @@ func (c *PodClient) WaitForErrorEventOrSuccess(pod *v1.Pod) (*v1.Event, error) {
 		}
 		for _, e := range evnts.Items {
 			switch e.Reason {
-			case events.KillingContainer, events.FailedToCreateContainer, sysctl.UnsupportedReason, sysctl.ForbiddenReason:
+			case events.KillingContainer, events.FailedToCreateContainer, sysctl.ForbiddenReason:
 				ev = &e
 				return true, nil
 			case events.StartedContainer:
diff --git a/test/e2e/upgrades/BUILD b/test/e2e/upgrades/BUILD
index 3bece0cc2e4..f3de920fc6f 100644
--- a/test/e2e/upgrades/BUILD
+++ b/test/e2e/upgrades/BUILD
@@ -41,7 +41,6 @@ go_library(
         "//test/e2e/framework/node:go_default_library",
         "//test/e2e/framework/security:go_default_library",
         "//test/e2e/framework/service:go_default_library",
-        "//test/e2e/framework/skipper:go_default_library",
         "//test/e2e/framework/statefulset:go_default_library",
         "//test/e2e/framework/testfiles:go_default_library",
         "//test/e2e/scheduling:go_default_library",
diff --git a/test/e2e/upgrades/sysctl.go b/test/e2e/upgrades/sysctl.go
index 0afaca23a65..3fb4c7180a4 100644
--- a/test/e2e/upgrades/sysctl.go
+++ b/test/e2e/upgrades/sysctl.go
@@ -28,7 +28,6 @@ import (
 	"k8s.io/kubernetes/pkg/kubelet/sysctl"
 
 	"k8s.io/kubernetes/test/e2e/framework"
-	e2eskipper "k8s.io/kubernetes/test/e2e/framework/skipper"
 	imageutils "k8s.io/kubernetes/test/utils/image"
 )
 
@@ -85,11 +84,8 @@ func (t *SysctlUpgradeTest) verifySafeSysctlWork(f *framework.Framework) *v1.Pod
 	validPod := f.PodClient().Create(t.validPod)
 
 	ginkgo.By("Making sure the valid pod launches")
-	ev, err := f.PodClient().WaitForErrorEventOrSuccess(t.validPod)
+	_, err := f.PodClient().WaitForErrorEventOrSuccess(t.validPod)
 	framework.ExpectNoError(err)
-	if ev != nil && ev.Reason == sysctl.UnsupportedReason {
-		e2eskipper.Skipf("No sysctl support in Docker <1.12")
-	}
 	f.TestContainerOutput("pod with safe sysctl launched", t.validPod, 0, []string{fmt.Sprintf("%s = %s", safeSysctl, safeSysctlValue)})
 
 	return validPod
@@ -105,9 +101,6 @@ func (t *SysctlUpgradeTest) verifyUnsafeSysctlsAreRejected(f *framework.Framewor
 	ginkgo.By("Making sure the invalid pod failed")
 	ev, err := f.PodClient().WaitForErrorEventOrSuccess(invalidPod)
 	framework.ExpectNoError(err)
-	if ev != nil && ev.Reason == sysctl.UnsupportedReason {
-		e2eskipper.Skipf("No sysctl support in Docker <1.12")
-	}
 	framework.ExpectEqual(ev.Reason, sysctl.ForbiddenReason)
 
 	return invalidPod