Chapter 6. Upgrading OpenShift sandboxed containers


The upgrade of the OpenShift sandboxed containers components consists of the following three steps:

  • Upgrading OpenShift Container Platform to update the Kata runtime and its dependencies.
  • Upgrading the OpenShift sandboxed containers Operator to update the Operator subscription.
  • Manually patching the KataConfig custom resource (CR) to update the monitor pods.

You can upgrade OpenShift Container Platform before or after the OpenShift sandboxed containers Operator upgrade, with the one exception noted below. Always apply the KataConfig patch immediately after upgrading OpenShift sandboxed containers Operator.

Important

If you are upgrading to OpenShift Container Platform 4.11 with OpenShift sandboxed containers 1.3, the recommended order is to first upgrade OpenShift sandboxed containers from 1.2 to 1.3, and then upgrade OpenShift Container Platform from 4.10 to 4.11.

6.1. Upgrading the OpenShift sandboxed containers resources

The OpenShift sandboxed containers resources are deployed onto the cluster using Red Hat Enterprise Linux CoreOS (RHCOS) extensions.

The RHCOS extension sandboxed containers contains the required components to run Kata Containers such as the Kata containers runtime, the hypervisor QEMU, and other dependencies. You upgrade the extension by upgrading the cluster to a new release of OpenShift Container Platform.

For more information about upgrading OpenShift Container Platform, see Updating Clusters.

6.2. Upgrading the OpenShift sandboxed containers Operator

Use Operator Lifecycle Manager (OLM) to upgrade the OpenShift sandboxed containers Operator either manually or automatically. Selecting between manual or automatic upgrade during the initial deployment determines the future upgrade mode. For manual upgrades, the web console shows the available updates that can be installed by the cluster administrator.

For more information about upgrading the OpenShift sandboxed containers Operator in Operator Lifecycle Manager (OLM), see Updating installed Operators.

6.3. Upgrading the OpenShift sandboxed containers monitor pods

After upgrading OpenShift sandboxed containers, you need to update the monitor image in the KataConfig CR to upgrade the monitor pods. Otherwise, the monitor pods will continue running images from the previous version.

You can perform the update using the web console or the CLI.

6.3.1. Upgrading the monitor pods using the web console

The KataConfig YAML file in the OpenShift Container Platform contains the version number for the monitor image. Update the version number with the correct version.

Prerequisites

  • You have OpenShift Container Platform 4.15 installed on your cluster.
  • You have access to the cluster as a user with the cluster-admin role.

Procedure

  1. From the Administrator perspective of OpenShift Container Platform, navigate to Operators Installed Operators.
  2. Select the OpenShift sandboxed containers Operator and go to the KataConfig tab.
  3. Search for the KataConfig resource using the Search by name field. The default name for the KataConfig resource is example-kataconfig.
  4. Select the KataConfig resource and go to the KataConfig tab.
  5. Modify the version number for kataMonitorImage:

        checkNodeEligibility: false
        kataConfigPoolSelector: null
        kataMonitorImage: 'registry.redhat.io/openshift-sandboxed-containers/osc-monitor-rhel8:1.3.0'
  6. Click Save.

6.3.2. Upgrading the monitor pods using the CLI

You can manually patch the monitor image in the KataConfig CR to update the monitor pods.

Prerequisites

  • You have OpenShift Container Platform 4.15 installed on your cluster.
  • You have installed the OpenShift CLI (oc).
  • You have access to the cluster as a user with the cluster-admin role.

Procedure

  • In the OpenShift Container Platform CLI, run the following command:

    $ oc patch kataconfig <kataconfig_name> --type merge --patch
    '{"spec":{"kataMonitorImage":"registry.redhat.io/openshift-sandboxed-containers/osc-monitor-rhel8:1.3.0"}}'

    where: <kataconfig_name>:: specifies the name of your Kata configuration file, such as example-kataconfig.

Red Hat logoGithubRedditYoutubeTwitter

Learn

Try, buy, & sell

Communities

About Red Hat Documentation

We help Red Hat users innovate and achieve their goals with our products and services with content they can trust.

Making open source more inclusive

Red Hat is committed to replacing problematic language in our code, documentation, and web properties. For more details, see the Red Hat Blog.

About Red Hat

We deliver hardened solutions that make it easier for enterprises to work across platforms and environments, from the core datacenter to the network edge.

© 2024 Red Hat, Inc.