Red Hat Summit Red Hat SummitSupportConsoleDevelopersStart a trialContact

Chapter 2. Updating the undercloud

You can use director to update the main packages on the undercloud node. To update the undercloud and its overcloud images to the latest Red Hat OpenStack Platform (RHOSP) 17.1 version, complete the following procedures:

  1. Section 2.3, “Performing a minor update of a containerized undercloud”
  2. Section 2.4, “Updating the overcloud images”

Prerequisites

  • Before you can update the undercloud to the latest RHOSP 17.1 version, ensure that you complete all the update preparation procedures. For more information, see Chapter 1, Preparing for a minor update

2.1. Validating RHOSP before the undercloud update
Copy link

Before you update your Red Hat OpenStack Platform (RHOSP) environment, validate your undercloud with the tripleo-validations playbooks.

For more information about validations, see Using the validation framework in Installing and managing Red Hat OpenStack Platform with director.

Procedure

  1. Log in to the undercloud host as the stack user.

  2. Source the stackrc undercloud credentials file: 

    $ source ~/stackrc
    Copy to Clipboard Toggle word wrap

  3. Install the packages for validation: 

    $ sudo dnf -y update openstack-tripleo-validations python3-validations-libs validations-common
    Copy to Clipboard Toggle word wrap

  4. Run the validation: 

    $ validation run -i ~/overcloud-deploy/<stack>/config-download/<stack>/tripleo-ansible-inventory.yaml --group pre-update
    Copy to Clipboard Toggle word wrap
    • Replace <stack> with the name of the stack.

Verification

  1. To view the results of the validation report, see Viewing validation history in Installing and managing Red Hat OpenStack Platform with director.
Note

If a host is not found when you run a validation, the command reports the status as SKIPPED. A status of SKIPPED means that the validation is not executed, which is expected. Additionally, if a validation’s pass criteria is not met, the command reports the status as FAILED. A FAILED validation does not prevent you from using your updated RHOSP environment. However, a FAILED validation can indicate an issue with your environment.

2.2. Validating your SSH key size
Copy link

Starting with Red Hat Enterprise Linux (RHEL) 9.1, a minimum SSH key size of 2048 bits is required. If your current SSH key on Red Hat OpenStack Platform (RHOSP) director is less than 2048 bits, you can lose access to the overcloud. You must verify that your SSH key meets the required bit size.

Procedure

  1. Validate your SSH key size: 

    ssh-keygen -l -f ~/.ssh/id_rsa.pub
    Copy to Clipboard Toggle word wrap

    Example output: 

    1024 SHA256:Xqz0Xz0/aJua6B3qRD7VsLr6n/V3zhmnGSkcFR6FlJw stack@director.example.local (RSA)
    Copy to Clipboard Toggle word wrap
  2. If your SSH key is less than 2048 bits, you must rotate out the SSH key before continuing. For more information, see Updating SSH keys in your OpenStack environment in Hardening Red Hat OpenStack Platform.

Director provides commands to update the main packages on the undercloud node. Use director to perform a minor update within the current version of your RHOSP environment.

Procedure

  1. Log in to the undercloud host as the stack user.

  2. Source the stackrc undercloud credentials file: 

    $ source ~/stackrc
    Copy to Clipboard Toggle word wrap

  3. Update the director main packages with the dnf update command: 

    $ sudo dnf update -y python3-tripleoclient ansible-*
    Copy to Clipboard Toggle word wrap

  4. Update the undercloud environment: 

    $ openstack undercloud upgrade
    Copy to Clipboard Toggle word wrap
  5. Wait until the undercloud update process completes.

  6. Reboot the undercloud to update the operating system’s kernel and other system packages: 

    $ sudo reboot
    Copy to Clipboard Toggle word wrap
  7. Wait until the node boots.

2.4. Updating the overcloud images
Copy link

You must replace your current overcloud images with new versions to ensure that director can introspect and provision your nodes with the latest version of the RHOSP software.

Prerequisites

Procedure

  1. Log in to the undercloud host as the stack user.

  2. Source the stackrc undercloud credentials file: 

    $ source ~/stackrc
    Copy to Clipboard Toggle word wrap

  3. Remove any existing images from the images directory on the stack user’s home (/home/stack/images): 

    $ rm -rf ~/images/*
    Copy to Clipboard Toggle word wrap

  4. Extract the archives: 

    cd ~/images
for i in /usr/share/rhosp-director-images/ironic-python-agent-latest-17.1.tar /usr/share/rhosp-director-images/overcloud-hardened-uefi-full-latest-17.1.tar; do tar -xvf $i; done
cd ~
    Copy to Clipboard Toggle word wrap

  5. Import the latest images into the director: 

    $ openstack overcloud image upload --update-existing --image-path /home/stack/images/
    Copy to Clipboard Toggle word wrap

  6. Configure your nodes to use the new images: 

    $ openstack overcloud node configure $(openstack baremetal node list -c UUID -f value)
    Copy to Clipboard Toggle word wrap

  7. Verify the existence of the new images: 

    $ ls -l /var/lib/ironic/httpboot /var/lib/ironic/images
    Copy to Clipboard Toggle word wrap
Important
  • When you deploy overcloud nodes, ensure that the overcloud image version corresponds to the respective heat template version. For example, use only the RHOSP 17.1 images with the RHOSP 17.1 heat templates.
  • If you deployed a connected environment that uses the Red Hat Customer Portal or Red Hat Satellite Server, the overcloud image and package repository versions might be out of sync. To ensure that the overcloud image and package repository versions match, you can use the virt-customize tool. For more information, see the Red Hat Knowledgebase solution Modifying the Red Hat Linux OpenStack Platform Overcloud Image with virt-customize.
  • The new overcloud-full image replaces the old overcloud-full image. If you made changes to the old image, you must repeat the changes in the new image, especially if you want to deploy new nodes in the future.
Back to top
Red Hat logoGithubredditYoutubeTwitter

Learn

Try, buy, & sell

Communities

About Red Hat Documentation

We help Red Hat users innovate and achieve their goals with our products and services with content they can trust. Explore our recent updates.

Making open source more inclusive

Red Hat is committed to replacing problematic language in our code, documentation, and web properties. For more details, see the Red Hat Blog.

About Red Hat

We deliver hardened solutions that make it easier for enterprises to work across platforms and environments, from the core datacenter to the network edge.

Theme

© 2026 Red Hat