Red Hat Summit이 콘텐츠는 선택한 언어로 제공되지 않습니다.
Chapter 4. Updating the Istio CNI
Review the update procedure for the Istio Container Network Interface (CNI). Ensure the CNI plugin remains compatible with the OpenShift Service Mesh control plane during an upgrade.
4.1. About the Istio CNI update process
The Istio Container Network Interface (CNI) update process uses Inplace updates. When the IstioCNI resource changes, the daemonset automatically replaces the existing istio-cni-node pods with the specified version of the CNI plugin.
You can use the following field to manage version updates:
spec.version-
defines the CNI plugin version to install. Specify the value in the format
vX.Y.Z, whereX.Y.Zrepresents the required version. For example, usev1.28.5to install the CNI plugin version1.28.5.
To update the CNI plugin, change the spec.version field with the target version. The IstioCNI resource also includes a values field that exposes configuration options from the istio-cni chart.
In ambient mode, the Istio CNI component manages traffic redirection. During RevisionBased upgrades, the component remains compatible with the control plane’s old version and continues to manage traffic redirection for both the old and the new control planes throughout the migration.
The Istio CNI is compatible with a control plane running the same minor version or one minor version higher.
After you update the Istio control plane, update the Istio CNI component. The OpenShift Service Mesh Operator deploys a new version of the CNI plugin, replacing the existing one. The istio-cni-node DaemonSet pods update using a rolling update strategy, ensuring that traffic redirection rules remain active during the entire update process.
4.1.1. Updating the Istio CNI resource version
Update the Istio CNI plugin by modifying the version in the resource, triggering the Service Mesh Operator to deploy new plugin versions and automatically reconnect the node pods.
Prerequisites
-
You have logged in to OpenShift Container Platform as a user with the
cluster-adminrole. - You have installed the Red Hat OpenShift Service Mesh Operator and deployed Istio.
-
You have installed the Istio CNI plugin with the required version. In the following example, the deployment of the
IstioCNIresource nameddefaultis in theistio-cninamespace. -
You have either updated the Istio control plane to the required version (for
Inplacestrategy) or created a new control plane revision (forRevisionBasedstrategy).
Procedure
Change the version in the
Istioresource. For example, to update to Istio1.28.5, set thespec.versionfield to1.28.5by running the following command:$ oc patch istiocni default -n istio-cni --type='merge' -p '{"spec":{"version":"v1.28.5"}}'Wait for the
IstioCNIDaemonSet to reach theReadystatus after the update by running the following command:$ oc wait --for=condition=Ready istiocnis/default --timeout=5mConfirm that the new version of the CNI plugin is ready by running the following command:
$ oc get istiocni defaultYou should see an output similar to the following example:
NAME READY STATUS VERSION AGE default True Healthy v{istio-latest} 7d1hCheck the status of the pods by running the following command:
$ oc get pods -n istio-cniYou should see an output similar to the following example:
NAME READY STATUS RESTARTS AGE istio-cni-node-abc12 1/1 Running 0 3m istio-cni-node-def34 1/1 Running 0 3m istio-cni-node-ghi56 1/1 Running 0 3mNoteWhen you use the
RevisionBasedstrategy, the Istio CNI component remains compatible with many control plane versions. It continues to manage traffic redirection for both the old and the new control planes throughout the migration. The Istio CNI is compatible with a control plane running the same minor version or one minor version higher.
'%20d='M201.5%20305.5c-13.8%200-24.9-11.1-24.9-24.6%200-13.8%2011.1-24.9%2024.9-24.9%2013.6%200%2024.6%2011.1%2024.6%2024.9%200%2013.6-11.1%2024.6-24.6%2024.6zM504%20256c0%20137-111%20248-248%20248S8%20393%208%20256%20119%208%20256%208s248%20111%20248%20248zm-132.3-41.2c-9.4%200-17.7%203.9-23.8%2010-22.4-15.5-52.6-25.5-86.1-26.6l17.4-78.3%2055.4%2012.5c0%2013.6%2011.1%2024.6%2024.6%2024.6%2013.8%200%2024.9-11.3%2024.9-24.9s-11.1-24.9-24.9-24.9c-9.7%200-18%205.8-22.1%2013.8l-61.2-13.6c-3-.8-6.1%201.4-6.9%204.4l-19.1%2086.4c-33.2%201.4-63.1%2011.3-85.5%2026.8-6.1-6.4-14.7-10.2-24.1-10.2-34.9%200-46.3%2046.9-14.4%2062.8-1.1%205-1.7%2010.2-1.7%2015.5%200%2052.6%2059.2%2095.2%20132%2095.2%2073.1%200%20132.3-42.6%20132.3-95.2%200-5.3-.6-10.8-1.9-15.8%2031.3-16%2019.8-62.5-14.9-62.5zM302.8%20331c-18.2%2018.2-76.1%2017.9-93.6%200-2.2-2.2-6.1-2.2-8.3%200-2.5%202.5-2.5%206.4%200%208.6%2022.8%2022.8%2087.3%2022.8%20110.2%200%202.5-2.2%202.5-6.1%200-8.6-2.2-2.2-6.1-2.2-8.3%200zm7.7-75c-13.6%200-24.6%2011.1-24.6%2024.9%200%2013.6%2011.1%2024.6%2024.6%2024.6%2013.8%200%2024.9-11.1%2024.9-24.6%200-13.8-11-24.9-24.9-24.9z'/%3e%3c/svg%3e){kind=small}