ManagedOSImage reference

The ManagedOSImage resource is responsible of defining an OS image or image version that needs to be applied to each node in a set of targeted Clusters.
Once created, the ManagedOSImage resource can be updated with a new osImage or managedOSVersionName to trigger a new upgrade.
Similarly, an existing ManagedOSImage can be updated to target new Clusters.

There are several keys that can be configured under a ManagedOSImage resource spec.

upgrade-cluster-target.yaml

  1. apiVersion: elemental.cattle.io/v1beta1
  2. kind: ManagedOSImage
  3. metadata:
  4. name: my-upgrade
  5. namespace: fleet-default
  6. spec:
  7. # Set to the new Elemental version you would like to upgrade to or track the latest tag
  8. osImage: "registry.suse.com/suse/sle-micro/5.5:latest"
  9. clusterTargets:
  10. - clusterName: my-cluster

ManagedOSImageSpec reference

KeyTypeDefault valueDescription
osImagestringemptyThe fully qualified image to upgrade nodes to. This value has priority over managedOSVersionName if both are configured.
managedOSVersionNamestringemptyThe name of a ManagedOSVersion to upgrade nodes to.
cloudConfigobjectnullA cloud-init or yip config to apply to the nodes during upgrades. See reference.
nodeSelectorobjectnullThis selector can be used to target specific nodes within the clusterTargets. See reference.
concurrencyint1How many nodes within the same cluster should be upgraded at the same time.
cordonbooltrueSet this to true if the nodes should be cordoned before applying the upgrade. Ineffective when drain is also configured.
drainobjectSee refConfigure if and how nodes should be drained before applying the upgrade. See reference.
prepareobjectnullThe prepare init container, if specified, is run before cordon/drain which is run before the upgrade container. See reference.
upgradeContainerobjectnullThe upgrade container that will run the upgrade on the nodes. See reference.
clusterRolloutStrategyobjectnullRolloverStrategy controls the rollout of the upgrade bundle across clusters. See reference.
clusterTargetslistnullDeclares clusters to deploy the upgrade plan to. See reference.

cloudConfig

This describes a cloud-init or yip config that will be copied to each upgraded node to the /oem/90_operator.yaml path.
This config will be applied by the system after reboot.
For more information and examples, see the MachineRegistration spec.config.cloud-config reference.

nodeSelector

This Label Selector can be used to restrict the upgrades to only a certain set of nodes within the targeted Clusters.

Example

  1. nodeSelector:
  2. matchExpressions:
  3. - {key: my-node/label, operator: Exists}

drain

Configure if and how nodes should be drained.
To disable drain during upgrades you can configure this field to null.
Drain is enabled by default.

The drain settings directly translates to the kubectl drain command being executed on the node before upgrade.

KeyTypeDefault valueDescription
timeouttime.DurationnullThe length of time to wait before giving up draining a node, zero means infinite.
gracePeriodintnullPeriod of time in seconds given to each pod to terminate gracefully. If negative, the default value specified in the pod will be used.
deleteEmptydirDatabooltrueContinue even if there are pods using emptyDir (local data that will be deleted when the node is drained).
ignoreDaemonSetsbooltrueIgnore DaemonSet-managed pods.
forcebooltrueContinue even if there are pods that do not declare a controller.
disableEvictionboolfalseForce drain to use delete, even if eviction is supported. This will bypass checking PodDisruptionBudgets, use with caution.
skipWaitForDeleteTimeoutint60If pod DeletionTimestamp older than N seconds, skip waiting for the pod. Seconds must be greater than 0 to skip.
podSelectorlabel selectornullLabel selector to filter pods on the node. Only selected pods will be evicted.

prepare

Defines a prepare Init container that is ran before the upgrade container executing the upgrade job on a node.
The keys directly translate to the container specification.
Note that the node filesystem is mounted at /host inside the container.

KeyTypeDefault valueDescription
imagestringemptyContainer image name.
commandlistemptyEntrypoint array.
argslistemptyArguments to the entrypoint.
envlistemptyList of environment variables to set in the container.
envFromlistemptyList of sources to populate environment variables in the container.
volumeslistemptyList of hostPath volumes. See reference.
securityContextobjectnullThe security options the ephemeral container should be run with.
prepare.volumes

Each volume definition will translate to a hostPath volume (source) which will be mounted in the container (destination).
Note that by default the host root filesystem / will always be mounted at /host.

KeyTypeDefault valueDescription
namestringemptyVolume name.
sourcestringemptyHostPath volume path.
destinationstringemptyHostPath volume mount path.

Example

  1. volumes:
  2. - name: my-custom-volume
  3. source: /foo
  4. destination: /foo

upgradeContainer

Defines the upgrade container executing the upgrade job on a node.
The keys directly translate to the container specification.
Note that the node filesystem is mounted at /host inside the container.

ManagedOSImage reference - 图1warning

When using any Elemental or Elemental based image you are expected to only edit the env key to optionally set the FORCE, UPGRADE_RECOVERY, or UPGRADE_RECOVERY_ONLY variables.
For more info you can read the upgrade documentation.
Any other change to the upgradeContainer may result in issues during upgrades.

clusterRolloutStrategy

This controls the rollout of the bundle across clusters.
For more information you can read the reference documentation.

clusterTargets

Select Clusters to be targeted for the OS image upgrade.
For more information you can read the reference documentation.

Example

  1. clusterTargets:
  2. - clusterName: volcano