Versions Compared

Version Old Version 20 New Version Current
Changes made by

david.fairbrother@stfc.ac.uk

Dmitry Popovichev

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

The Ubuntu image is stripped so the packages (and number of vulnerabilities) is significantly lower. The Cloud team will make it clear when a CVE applies to the CAPI Ubuntu images.

Skip to https://stfc.atlassian.net/wiki/spaces/CLOUDKB/pages/edit-v2/285704256#Without-minor-version-upgrade285704256/Cluster+API+Upgrade#Kubernetes-Image-and-Version-Upgrades .

Note

Containers are controlled by Kubernetes. If a container (e.g. gpu-operator) has a known CVE this will require you to upgrade your deployment (e.g. via helm or your config management tool).

...

Info

The upstream repo URLs changed during Q3 2024. You need to update the URLs if your helm history <cluster_name> shows 0.9.0 as the latest version .for the openstack-cluster

Code Block
# Update URLs to repos if required:
helm repo add capi https://azimuth-cloud.github.io/capi-helm-charts --force-update
helm repo add capi-addons https://azimuth-cloud.github.io/cluster-api-addon-provider --force-update

# AlwaysAvoid requiredupdating toopenstack-cluster grabchart latest charts
helm repo update capiuntil later
helm repo update capi-addons

helm upgrade cluster-api-addon-provider capi-addons/cluster-api-addon-provider -n clusters --wait
cd <folder_with_values>

...

  • Lookup the latest image build for Kubernetes, this can be found in images section of the web interface

  • Edit the kubernetesVersion in user-values.yaml to match the image name

  • Edit the machineImage in user-values.yaml to use the latest patch release

Code Block
helm repo update capi
helm upgrade <cluster_name> capi/openstack-cluster -f values.yaml -f clouds.yaml -f user-values.yaml -f flavors.yaml -n clusters

  • Wait for the rollout of new infra to complete

    • The rollout can be monitored with kubectl get kcp -A and kubectl get md -A

    • Machine details can be found in kubectl get machines -A and kubectl get openstackmachines -A

  • Repeat for each major upgrade step

    • You can only do a single major upgrade at a time, e.g. 1.100.12 to 1.101.4, then 1.102.6

Supported Kubernetes Versions

We aim to support Kubernetes versions and keep CAPI images for N -1 → all supported End of Life (EOL) versions from: https://kubernetes.io/releases/ OR the oldest CAPI image we have that gives an upgrade path - whichever is the older; where N is the latest Kubernetes version.

For example, as of the 29/01/2025, the latest Kubernetes version is v1.32 and therefore, we will provide CAPI images for Kubernetes versions v1.31 → v1.26 (oldest image we hold).

  • Once we provide the latest N-1 image, we will keep the oldest image (v1.26) for a minimum of 4 weeks to let you upgrade older clusters and notify any users accordingly.

Kubernetes Version Support.pngImage Added

Please refer to the Kubernetes Release page for the latest version history and patch notes.

Troubleshooting

On the management cluster

...