Welcome to the Linux Foundation Forum!

Mark hold kubernetes-cni?

Yesterday I attempted to do an apt upgrade (sudo apt update && sudo apt full-upgrade) on my kubernetes nodes, and I saw that the kubernetes-cni package is eligible for upgrade:

ubuntu@k8s-master-1:~$ sudo apt full-upgrade
Reading package lists... Done
Building dependency tree
Reading state information... Done
Calculating upgrade... Done
The following packages have been kept back:
  kubeadm kubectl kubelet
The following packages will be upgraded:
  kubernetes-cni
1 upgraded, 0 newly installed, 0 to remove and 3 not upgraded.
Need to get 25.0 MB of archives.
After this operation, 0 B of additional disk space will be used.
Do you want to continue? [Y/n] n
Abort.

Should we also do a 'mark hold' on kubernetes-cni in addition to kubeadm, kubectl, and kubelet? Or is it safe to upgrade kubernetes-cni without upgrading the other kubernetes packages?

I am running Ubuntu 18.04 on my nodes:

ubuntu@k8s-master-1:~$ cat /etc/os-release | head -n2
NAME="Ubuntu"
VERSION="18.04.5 LTS (Bionic Beaver)"

And kubernetes version 1.19.0:

ubuntu@k8s-master-1:~$ sudo dpkg -l | grep kube
hi  kubeadm                          1.19.0-00                                   amd64        Kubernetes Cluster Bootstrapping Tool
hi  kubectl                          1.19.0-00                                   amd64        Kubernetes Command Line Tool
hi  kubelet                          1.19.0-00                                   amd64        Kubernetes Node Agent
ii  kubernetes-cni                   0.8.6-00                                    amd64        Kubernetes CNI

Comments

  • serewicz
    serewicz Posts: 1,000

    Hello,

    The labs have not been tested with an upgrade to the kubernetes-cni package. While it should be compatible, the newer the update the less likely others have worked with the particular versions of software. So there is less of a "well worn path" to follow.

    You could run the labs first without the upgrade, then again after the upgrade and compare the difference. Let us know how that works out.

    Regards,

  • According to apt, It appears kubelet and kubeadm both require a kubernetes-cni version of 0.8.6 or later:

    ubuntu@k8s-master-1:~$ apt depends kubelet=1.19.0-00 kubectl=1.19.0-00 kubeadm=1.19.0-00
    kubelet
      Depends: iptables (>= 1.4.21)
      Depends: kubernetes-cni (>= 0.8.6)
      Depends: iproute2
      Depends: socat
      Depends: util-linux
      Depends: mount
      Depends: ebtables
      Depends: ethtool
      Depends: conntrack
    kubectl
    kubeadm
      Depends: kubelet (>= 1.13.0)
      Depends: kubectl (>= 1.13.0)
      Depends: kubernetes-cni (>= 0.8.6)
      Depends: cri-tools (>= 1.13.0)
    

    I took a chance and upgraded kubernetes-cni by doing the following on both my master and worker nodes:

    sudo apt update && sudo apt full-upgrade
    sudo systemctl daemon-reload
    sudo systemctl restart kubelet
    

    And now have:

    ubuntu@k8s-master-1:~$ sudo dpkg -l | grep kube
    hi  kubeadm                          1.19.0-00                                   amd64        Kubernetes Cluster Bootstrapping Tool
    hi  kubectl                          1.19.0-00                                   amd64        Kubernetes Command Line Tool
    hi  kubelet                          1.19.0-00                                   amd64        Kubernetes Node Agent
    ii  kubernetes-cni                   0.8.7-00                                    amd64        Kubernetes CNI
    

    I'm about to start Chapter 13. Custom Resource Definitions, so I'll see how things go.

  • serewicz
    serewicz Posts: 1,000

    Great! Thanks for the feedback!

Categories

Upcoming Training