Mark hold kubernetes-cni?

scroll

Yesterday I attempted to do an apt upgrade (sudo apt update && sudo apt full-upgrade) on my kubernetes nodes, and I saw that the kubernetes-cni package is eligible for upgrade:

ubuntu@k8s-master-1:~$ sudo apt full-upgrade
Reading package lists... Done
Building dependency tree
Reading state information... Done
Calculating upgrade... Done
The following packages have been kept back:
  kubeadm kubectl kubelet
The following packages will be upgraded:
  kubernetes-cni
1 upgraded, 0 newly installed, 0 to remove and 3 not upgraded.
Need to get 25.0 MB of archives.
After this operation, 0 B of additional disk space will be used.
Do you want to continue? [Y/n] n
Abort.

Should we also do a 'mark hold' on kubernetes-cni in addition to kubeadm, kubectl, and kubelet? Or is it safe to upgrade kubernetes-cni without upgrading the other kubernetes packages?

I am running Ubuntu 18.04 on my nodes:

ubuntu@k8s-master-1:~$ cat /etc/os-release | head -n2
NAME="Ubuntu"
VERSION="18.04.5 LTS (Bionic Beaver)"

And kubernetes version 1.19.0:

ubuntu@k8s-master-1:~$ sudo dpkg -l | grep kube
hi  kubeadm                          1.19.0-00                                   amd64        Kubernetes Cluster Bootstrapping Tool
hi  kubectl                          1.19.0-00                                   amd64        Kubernetes Command Line Tool
hi  kubelet                          1.19.0-00                                   amd64        Kubernetes Node Agent
ii  kubernetes-cni                   0.8.6-00                                    amd64        Kubernetes CNI

serewicz

Hello,

The labs have not been tested with an upgrade to the kubernetes-cni package. While it should be compatible, the newer the update the less likely others have worked with the particular versions of software. So there is less of a "well worn path" to follow.

You could run the labs first without the upgrade, then again after the upgrade and compare the difference. Let us know how that works out.

Regards,

scroll

According to apt, It appears kubelet and kubeadm both require a kubernetes-cni version of 0.8.6 or later:

ubuntu@k8s-master-1:~$ apt depends kubelet=1.19.0-00 kubectl=1.19.0-00 kubeadm=1.19.0-00
kubelet
  Depends: iptables (>= 1.4.21)
  Depends: kubernetes-cni (>= 0.8.6)
  Depends: iproute2
  Depends: socat
  Depends: util-linux
  Depends: mount
  Depends: ebtables
  Depends: ethtool
  Depends: conntrack
kubectl
kubeadm
  Depends: kubelet (>= 1.13.0)
  Depends: kubectl (>= 1.13.0)
  Depends: kubernetes-cni (>= 0.8.6)
  Depends: cri-tools (>= 1.13.0)

I took a chance and upgraded kubernetes-cni by doing the following on both my master and worker nodes:

sudo apt update && sudo apt full-upgrade
sudo systemctl daemon-reload
sudo systemctl restart kubelet

And now have:

ubuntu@k8s-master-1:~$ sudo dpkg -l | grep kube
hi  kubeadm                          1.19.0-00                                   amd64        Kubernetes Cluster Bootstrapping Tool
hi  kubectl                          1.19.0-00                                   amd64        Kubernetes Command Line Tool
hi  kubelet                          1.19.0-00                                   amd64        Kubernetes Node Agent
ii  kubernetes-cni                   0.8.7-00                                    amd64        Kubernetes CNI

I'm about to start Chapter 13. Custom Resource Definitions, so I'll see how things go.

serewicz

Great! Thanks for the feedback!