When you install a new version of
bmctl, you can upgrade your existing
clusters that were created with an earlier version. Upgrading a cluster to the
latest Anthos clusters on bare metal version brings performance and security
improvements to the cluster. You can upgrade admin, hybrid, standalone, or user
clusters with the
bmctl upgrade cluster command.
If you want to enable SELinux to secure your containers, you must make sure that
SELinux is enabled in
Enforced mode on all your host machines. Starting with
Anthos clusters on bare metal release 1.9.0 or later, you can enable or disable SELinux
before or after cluster creation or cluster upgrades. SELinux is enabled by
default on Red Hat Enterprise Linux (RHEL) and CentOS. If SELinux is disabled on
your host machines or you aren't sure, see
Securing your containers using SELinux
for instructions on how to enable it.
Anthos clusters on bare metal supports SELinux in only RHEL and CentOS systems.
Before you upgrade
Preflight checks are run before a cluster upgrade to validate cluster status and node health.
The following examples show the upgrade process from version 1.8.2 to Anthos clusters on bare metal 1.9.8.
You can upgrade any given version to the next available version (for example, 1.9.0 to 1.9.1) in the same fashion. Skip upgrades, such as 1.8.1 to 1.9.8, are also supported.
Anthos clusters on bare metal supports the configuration of up to 250 maximum pods per node. This configuration can only be done during cluster creation and cannot be updated for existing clusters.
Upgrade admin, standalone, hybrid, or user clusters
When you download and install a new version of
bmctl, you can upgrade your
admin, hybrid, standalone, and user clusters created with an earlier version.
For a given version of
bmctl, clusters can be upgraded to the same version
First, you download the latest
bmctl, then modify the appropriate cluster
config files, and then you issue the
bmctl upgrade cluster command to complete
Download the latest
bmctlfrom the Cloud Storage bucket and use
bmctlexecute permissions to all users:
gsutil cp gs://anthos-baremetal-release/bmctl/1.9.8/linux-amd64/bmctl bmctl chmod a+x bmctl
Modify the cluster config file to change the Anthos clusters on bare metal cluster version from
1.9.8. The following shows an example from an admin cluster config:
--- apiVersion: baremetal.cluster.gke.io/v1 kind: Cluster metadata: name: cluster1 namespace: cluster-cluster1 spec: # Cluster type. This can be: # 1) admin: to create an admin cluster. This can later be used to create user clusters. # 2) user: to create a user cluster. Requires an existing admin cluster. # 3) hybrid: to create a hybrid cluster that runs admin cluster components and user workloads. # 4) standalone: to create a cluster that manages itself, runs user workloads, but does not manage other clusters. type: admin # Anthos cluster version. # Change the following line from 1.8.2 to 1.9.8, shown below anthosBareMetalVersion: 1.9.8
When upgrading clusters to 1.9.8, you must register the clusters with Connect to your project fleet, if they have not been already.
- Manually create service accounts and retrieve the JSON key files as described in Configuring service accounts for use with Connect on the Enabling Google services and service accounts page.
- Reference the downloaded JSON keys in the associated
gkeConnectRegisterServiceAccountKeyPathfields of the cluster config file.
bmctl upgrade clustercommand to complete the upgrade:
bmctl upgrade cluster -c CLUSTER_NAME --kubeconfig ADMIN_KUBECONFIG
Replace the following:
- CLUSTER_NAME: the name of the cluster to upgrade.
- ADMIN_KUBECONFIG: the path to the admin cluster kubeconfig file.