Container-Optimized OS images have the built-in capability to automatically upgrade to a newer version when released. This capability, when enabled, allows user instances to stay up-to-date with respect to security fixes and bug fixes.
When Container-Optimized OS is used as part of a managed service (for example, Google Kubernetes Engine, Cloud SQL, etc.), the managed service takes care of updating the Container-Optimized OS instance for the users. So, automatic updates are disabled on those by default.
Users running production workloads that are sensitive to kernel upgrades and require controlled qualification and rollout should also disable automatic updates. For more information, see the Disabling automatic updates section.
Disabling automatic updates
The automatic updates feature is enabled by default on all Container-Optimized OS
images. The feature can be disabled by setting the
using one of the following ways:
Creating a new instance
gcloud compute instances create ... --metadata cos-update-strategy=update_disabled
gcloud compute instances add-metadata --metadata cos-update-strategy=update_disabled
Automatic update design
Container-Optimized OS uses an active-passive root partition scheme. The OS image is updated in its entirety, including the kernel, as opposed to package-by-package updates like on traditional Linux distributions. The image ships with the automatic updates feature enabled; this means that a default Container-Optimized OS instance always downloads the latest OS version and installs it on the passive partition soon after it's released.
Changes to automatic update behavior
The Container-Optimized OS team is actively working on improving our backend infrastructure that makes automatic updates possible. As part of these changes, we are rotating the keys used to sign and validate the update payloads. However, images released before the key rotation cannot be automatically updated to images released after the rotation. The affected list of images are as followings:
These images cannot be updated to latest versions:
- On Milestone 77: images prior to cos-77-12371-1000-0
- On Milestone 81: images prior to cos-81-12871-1000-0
- On Milestone 85: images prior to cos-85-13310-1000-0
- On Milestone 86: images prior to cos-dev-86-15053-0-0
These images will no longer receive any updates:
- All milestones before 77, including any previously deprecated milestones.
Automatic updates will continue to work on all supported milestones for new releases.
Users using Container-Optimized OS as part of a managed service (for example, Google Kubernetes Engine, Cloud SQL, etc.) are not affected.
Users running standalone Container-Optimized OS versions with
enabled will not see their instances getting updated to newer versions. We ask
such users to manually choose newer OS versions by recreating their VM
instances with the newer image.