-
Notifications
You must be signed in to change notification settings - Fork 1.9k
OSDOCS Document how to perform boot image updates on bare metal clusters #109158
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Open
mburke5678
wants to merge
5
commits into
openshift:main
Choose a base branch
from
mburke5678:mco-manual-boot-image-baremetal
base: main
Could not load branches
Branch not found: {{ refName }}
Loading
Could not load tags
Nothing to show
Loading
Are you sure you want to change the base?
Some commits from the old base branch may be removed from the timeline,
and old review comments may become outdated.
Open
Changes from all commits
Commits
Show all changes
5 commits
Select commit
Hold shift + click to select a range
File filter
Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
There are no files selected for viewing
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,124 @@ | ||
| // Module included in the following assemblies: | ||
| // | ||
| // * machine_configuration/mco-update-boot-images-manual.adoc | ||
|
|
||
| :_mod-docs-content-type: PROCEDURE | ||
| [id="mco-update-boot-images-ibm-bare-metal_{context}"] | ||
| = Manually updating the boot image on a bare-metal cluster | ||
|
|
||
| [role="_abstract"] | ||
| For a bare-metal cluster that was installed with {product-title} version 4.9 or earlier, you need to change how the cluster provisions new nodes in order to update the boot image used with those nodes. Using an up-to-date boot image ensures that any new nodes can scale up properly. | ||
|
|
||
| [NOTE] | ||
| ==== | ||
| The standard boot image management feature is not supported for bare-metal clusters. | ||
| ==== | ||
|
|
||
| If your bare-metal cluster was installed with {product-title} version 4.10 or later, boot images are kept current by the Cluster Version Operator (CVO) and are not at risk of skew. Skew enforcement is disabled for the cluster by default. No further action on your part is required to maintain the boot image versioning. | ||
|
|
||
| If your bare-metal cluster was installed with {product-title} version 4.9 or earlier, the cluster is using the legacy qcow2-based provisioning method. Boot images in these clusters are not managed by the CVO and could be significantly out of date. Follow the steps below to migrate the cluster to use the `machine-os-images` provisioning method, which was introduced in {product-title} 4.10. This migration ensures that the cluster always uses the release version as the boot image when a scale-up is taking place. | ||
|
|
||
| The following procedure enables the `install_coreos` deployment method and disables the qcow2 image cache. With these changes, the Cluster Baremetal Operator (CBO) will use the `machine-os-images` container from the release payload for new node provisioning. The cluster will have no skew risk, the same as a cluster at version 4.10 or later. Skew enforcement is automatically disabled after the migration is complete. | ||
|
|
||
| [NOTE] | ||
| ==== | ||
| Boot image updates are not required for Agent-based Installer clusters. The boot image for Agent-based Installer nodes is generated from the current release payload through the `oc adm node-image create` command and does not have skew issues. | ||
| ==== | ||
|
|
||
| .Prerequisites | ||
|
|
||
| * You have completed the general boot image prerequisites as described in the "Prerequisites" section of the link:https://access.redhat.com/articles/7053165#prerequisites-2[{product-title} Boot Image Updates knowledgebase article]. | ||
|
|
||
| * You have the {oc-first} installed. | ||
|
|
||
| * A new physical host must be registered and in the `available` state and an associated `BareMetalHost` object must be present in the `openshift-machine-api` namespace so that you can scale a new machine to verify the procedure. | ||
|
|
||
| .Procedure | ||
|
|
||
| . Check whether your cluster is using the legacy boot image provisioning path by running the following command: | ||
| + | ||
| [source,terminal] | ||
| ---- | ||
| $ oc get provisioning provisioning-configuration \ | ||
| -o jsonpath='{.spec.provisioningOSDownloadURL}' | ||
| ---- | ||
| + | ||
| * If the output is non-empty, your cluster was installed with {product-title} version 4.9 or earlier. Boot images are not managed by the the Cluster Version Operator (CVO) and could be significantly out of date. Follow the steps in this procedure to migrate to the current provisioning path. | ||
| + | ||
| * If the output is empty, your cluster was installed with {product-title} version 4.10 or later. Boot images are kept current by the Cluster Version Operator (CVO) and are not at risk of skew. Skew enforcement should be disabled for this cluster. No further action on your part is required to maintain the boot image versioning. | ||
|
|
||
| . Clear the legacy image fields and enable the `install_coreos` deployment method: | ||
|
|
||
| .. Migrate each machine set to the `machine-os-images` provisioning path by running the follwing command: | ||
| + | ||
| [source,terminal] | ||
| ---- | ||
| $ oc patch machineset <machineset-name> -n openshift-machine-api --type merge \ | ||
| -p '{"spec":{"template":{"spec":{"providerSpec":{"value":{"customDeploy":{"method":"install_coreos"},"image":{"url":"","checksum":""}}}}}}}' | ||
| ---- | ||
| + | ||
| Replace `<machineset_name>` with the name of your machine set. | ||
|
|
||
| .. Clear the legacy download URL by running the following command: | ||
| + | ||
| [source,terminal] | ||
| ---- | ||
| $ oc patch provisioning provisioning-configuration --type=merge -p '{"spec":{"provisioningOSDownloadURL":""}}' | ||
| ---- | ||
| + | ||
| This process migrates the cluster to the `machine-os-images` provisioning method, which ensure that the latest boot image is used for scaling nodes. | ||
|
|
||
|
|
||
|
|
||
| .Verification | ||
|
|
||
| . Scale up a machine set to check that the new node is using the new boot image: | ||
|
|
||
| .. Increase the machine set replicas by one to trigger a new machine by running the following command: | ||
| + | ||
| [source,terminal] | ||
| ---- | ||
| $ oc scale --replicas=<count> machineset <machineset_name> -n openshift-machine-api | ||
| ---- | ||
| where: | ||
|
|
||
| `<count>`:: Specifies the total number of replicas, including any existing replicas, that you want for this machine set. | ||
| `<machineset_name>`:: Specifies the name of the machine set to scale. | ||
|
|
||
| .. Optional: View the status of the machine set as it provisions by running the following command: | ||
| + | ||
| [source,terminal] | ||
| ---- | ||
| $ oc get machines.machine.openshift.io -n openshift-machine-api -w | ||
| ---- | ||
| + | ||
| It can take several minutes for the machine set to achieve the `Running` state. | ||
|
|
||
| .. Verify that the new node has been created and is in the `Ready` state by running the following command: | ||
| + | ||
| [source,terminal] | ||
| ---- | ||
| $ oc get nodes | ||
| ---- | ||
|
|
||
| . Verify that the new node is using the new boot image by running the following command: | ||
| + | ||
| [source,terminal] | ||
| ---- | ||
| $ oc debug node/<new_node> -- chroot /host cat /sysroot/.coreos-aleph-version.json | ||
| ---- | ||
| + | ||
| Replace `<new_node>` with the name of your new node. | ||
| + | ||
| .Example output | ||
| [source,terminal] | ||
| ---- | ||
| { | ||
| # ... | ||
| "ref": "docker://ostree-image-signed:oci-archive:/rhcos-9.6.20251212-1-ostree.x86_64.ociarchive", | ||
| "version": "9.6.20251212-1" | ||
| } | ||
| ---- | ||
| where: | ||
|
|
||
| `version`:: Specifies the boot image version. | ||
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Note that this procedure is slightly different - a new BareMetalHost needs to be available as well, see https://gist.github.com/djoshy/93209abaec7f8474a1bdbc47551fc626#verifying-new-boot-image-optional
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I added that as a prerequisite.