Skip to content

Latest commit

 

History

History
155 lines (137 loc) · 5.81 KB

cs_versions.md

File metadata and controls

155 lines (137 loc) · 5.81 KB
Raw
copyright lastupdated
years
2014, 2017
2017-10-24

{:new_window: target="_blank"} {:shortdesc: .shortdesc} {:screen: .screen} {:pre: .pre} {:table: .aria-labeledby="caption"} {:codeblock: .codeblock} {:tip: .tip} {:download: .download}

Kubernetes versions for {{site.data.keyword.containerlong_notm}}

{: #cs_versions}

Review the Kubernetes versions that are available on {{site.data.keyword.containerlong}}. {:shortdesc}

The table contains updates that are likely to have impact on deployed apps when you update a cluster to a new version. Review the Kubernetes changelog External link icon for a complete list of changes in Kubernetes versions.

For more information on the updating process, see Updating clusters and Updating worker nodes.

Version 1.7

{: #cs_v17}

Update before master

{: #17_before}

Table 1. Changes to make before updating the master to Kubernetes 1.7
Type Description
Storage Configuration scripts with `hostPath` and `mountPath` with parent directory references like `../to/dir` are not allowed. Change paths to simple absolute paths, for example, `/path/to/dir`.
  1. Run this command to determine whether you need to update your storage paths.
    ``` kubectl get pods --all-namespaces -o yaml | grep "\.\." && echo "Action required" ```
  2. If `Action required` is returned, modify each impacted pod to reference the absolute path before you update all of your worker nodes. If the pod is owned by another resource, such as a deployment, modify the [_PodSpec_ ![External link icon](../icons/launch-glyph.svg "External link icon")](https://kubernetes.io/docs/api-reference/v1.7/#podspec-v1-core) within that resource.

Update after master

{: #17_after}

Table 2. Changes to make after updating the master to Kubernetes 1.7
Type Description
kubectl After you update `kubectl` CLI to the version of your cluster, these `kubectl` commands must use multiple flags instead of comma separated arguments.
  • `create role`
  • `create clusterrole`
  • `create rolebinding`
  • `create clusterrolebinding`
  • `create secret`

For example, run `kubectl create role --resource-name --resource-name ` and not `kubectl create role --resource-name ,`.
Pod Affinity Scheduling The `scheduler.alpha.kubernetes.io/affinity` annotation is deprecated.
  1. Run this command for each namespace except for `ibm-system` and `kube-system` to determine whether you need to update pod affinity scheduling.
    ``` kubectl get pods -n -o yaml | grep "scheduler.alpha.kubernetes.io/affinity" && echo "Action required" ```
  2. If `"Action required"` is returned, modify the impacted pods to use the [_PodSpec_ ![External link icon](../icons/launch-glyph.svg "External link icon")](https://kubernetes.io/docs/api-reference/v1.7/#podspec-v1-core) _affinity_ field instead of the `scheduler.alpha.kubernetes.io/affinity` annotation.
Network Policy The `net.beta.kubernetes.io/network-policy` annotation is no longer supported.
  1. Run this command to determine whether you need to update your network policies.
    ``` kubectl get ns -o yaml | grep "net.beta.kubernetes.io/network-policy" | grep "DefaultDeny" && echo "Action required" ```
  2. If `Action required` returns, add the following network policy to each Kubernetes namespace that was listed.
      
  kubectl create -n <namespace> -f - <<EOF
  kind: NetworkPolicy
  apiVersion: networking.k8s.io/v1
  metadata:
    name: default-deny
    namespace: <namespace>
  spec:
    podSelector: {}
  EOF
  3. With the network policy in place, remove the `net.beta.kubernetes.io/network-policy` annotation. ``` kubectl annotate ns --overwrite "net.beta.kubernetes.io/network-policy-" ```
Tolerations The `scheduler.alpha.kubernetes.io/tolerations` annotation is no longer supported.
  1. Run this command for each namespace except for `ibm-system` and `kube-system` to determine whether you need to update tolerations.
    ``` kubectl get pods -n -o yaml | grep "scheduler.alpha.kubernetes.io/tolerations" && echo "Action required" ```
  2. If `"Action required"` is returned, modify the impacted pods to use the [_PodSpec_ ![External link icon](../icons/launch-glyph.svg "External link icon")](https://kubernetes.io/docs/api-reference/v1.7/#podspec-v1-core) _tolerations_ field instead of the `scheduler.alpha.kubernetes.io/tolerations` annotation
Taints The `scheduler.alpha.kubernetes.io/taints` annotation is no longer supported.
  1. Run this command to determine whether you need to update taints.
    ``` kubectl get nodes -o yaml | grep "scheduler.alpha.kubernetes.io/taints" && echo "Action required" ```
  2. If `"Action required"` is returned, remove the `scheduler.alpha.kubernetes.io/taints` annotation for each node that has the unsupported annotation.
    `kubectl annotate nodes scheduler.alpha.kubernetes.io/taints-`
  3. When the unsupported annotation is removed, add a taint to each node. You must have `kubectl` CLI version 1.6 or later.
    `kubectl taint node `