With the release of new Container Service Extension (CSE) version 1.2.7 due to vulnerability related to docker (CVE-2019-5736 ) for both Ubuntu and Photon OS templates , it is very important to update the CSE ASAP , here is the procedure to help you to upgrade the CSE easily.

Pre-requisite:

• Check the release notes Here for version compatibility.

Upgrade procedure for Cloud Admins:

• Update CSE to 1.2.7 ( follow procedure below)
• Update the templates (follow procedure below)

Upgrading CSE Server Software

•  Stop CSE Server services gracefully.
  • #vcd cse system stop -y
  • 

• Reinstall container-service-extension using Python Package Index:
  • #pip3 install –user –upgrade container-service-extension
  • 
• Review the configuration file for any new options introduced or deprecated in the new version. cse sample  can be used to generate a new sample config file as well.
  • 
  • Follow the steps listed here , to edit your environment variable for CSE to use.
• If the previously generated templates are no longer supported by the new version, delete the templates and re-generate new ones using below command.
  • cse install -c mysample.yaml –update
  • 
• If running CSE as a service, start the new version of the service with
  • $systemctl start cse
  • 

Upgrade procedure for Tenant Users:

• Delete clusters that were created with older templates. Recreate clusters with new templates
• Alternatively, tenant-users can update docker version manually on their existing clusters.

This completes the upgrade procedure , go ahead and let the customer consume Kubernetes as a Service from your platform.