With the release of new Container Service Extension (CSE) version 1.2.7 due to vulnerability related to docker (CVE-2019-5736 ) for both Ubuntu and Photon OS templates , it is very important to update the CSE ASAP , here is the procedure to help you to upgrade the CSE easily.
- Check the release notes Here for version compatibility.
Upgrade procedure for Cloud Admins:
- Update CSE to 1.2.7 ( follow procedure below)
- Update the templates (follow procedure below)
Upgrading CSE Server Software
- Stop CSE Server services gracefully.
- #vcd cse system stop -y
- Reinstall container-service-extension using Python Package Index:
- #pip3 install –user –upgrade container-service-extension
- Review the configuration file for any new options introduced or deprecated in the new version. cse sample can be used to generate a new sample config file as well.
- Follow the steps listed here , to edit your environment variable for CSE to use.
- If the previously generated templates are no longer supported by the new version, delete the templates and re-generate new ones using below command.
- cse install -c mysample.yaml –update
- If running CSE as a service, start the new version of the service with
- $systemctl start cse
Upgrade procedure for Tenant Users:
- Delete clusters that were created with older templates. Recreate clusters with new templates
- Alternatively, tenant-users can update docker version manually on their existing clusters.
This completes the upgrade procedure , go ahead and let the customer consume Kubernetes as a Service from your platform.