$ oc adm manage-node <node_name> --schedulable=false
- Documentation
- OpenShift Container Platform
- Installation and Configuration
- Upgrading a Cluster
- Operating System Updates and Upgrades history
Soon, all Red Hat OpenShift documentation will only be available on docs.redhat.com, the official location of all Red Hat product documentation. Get familiar with the updated experience today!
- About
- Release Notes
- Getting Started
- Architecture
- Container Security Guide
- Installation and Configuration
- Overview
- Installing a Cluster
- Setting up the Registry
- Setting up a Router
- Upgrading a Cluster
- Downgrading
- Master and Node Configuration
- Adding Hosts to an Existing Cluster
- Loading the Default Image Streams and Templates
- Configuring Custom Certificates
- Redeploying Certificates
- Configuring Authentication and User Agent
- Syncing Groups With LDAP
- Configuring LDAP failover
- Configuring the SDN
- Configuring Nuage SDN
- Configuring for AWS
- Configuring for OpenStack
- Configuring for GCE
- Configuring for Azure
- Configuring Persistent Storage
- Overview
- Using NFS
- Using GlusterFS
- Using OpenStack Cinder
- Using Ceph RBD
- Using AWS Elastic Block Store
- Using GCE Persistent Disk
- Using iSCSI
- Using Fibre Channel
- Using Azure Disk
- Using Azure File
- Dynamic Provisioning and Creating Storage Classes
- Volume Security
- Selector-Label Volume Binding
- Enabling Controller-managed Attachment and Detachment
- Persistent Storage Examples
- Overview
- Sharing an NFS PV Across Two Pods
- Complete Example Using Ceph RBD
- Complete Example Using Ceph RBD for Dynamic Provisioning
- Complete Example Using GlusterFS
- Dynamic Provisioning Example Using Containerized GlusterFS
- Dynamic Provisioning Example Using Dedicated GlusterFS
- Containerized Heketi for Managing Dedicated GlusterFS
- Mounting Volumes To Privileged Pods
- Backing Docker Registry with GlusterFS Storage
- Binding Persistent Volumes by Label
- Using StorageClasses for Dynamic Provisioning
- Using StorageClasses for Existing Legacy Storage
- Configuring Azure Blob Storage for Integrated Docker Registry
- Working with HTTP Proxies
- Configuring Global Build Defaults and Overrides
- Configuring Pipeline Execution
- Configuring Route Timeouts
- Configuring Native Container Routing
- Routing from Edge Load Balancers
- Aggregating Container Logs
- Aggregate Logging Sizing Guidelines
- Enabling Cluster Metrics
- Customizing the Web Console
- Revision History
- Administrator Solutions
- Cluster Administration
- Overview
- Managing Nodes
- Managing Users
- Managing Projects
- Managing Pods
- Managing Networking
- Configuring Service Accounts
- Managing Authorization Policies
- Image Policy
- Scoped Tokens
- Monitoring Images
- Managing Security Context Constraints
- Setting Quotas
- Setting Multi-Project Quotas
- Setting Limit Ranges
- Pruning Objects
- Garbage Collection
- Scheduler
- Allocating Node Resources
- Opaque Integer Resources
- Overcommitting
- Assigning Unique External IPs for Ingress Traffic
- Out of Resource Handling
- Monitoring and Debugging Routers
- High Availability
- IPtables
- Securing Builds by Strategy
- Restricting Application Capabilities Using Seccomp
- Sysctls
- Encrypting Hosts with IPsec
- Building Dependency Trees
- Backup and Restore
- Troubleshooting Networking
- Diagnostics Tool
- Idling Applications
- Revision History
- Scaling and Performance Guide
- CLI Reference
- Developer Guide
- Overview
- Application Life Cycle Management
- Authentication
- Authorization
- Projects
- Migrating Applications
- Application Tutorials
- Builds
- Deployments
- Templates
- Opening a Remote Shell to Containers
- Service Accounts
- Managing Images
- Image Signatures
- Quotas and Limit Ranges
- Getting Traffic into a Cluster
- Routes
- Integrating External Services
- Secrets
- ConfigMaps
- Using Daemonsets
- Pod Autoscaling
- Managing Volumes
- Using Persistent Volumes
- Executing Remote Commands
- Copying Files
- Port Forwarding
- Shared Memory
- Application Health
- Events
- Downward API
- Managing Environment Variables
- Jobs
- Cron Jobs
- Create from URL
- Revision History
- Creating Images
- Using Images
- REST API Reference
×
Operating System Updates and Upgrades
Updating and Upgrading the Operating System
Updating or upgrading your operating system (OS), by either changing OS versions
or updating the system software, can impact the OpenShift Container Platform software running
on those machines. In particular, these updates can affect the iptables rules
or ovs flows that OpenShift Container Platform requires to operate.
Use the following to safely upgrade the OS on a host:
-
Ensure the host is unschedulable, meaning that no new pods will be placed onto the host:
-
Migrate the pods from the host:
$ oc adm drain <node_name> --force --delete-local-data --ignore-daemonsets
-
Install or update the *-excluder packages on each host with the following. This ensures the hosts stay on the correct versions of OpenShift Container Platform, as per the atomic-openshift and docker packages, instead of the most current versions:
# yum install atomic-openshift-excluder atomic-openshift-docker-excluder
This adds entries to the
excludedirective in the host’s /etc/yum.conf file. -
Update or upgrade the host packages, and reboot the host. A reboot ensures that the host is running the newest versions, and means that the
dockerand OpenShift Container Platform processes have been restarted, which will force them to check that all of the rules in other services are correct.However, instead of rebooting a node host, you can restart the services that are affected, or preserve the
iptablesstate. Both processes are described in the OpenShift Container Platform IPtables topic. Theovsflow rules do not need to be saved, but restarting the OpenShift Container Platform node software will fix the flow rules. -
Configure the host to be schedulable again:
$ oc adm manage-node <node_name> --schedulable=true