Upgrade Kommander

Steps to upgrade Kommander via CLI

This section describes how to upgrade your Kommander Management cluster and all Platform Applications to their supported versions in networked, air-gapped, and on-prem environments. To prevent compatibility issues, you must first upgrade Kommander on your Management Cluster before upgrading to DKP.

NOTE: It is important you upgrade Kommander BEFORE upgrading the Kubernetes version (or Konvoy version for Managed Konvoy clusters) in attached clusters, due to the previous versions' incompatibility with 1.22.

Prerequisites

Download the Kommander application definitions:

wget "https://downloads.d2iq.com/dkp/v2.2.2/kommander-applications-v2.2.2.tar.gz"

Download the Kommander charts bundle:

wget "https://downloads.d2iq.com/dkp/v2.2.2/dkp-kommander-charts-bundle-v2.2.2.tar.gz" -O - | tar -xvf -

If you have any DKP Catalog Applications, download the DKP Catalog Application charts bundle:

wget "https://downloads.d2iq.com/dkp/v2.2.2/dkp-catalog-applications-charts-bundle-v2.2.2.tar.gz" -O - | tar -xvf -
  • For clusters upgrading from 2.1.1 with HTTP Proxy installed:

Edit the gatekeeper-overrides, and add a new configuration property, disableMutation, with the value false. This is required because the Gatekeeper configuration was changed between versions v2.1.1 and v2.2.2:

  disableMutation: false # <-- this value is new in 2.2.2
  mutations:
    enablePodProxy: true
    podProxySettings:
      noProxy: ...
      httpProxy: ...
      httpsProxy: ...
    excludeNamespacesFromProxy: []
    namespaceSelectorForProxy:
      "gatekeeper.d2iq.com/mutate": "pod-proxy"

Configure the kommander-flux namespace and adjust the label so the Gatekeeper mutation is active on the namespace:

kubectl label namespace kommander-flux gatekeeper.d2iq.com/mutate=pod-proxy

Detach MetalLB from Kommander

IMPORTANT: Beginning with DKP version 2.2, MetalLB is no longer managed as a platform application. If you installed MetalLB on the cluster that you're upgrading prior to DKP version 2.2, you will need to detach MetalLB from the cluster prior to upgrading.

  1. Pause the helm release.

    kubectl -n kommander patch -p='{"spec":{"suspend": true}}' --type=merge helmrelease/metallb
    
    helmrelease.helm.toolkit.fluxcd.io/metallb patched
    
  2. Delete the helm release secret.

    kubectl -n kommander delete secret -l name=metallb,owner=helm
    
    secret "sh.helm.release.v1.metallb.v1" deleted
    
  3. Delete MetalLB.

    kubectl -n kommander delete appdeployment metallb
    
    appdeployment.apps.kommander.d2iq.io "metallb" deleted
    

    This deletes the MetalLB App from Kommander while leaving the MetalLB resources running in the cluster. Use the following command to view the pods:

    kubectl -n kommander get pod -l app=metallb
    
    NAME                                 READY   STATUS    RESTARTS   AGE
    metallb-controller-d657c8dbb-zlgrk   1/1     Running   0          20m
    metallb-speaker-2gz6p                1/1     Running   0          20m
    metallb-speaker-48d44                1/1     Running   0          20m
    metallb-speaker-6gp76                1/1     Running   0          20m
    metallb-speaker-dh9dm                1/1     Running   0          20m
    

Upgrade Kommander

Before running the following command, ensure that your dkp configuration references the Kommander Management cluster, otherwise it attempts to run the upgrade on the bootstrap cluster. You can do this by setting the KUBECONFIG environment variable to the appropriate kubeconfig file’s location.

NOTE: As stated earlier, an alternative to initializing the KUBECONFIG environment variable is to use the –kubeconfig=cluster_name.conf flag. This ensures that Kommander upgrades on the workload cluster.

  1. Use the DKP CLI to upgrade Kommander and all the Platform Applications in the Management Cluster:

    • For air-gapped:

      dkp upgrade kommander --charts-bundle dkp-kommander-charts-bundle-v2.2.2.tar.gz --kommander-applications-repository kommander-applications-v2.2.2.tar.gz
      
    • For air-gapped with DKP Catalog Applications in a multi-cluster environment:

      dkp upgrade kommander --charts-bundle dkp-kommander-charts-bundle-v2.2.2.tar.gz --charts-bundle dkp-catalog-applications-charts-bundle-v2.2.2.tar.gz --kommander-applications-repository kommander-applications-v2.2.2.tar.gz
      

      After the upgrade, follow the DKP Catalog Applications configuration page to update the Git repository.

    • For non air-gapped:

      dkp upgrade kommander
      

      If you have DKP Catalog Applications deployed, follow the DKP Catalog Applications configuration page to update the Git repository after the upgrade.

      dkp upgrade kommander  --kommander-applications-repository ~/work/git_repos/kommander-applications
      

      An output similar to this appears:

      ✓ Ensuring upgrading conditions are met
      ✓ Ensuring application definitions are updated
      ✓ Ensuring helm-mirror implementation is migrated to chartmuseum
      ...
      
  2. For air-gapped deployments, an additional step is required to upgrade the Grafana Loki MinIO Tenant:

    kubectl patch statefulset grafana-loki-minio-ss-0 -n kommander --type='json' -p='[{"op": "replace", "path": "/spec/template/spec/containers/0/image", "value":"quay.io/minio/minio:RELEASE.2022-01-08T03-11-54Z"}]'
    
  3. If the upgrade fails, run the following command to get more information on the upgrade process:

    dkp upgrade kommander -v 4
    

    If you find any HelmReleases in a “broken” release state such as “exhausted” or “another rollback/release in progress”, you can trigger a reconciliation of the HelmRelease using the following commands:

    kubectl -n kommander patch helmrelease <HELMRELEASE_NAME> --type='json' -p='[{"op": "replace", "path": "/spec/suspend", "value": true}]'
    kubectl -n kommander patch helmrelease <HELMRELEASE_NAME> --type='json' -p='[{"op": "replace", "path": "/spec/suspend", "value": false}]'
    
  4. For Enterprise customers (multi-cluster environment): Upgrade your additional Workspaces on a per-Workspace basis to upgrade the Platform Applications on other clusters than the Management Cluster. For Essential customers (single-cluster environment): Proceed with the Konvoy Upgrade.

You can always go back to the DKP Upgrade overview, to review the next steps depending on your environment and license type.

This Docker image includes code from the MinIO Project (“MinIO”), which is © 2015-2021 MinIO, Inc. MinIO is made available subject to the terms and conditions of the GNU Affero General Public License 3.0. The complete source code for the versions of MinIO packaged with DKP 2.2.X are available at these URLs:

  • https://github.com/minio/minio/tree/RELEASE.2022-02-24T22-12-01Z
  • https://github.com/minio/minio/tree/RELEASE.2022-01-08T03-11-54Z
  • https://github.com/minio/minio/tree/RELEASE.2021-02-14T04-01-33Z