All Products
Search
Document Center

Container Service for Kubernetes:Update the Sandboxed-Container runtime

Last Updated:Jun 13, 2023

You can update the Sandboxed-Container runtime that is deployed on your nodes in the Container Service for Kubernetes (ACK) console. This topic describes how the Sandboxed-Container runtime is updated and how to perform an update. This topic also describes the considerations that you must take note of during the update.

Limits

You can update the Sandboxed-Container runtime only for clusters that run sandboxed containers.

Considerations

  • To update the runtime, nodes must have Internet access to download update packages.

  • Failures may occur during the update. To ensure data security, we recommend that you take snapshots of storage volumes before the update.

  • Applications that run in the cluster are not interrupted during the update. We recommend that you check the release notes of the runtime to decide whether you need to release applications again. For more information, see Release notes of Sandboxed-Container.

  • The update is performed in batches. You can pause the update after a batch is updated. We recommend that you resume and complete a paused update at your earliest convenience. Do not perform operations on the cluster when the update is paused. If the update is paused for more than 15 days, the update is automatically canceled. The related events and log information are deleted.

  • Do not add nodes to or remove nodes from the cluster during the update. To add or remove nodes, you must first cancel the update.

  • Do not modify resources in the runtime-upgrade namespace during the update unless an error occurred.

  • If an error occurs during the update, the process is paused. You must troubleshoot the error and delete the failed pods in the runtime-upgrade namespace. After the error is fixed, you can resume the update.

    Important

    Do not delete or modify resources other than the failed pods in the runtime-upgrade namespace even if an error occurs. You can also contact the Alibaba Cloud technical support team for assistance.

How the Sandboxed-Container runtime is updated

  • Update process and status transitions

    After you start an update, the system automatically creates and executes update tasks. The tasks are automatically divided into batches, distributed to nodes that require updates, and executed by running pods. During the update process, you can pause, resume, or cancel the update based on your business requirements.升级图

    • After you click Upgrade, the task changes to the Upgrading state.

    • You can pause a task in the Upgrading state. After such a task is paused, the task changes to the Paused state.

    • You can resume a paused task. After a paused task is resumed, the task changes to the Upgrading state.

    • You can also cancel a paused task. After a paused task is canceled, the task changes to the Canceled state.

  • Update policy

    A runtime update is performed in batches:

    • The first batch includes one node. The number of nodes increases by the power of two in subsequent batches. If you resume a paused update, the first batch after the update is resumed includes one node. The number of nodes increases by the power of two in subsequent batches.

    • The maximum number of nodes in a batch does not exceed 10% of the total number of nodes.

    If a cluster has 50 nodes that require updates, the update process is performed in the following batches:

    • The first batch includes one node.

    • The second batch includes two nodes.

    • The third batch includes four nodes.

    • The fourth batch includes five nodes. Based on the calculation method, the number of nodes in the fourth batch is eight (2 3 = 8). However, the maximum number of nodes in a batch cannot exceed 10% of the total number of nodes. In this example, the maximum number is calculated by using the following formula: 50 × 10% = 5.

    • The fifth batch includes five nodes.

    • The preceding processes are repeated.

  • Pause an update

    You can pause an update process at any time. Take note of the following information:

    • After you pause an update, the update is performed on nodes on which the update already started. The update is not performed on nodes on which the update is not started.

    • We recommend that you resume and complete a paused update at your earliest convenience. Do not perform operations on the cluster when the update is paused.

    • When you pause an update, the system automatically checks whether nodes that need to be updated exist. If no such nodes exist, you fail to pause the update.

    After the update is paused, you can click Continue to resume the update.

    If an error occurs during the update, the system automatically pauses the update. The cause of the error is displayed in the lower part of the page. You can troubleshoot the error or Submit a ticket to request technical support.

  • Cancel an update

    After an update is paused, you can click Cancel to cancel the update. Take note of the following information:

    • After you cancel an update, the update is performed on nodes on which the update already started. The update is not performed on nodes on which the update is not started.

    • You cannot cancel the update on nodes on which the update is complete.

Procedure

  1. Log on to the ACK console.
  2. In the left-side navigation pane of the ACK console, click Clusters.
  3. On the Clusters page, find the cluster that you want to manage and click the name of the cluster or click Details in the Actions column. The details page of the cluster appears.
  4. On the cluster details page, choose Operations > Container Runtime Update.

    Note

    You can update the Sandboxed-Container runtime only for clusters that run sandboxed containers.

  5. On the Container Runtime Update page, click Upgrade.

  6. In the message that appears, click OK.

    To pause the update, click Pause. After the update is paused, you can click Continue to resume the update or click Cancel to cancel the update.继续或者取消

    After you click Upgrade or Continue, you can view the operation records in the event list.事件列表

Result

After the update is complete, the updated runtime no longer appears when you refresh or reopen the current page.