Upgrading Cisco Container Platform

Upgrading Cisco Container Platform and upgrading tenant clusters are independent operations. You must upgrade the Cisco Container Platform to allow tenant clusters to upgrade. Specifically, tenant clusters cannot be upgraded to a higher version than the Control Plane. For example, if the Control Plane is at version 1.10, the tenant cluster cannot be upgraded to the 1.11 version.

Upgrading Cisco Container Platform is a three-step process:


Note
Taking a snapshot of the VMs managed by Cisco Container Platform is currently unsupported and results in failures during upgrades.

You can update the size of a single IP address pool during an upgrade. However, we recommend that you plan ahead for the free IP address requirement by ensuring that the free IP addresses are available in the Control Plane cluster prior to the upgrade.

If you are upgrading from a Cisco Container Platform version:

  • 3.1.x or earlier, you must ensure that at least five IP addresses are available.

  • 3.2 or later, you must ensure that at least three IP addresses are available.

Deploying Upgrade VM

Follow the instructions in the Installing Cisco Container Platform > Deploying Installer VM section to deploy the latest VM.

It may take a few minutes for the deployment of the VM to complete. You can view the status of the upgrade task using the Web console of vCenter.


Note
Depending on CNI usage, the port used to access Cisco Container Platform may change as part of the upgrade.

Upgrading Cisco Container Platform Control Plane

The Cisco Container Platform Control Plane is upgraded using an installer UI. After the installer VM is switched on, the URL of the installer appears on the vCenter Web console.

Procedure

Step 1

Obtain the URL from the vCenter Web console and use a browser to open the installer UI.

Step 2

Click Upgrade.

Step 3

In the Connect your Cloud screen, enter the following information:

  1. In the VCENTER HOSTNAME OR IP ADDRESS field, enter the IP address of the vCenter instance that you want to use.

  2. In the PORT field, enter the port of the vCenter instance that you want to use.

  3. In the VCENTER USERNAME field, enter the username of the user with administrator access to the vCenter instance.

  4. In the VCENTER PASSPHRASE field, enter the passphrase of the vCenter user.

  5. Click CONNECT.

Step 4

In the Authenticate CCP screen, enter the following information:

  1. In the EXISTING CISCO CONTAINER PLATFORM (CCP) URL field, for accessing Cisco Container Platform in the following format:

    https://<CCP_IP_Address>:<Port>

  2. To establish a secure connection, enable VERIFY SSL.

  3. In the ADMIN USERNAME field, enter the username for the Administrator user of the Cisco Container Platform Control Plane.

  4. In the ADMIN PASSPHRASE field, enter the current passphrase for an Administrator user of the Cisco Container Platform Control Plane.

  5. Click CONNECT.

Step 5

In the Cluster Configuration screen, enter the following information:

  1. In the USERNAME FOR NODE ACCESS field, enter the username of the user who can ssh into the Cisco Container Platform Control Plane nodes.

  2. In the SSH PUBLIC KEY FOR INSTALLER NODE ACCESS field, enter an ssh public key.

    You can use this key to ssh to the Control Plane nodes.
    Note 

    • Ensure that you enter the public key in a single line.

    • You can use the private key to securely connect to the Cisco Container Platform Control Plane VMs through SSH, after installation.

    • If you do not have an SSH key pair, you can generate it using the ssh-keygen command.

    • Ensure that you use the Ed25519 or ECDSA format for the public key.

      Note 
      As RSA and DSA are less secure formats, Cisco prevents the use of these formats.

  3. Click NEXT.

Step 6

In the Verify Network screen, enter the following information:

  1. In the SUBNET CIDR field, enter the actual CIDR of the VM network.

    Note 

    • This network will be used for VM network configuration. You must ensure the CIDR matches VM network configured on the vsphere.

    • When the SUBNET CIDR is updated, the GATEWAY IP and IP ADDRESS RANGE are also updated accordingly.

  2. In the GATEWAY IP field, enter the gateway IP address of the VM network.

    Note 
    Ensure that you enter the correct gateway IP address for the VM network. An incorrect gateway IP address causes failures during Control Plane upgrading.

  3. In the IP ADDRESS RANGE field, enter the available IP address range that can be used for the Control Plane.

    Note 

    • Do not adjust the address range if there are enough free IP addresses across the pools in the Control Plane's subnet to support the Control Plane upgrade.

    • You can extend the pool range as long as it does not overlap with any other pools in the subnet.

  4. In the Nameservers field, enter at least one DNS server address.

    Note 
    This nameserver(s) will be used in the DNS configuration of the Control Plane. You must ensure that Cisco Container Platform has access to this DNS server.

  5. Click NEXT.

Step 7

In the Control Plane Settings screen, enter the following information:

  1. In the CONTROL PLANE NAME field, enter the name of the Cisco Container Platform cluster.

    Note 
    You need to enter the same cluster name that you used during installation.

  2. From the VSPHERE DATACENTER drop-down list, choose the datacenter.

  3. From the BASE VM IMAGE drop-down list, choose the Cisco Container Platform tenant base VM name.

  4. In the CCP VERSION field, enter the version of the Cisco Container Platform cluster.

  5. From the CCP LICENSE ENTITLEMENT drop-down list, choose an entitlement option that indicates the type of Smart Licensing that you want to use.

    Note 
    The Partner option will only be used in conjunction with a Not for Retail (NFR) or Trial license.

  6. Click UPGRADE.

    The Upgrade Status screen appears.

After the upgrade is complete, click LAUNCH to access the upgraded Cisco Container Platform web interface.