Sysdig Documentation

v2.5.0+ Upgrade (Installer: Kubernetes)

Overview

The Installer tool can be used to upgrade a Sysdig implementation. Just as in an installation, you must meet the prerequisites, download the values.yaml, edit the values as indicated, and run the installer. The main difference is that you run it twice: once to discover the differences between the old and new versions and the second time to deploy the new version.

As this is a new feature, some guidance from Sysdig Professional Services may be warranted in highly customized installations.

Note

Review the Prerequisites and Installation Options for more context, if needed.

Upgrade Steps

To upgrade:

  1. Copy the current version of values.yaml to your working directory.

    wget https://raw.githubusercontent.com/draios/sysdigcloud-kubernetes/installer/installer/values.yaml
  2. Edit the following values:

    • scripts: set to generate diff.

      This setting will generate the differences between the installed environment and the upgrade version. The changes will be displayed in your terminal. Other values: deploy

  3. The remaining parameters are edited as they would be in an installation:

    • size: Specifies the size of the cluster. Size defines CPU, Memory, Disk, and Replicas. Valid options are: small, medium and large

    • quaypullsecret: quay.io provided with your Sysdig purchase confirmation mail

    • storageClassProvisioner: The name of the storage class provisioner to use when creating the configured storageClassName parameter. When installing, if you use AWS or GKE as your storage provisioner for Kubernetes, enter aws or gke in the storageClassProvisioner field. If you do not use one of those two dynamic storage provisioners, enter: hostPath and then refer to the Advanced examples for how to configure static storage provisioning using this option.

    • sysdig.license: Sysdig license key provided with your Sysdig purchase confirmation mail

    • sysdig.anchoreLicensePath: The path relative to the values.yaml where the Anchore enterprise license yaml is located. (For Sysdig Secure users only.)

    • sysdig.dnsname: The domain name the Sysdig APIs will be served on. Note that the master node may not be used as the DNS name when using hostNetwork mode.

    • sysdig.collector.dnsName: (OpenShift installs only) Domain name the Sysdig collector will be served on. When not configured it defaults to whatever is configured for sysdig.dnsName. Note that the master node may not be used as the DNS name when using hostNetwork mode.

    • deployment: (OpenShift installs only) Add deployment: openshift to the root of the values.yaml file.

    • sysdig.ingressNetworking: The networking construct used to expose the Sysdig API and collector.Options are:

      • hostnetwork: sets the hostnetworking in the ingress daemonset and opens host ports for api and collector. This does not create a Kubernetes service.

      • loadbalancer: creates a service of type loadbalancer and expects that your Kubernetes cluster can provision a load balancer with your cloud provider.

      • nodeport: creates a service of type nodeport.The node ports can be customized with:

        sysdig.ingressNetworkingInsecureApiNodePort

        sysdig.ingressNetworkingApiNodePort

        sysdig.ingressNetworkingCollectorNodePort

      Note

      If doing an airgapped install , you would also edit the following values:

      (See also Airgapped Installation Options.)

    • airgapped_registry_name: The URL of the airgapped (internal) docker registry. This URL is used for installations where the Kubernetes cluster can not pull images directly from Quay

    • airgapped_registry_password: The password for the configured airgapped_registry_username. Ignore this parameter if the registry does not require authentication.

    • airgapped_registry_username: The username for the configured airgapped_registry_name. Ignore this parameter if the registry does not require authentication.

  4. Run the installer.

    For environments with access to the internet:

    docker run -e HOST_USER=$(id -u) -e KUBECONFIG=/.kube/config 
    -v ~/.kube:/.kube:Z -v $(pwd):/manifests:Z 
    quay.io/sysdig/installer:2.5.0-1

    For partial-airgap (installation machine has access to the internet):

    docker run -e HOST_USER=$(id -u) -e KUBECONFIG=/.kube/config 
      -v ~/.kube:/.kube:Z 
      -v $(pwd):/manifests:Z 
      -v /var/run/docker.sock:/var/run/docker.sock:Z 
      -v ~/.docker:/root/docker:Z 
      quay.io/sysdig/installer:2.5.0-1

    For full airgapped environment:

    bash sysdig_installer.tar.gz
  5. If you are fine with the differences displayed, then set scripts to deploy and rerun the installer as in Step 3.

    If you want to override a change, based on your environment’s custom settings, then contact Sysdig Support for assistance.