RancherOS Upgrade Issue Fixed Yet?

[bodriye]

Hi,

I experimented with docker on freenas long time ago and had memory issues.
But now that those issues are resolved, I went back and tried it again.
So far its working just fine.
One thing I had issue with was upgrading rancher os with

Code:

sudo ros os upgrade

not working.
Is this issue resolved now? Or is the rancher os version hardcoded in still?
I know when I had to upgrade freenas, rancher stopped working.
I had to revert back to old version of freenas and run

Code:

sudo ros os upgrade

and then boot into new freenas again.
Is this still how things work? Any way for freenas devs to make it easy on us and allow us to manage upgrading docker os just like we can upgrade our jails?

Thanks

 

[KrisBee]

AFAIK the situation has not changed since FN11.2 became available.

 

[sretalla]

If you're using Rancher properly, you only need to worry about the Rancher Server... just blow away the cattle VMs and install new ones. If you're using the rancher-nfs filesystem properly, your container data will all be on your NFS share on FreeNAS and the new cattle will pick up from where the old ones left off.

The Rancher Server can also be set to work in fault-tolerant mode, so you could make a new one and put it together with the existing one, then remove the old.

 

[dlavigne]

Was a ticket ever made? If so, which ticket number?

 

[bodriye]

Was a ticket ever made? If so, which ticket number?

https://redmine.ixsystems.com/issues/27484 @dlavigne

 

[bodriye]

If you're using Rancher properly, you only need to worry about the Rancher Server... just blow away the cattle VMs and install new ones. If you're using the rancher-nfs filesystem properly, your container data will all be on your NFS share on FreeNAS and the new cattle will pick up from where the old ones left off.

The Rancher Server can also be set to work in fault-tolerant mode, so you could make a new one and put it together with the existing one, then remove the old.

Can cattle create networks and volume like this:

Code:

version: '2'

services:
  db:
    image: 'mysql:5.7'
    volumes:
      - db_data:/var/lib/mysql
    restart: always
    container_name: db
    networks:
      - wordpress_backend
    environment:
      - MYSQL_ROOT_PASSWORD=mypass
      - MYSQL_DATABASE=wordpress
      - MYSQL_USER=wordpress
      - MYSQL_PASSWORD=mypass
  wordpress:
    image: wordpress:latest
    container_name: wordpress
    restart: always
    volumes:
      - wordpress_files:/var/www/html
    networks:
      - web
      - wordpress_backend
    depends_on:
      - db
    labels:
      - "traefik.www.port=80"
      - "traefik.www.frontend.rule=Host:www.mydomain.com"
      - "traefik.root.port=80"
      - "traefik.root.frontend.rule=Host:mydomain.com"
    environment:
      - WORDPRESS_DB_HOST=db:3306
      - WORDPRESS_DB_USER=wordpress
      - WORDPRESS_DB_PASSWORD=mypass
      - WORDPRESS_DB_NAME=wordpress
  reverseProxy:
    image: traefik
    command: --docker
    container_name: traefik
    volumes:
      - /var/run/docker.sock:/var/run/docker.sock
      - traefik:/etc/traefik
    ports:
      - "80:80"
      - "443:443"
    container_name: traefik
    environment:
      - TZ=America/Vancouver
    labels:
      - "traefik.docker.network=web"
    networks:
      - web
volumes:
  db_data:
    driver_opts:
      type: "nfs"
      o: "addr=10.10.101.15,rw,hard,nolock"
      device: ":/mnt/pepper/docker/wordpress_db"
  wordpress_files:
    driver_opts:
      type: "nfs"
      o: "addr=10.10.101.15,rw,hard,nolock"
      device: ":/mnt/pepper/docker/wordpress_files"
  traefik:
    driver_opts:
      type: "nfs"
      o: "addr=10.10.101.15,rw,hard,nolock"
      device: ":/mnt/pepper/docker/traefik"
  rancher:
    driver_opts:
      type: "nfs"
      o: "addr=10.10.101.15,rw,hard,nolock"
      device: ":/mnt/pepper/docker/rancher"
networks:
  wordpress_backend:
    external:
      name: wordpress_backend
  web:
    external:
      name: web

edit: wow rancher nfs driver is sooo buggy. back to docker-compose

 

[bodriye]

In light of recent docker vulnerabilities.
I managed to edit these 2 files and get upgrade to work:
/usr/local/lib/python3.6/site-packages/middlewared/plugins/vm.py
and
/mnt/<POOL>/.bhyve_containers/configs/<CONTAINER>/grub/grub.cfg

for latest version run sudo ros os upgrade and say No to reboot and then edit grub area in both vm.py and grub.cfg on freenas to say linux /boot/vmlinuz-4.14.85-rancher and initrd /boot/initrd-v1.5.1 and then reboot rancher to upgrade

 

[sretalla]

Can cattle create networks and volume like this:
edit: wow rancher nfs driver is sooo buggy. back to docker-compose

So you were almost there... what you should do instead is use rancher-nfs instead of nfs (which changes the docker compose a little too).

You manage the storage once on the Rancher server and then add volumes (which are just subdirectories of the NFS share) under the Infrastructure/Storage section of the GUI, which you then attach in your docker compose (or in the UI provided under Volumes).

compose then has the extra section at the top:

Code:

version: '2'
volumes:
  volumename:
    external: true
    driver: rancher-nfs

services:
..........
Then in the container definition
..........
  docker-whatever:
    some settings...
    volumes:
    - volumename:/location/in/container:rw
    some more settings....

I have found it to be very reliable for me.

Hope the above helps.

EDIT: you also need to have installed the Rancher-NFS driver stack first before this will work... (add from catalog in the GUI)

 

[diskdiddler]

I logged a job for this a while back so it's in planning to streamline it a little.
https://redmine.ixsystems.com/issues/51102

 

[ykhodo]

In light of recent docker vulnerabilities.
I managed to edit these 2 files and get upgrade to work:
/usr/local/lib/python3.6/site-packages/middlewared/plugins/vm.py
and
/mnt/<POOL>/.bhyve_containers/configs/<CONTAINER>/grub/grub.cfg

for latest version run sudo ros os upgrade and say No to reboot and then edit grub area in both vm.py and grub.cfg on freenas to say linux /boot/vmlinuz-4.14.85-rancher and initrd /boot/initrd-v1.5.1 and then reboot rancher to upgrade

This worked great for me, thank you. Another vulnerability, another need to upgrade. How is upgrade as a feature not implemented in freenas yet?

 

[KrisBee]

User upgrade of rancheros is not going to happen.

 

[Zwck]

So ....)

would this be a proper docker compose, somehow the container locks up sometimes, can you spot something obvious?

Code:

# faster
version: '3'
volumes:
  jellyfin_config:
    driver: rancher-nfs
    driver_opts:
      external: true
      host: nas.zwck.lan
      exportBase: /mnt/evo/docker_persisten_storage/jellyfin/config
  jellyfin_cache:
    driver: rancher-nfs
    driver_opts:
      external: true
      host: nas.zwck.lan
      exportBase: /mnt/evo/docker_persisten_storage/jellyfin/cache

services:
  jellyfin:
    image: jellyfin/jellyfin:latest
    user: 1101:1101
    network_mode: "host"
    volumes:
      - jellyfin_config:/config
      - jellyfin_cache:/cache
      - /mnt/mm:/mm
      - /mnt/mm2:/mm2

 

[sretalla]

would this be a proper docker compose

Except for "version 3" (which is not supported by Rancher 1.6), I can't see anything obviously wrong there.