Upgrade Kommander

Steps to upgrade Kommander via CLI

This section describes how to upgrade your Kommander Management cluster and all Platform Applications to their supported versions in networked, air-gapped, and on-prem environments. To prevent compatibility issues, you must first upgrade Kommander on your Management Cluster before upgrading to DKP.

NOTE: It is important you upgrade Kommander BEFORE upgrading the Kubernetes version (or Konvoy version for Managed Konvoy clusters) in attached clusters, due to the previous versions' incompatibility with 1.22.


Download the Kommander application definitions:

wget "https://downloads.d2iq.com/dkp/v2.2.0/kommander-applications-v2.2.0.tar.gz"

Download the Kommander charts bundle:

wget "https://downloads.d2iq.com/dkp/v2.2.0/dkp-kommander-charts-bundle-v2.2.0.tar.gz"

If you have any DKP Catalog Applications, download the DKP Catalog Application charts bundle:

wget "https://downloads.d2iq.com/dkp/v2.2.0/dkp-catalog-applications-charts-bundle-v2.2.0.tar.gz"

NOTE: These docker images include code from the MinIO Project (“MinIO”), which is © 2015-2021 MinIO, Inc. MinIO is made available subject to the terms and conditions of the GNU Affero General Public License 3.0. Complete source code for MinIO is available here and here.

  • For clusters upgrading from 2.1.1 with HTTP Proxy installed:

    Edit the gatekeeper-overrides, and add a new configuration property, disableMutation, with the value false. This is required because the Gatekeeper configuration was changed between versions v2.1.1 and v2.2.0:

      disableMutation: false # <-- this value is new in 2.2.0
        enablePodProxy: true
          noProxy: ...
          httpProxy: ...
          httpsProxy: ...
        excludeNamespacesFromProxy: []
          "gatekeeper.d2iq.com/mutate": "pod-proxy"

    Configure the kommander-flux namespace and adjust the label so the Gatekeeper mutation is active on the namespace:

    kubectl label namespace kommander-flux gatekeeper.d2iq.com/mutate=pod-proxy

Detach MetalLB from Kommander

IMPORTANT: Beginning with DKP version 2.2, MetalLB is no longer managed as a platform application. If you installed MetalLB on the cluster that you're upgrading prior to DKP version 2.2, you will need to detach MetalLB from the cluster prior to upgrading.

  1. Pause the helm release.
kubectl -n kommander patch -p='{"spec":{"suspend": true}}' --type=merge helmrelease/metallb
helmrelease.helm.toolkit.fluxcd.io/metallb patched
  1. Delete the helm release secret.
kubectl -n kommander delete secret -l name=metallb,owner=helm
secret "sh.helm.release.v1.metallb.v1" deleted
  1. Delete MetalLB.
kubectl -n kommander delete appdeployment metallb
appdeployment.apps.kommander.d2iq.io "metallb" deleted
  1. Unpause the helm release.
kubectl -n kommander patch -p='{"spec":{"suspend": false}}' --type=merge helmrelease/metallb
helmrelease.helm.toolkit.fluxcd.io/metallb patched

This deletes MetalLb from Kommander while leaving the resources running in the cluster.

kubectl -n kommander get pod -l app=metallb
NAME                                 READY   STATUS    RESTARTS   AGE
metallb-controller-d657c8dbb-zlgrk   1/1     Running   0          20m
metallb-speaker-2gz6p                1/1     Running   0          20m
metallb-speaker-48d44                1/1     Running   0          20m
metallb-speaker-6gp76                1/1     Running   0          20m
metallb-speaker-dh9dm                1/1     Running   0          20m

Upgrade Kommander

Before running the following command, ensure that your dkp configuration references the Kommander Management cluster, otherwise it attempts to run the upgrade on the bootstrap cluster. You can do this by setting the KUBECONFIG environment variable to the appropriate kubeconfig file’s location.

NOTE: As stated earlier, an alternative to initializing the KUBECONFIG environment variable is to use the –kubeconfig=cluster_name.conf flag. This ensures that Kommander upgrades on the workload cluster.

  1. Use the DKP CLI to upgrade Kommander and all the Platform Applications in the Management Cluster:

    • For air-gapped:

      dkp upgrade kommander --charts-bundle dkp-kommander-charts-bundle-v2.2.0.tar.gz --kommander-applications-repository kommander-applications-v2.2.0.tar.gz
    • For air-gapped with DKP Catalog Applications in a multi-cluster environment:

      dkp upgrade kommander --charts-bundle dkp-kommander-charts-bundle-v2.2.0.tar.gz --charts-bundle dkp-catalog-applications-charts-bundle-v2.2.0.tar.gz --kommander-applications-repository kommander-applications-v2.2.0.tar.gz

      After the upgrade, follow the DKP Catalog Applications configuration page to update the Git repository.

    • For non air-gapped:

      dkp upgrade kommander

      If you have DKP Catalog Applications deployed, follow the DKP Catalog Applications configuration page to update the Git repository after the upgrade.

    An output similar to this appears:

    dkp upgrade kommander  --kommander-applications-repository ~/work/git_repos/kommander-applications
    ✓ Ensuring upgrading conditions are met
    ✓ Ensuring application definitions are updated
    ✓ Ensuring helm-mirror implementation is migrated to chartmuseum
  2. If the upgrade fails, run the following command to get more information on the upgrade process:

    dkp upgrade kommander -v 4

    If you find any HelmReleases in a “broken” release state such as “exhausted” or “another rollback/release in progress”, you can trigger a reconciliation of the HelmRelease using the following commands:

    kubectl -n kommander patch helmrelease <HELMRELEASE_NAME> --type='json' -p='[{"op": "replace", "path": "/spec/suspend", "value": true}]'
    kubectl -n kommander patch helmrelease <HELMRELEASE_NAME> --type='json' -p='[{"op": "replace", "path": "/spec/suspend", "value": false}]'
  3. For Enterprise customers (multi-cluster environment): Upgrade your additional Workspaces on a per-Workspace basis to upgrade the Platform Applications on other clusters than the Management Cluster. For Essential customers (single-cluster environment): Proceed with the Konvoy Upgrade.

You can always go back to the DKP Upgrade overview, to review the next steps depending on your environment and license type.