OpenShift Container Platform 4.x
Twistlock was acquired by Palo Alto Network in 2019 and became part of the Prisma Cloud product afterwards
- Before when TwistLock was installed on OpenShift Container Platform 4, it modified the crio.conf file and prevented the operator from upgrading.
This issue has been reported to Palo Alto Networks.
Take a backup of the MachineConfig before any upgrade : $ oc get machineconfig <01-worker-xxx> -o yaml > 01-worker-mc-xxx.yaml Prior to Upgrade : 1. Uninstall Twistlock defender pods 2. Restore Container runtime config $ oc apply -f 01-worker-mc-xxx.yaml 3. Check MCO is not reporting degraded state Trigger an OpenShift upgrade if required.
This solution is part of Red Hat’s fast-track publication program, providing a huge library of solutions that Red Hat engineers have created while supporting our customers. To give you the knowledge you need the instant it becomes available, these articles may be presented in a raw and unedited form.