Remove old Ubuntu kernel packages

Available since MCC 2.25.0 (17.0.0 and 16.0.0)

During a management or managed cluster update with Ubuntu package updates, MOSK automatically removes unnecessary kernel and system packages.

During cleanup, MOSK keeps a number of kernel versions following the default behavior of the Ubuntu apt autoremove command:

  • Booted kernel

    The currently booted kernel is always kept.

  • Latest kernel

    If there are any kernel packages with versions higher than the booted kernel version, then the kernel package with the highest version is also kept.

  • Previous kernel

    If there are any installed kernel packages with versions lower than the one of the latest kernel that equals the booted kernel, then the kernel with version previous to the latest kernel is kept.

    Note

    Previous kernel does not equal the previously booted kernel. Previous kernel is an N-1 kernel in a sorted list of all kernels installed in the system where N is the kernel with the highest version.

Caution

If a kernel package is a dependency of another package, it will not be automatically removed. The rules above do not apply to such a case.

The number of kernel packages may be more than two if the apt autoremove command has never been used or if the cluster is affected by the known issue 46808.

Mirantis recommends keeping previous kernel version for fallback in case the current kernel becomes unstable. However, if you absolutely require leaving only the booted version of kernel packages, you can use the script described below after considering all possible risks.

To remove all kernel packages of the previous version:

  1. Verify that the cluster is successfully updated and is in the Ready state.

  2. Log in as root to the required node using SSH.

  3. Run the following script that calls an Ansible module targeted at local host. The module outputs a list of packages to remove, if any, without actually removing them.

    cleanup-kernel-packages
    

    The script workflow includes the following tasks:

    Task order

    Task name

    Description

    1

    Get kernels to cleanup

    Collect installed kernel packages and detect the candidates for removal.

    2

    Get kernels to cleanup (LOG)

    Print the log from the first task.

    3

    Kernel packages to remove

    Print the list of packages collected by the first task.

    4

    Remove kernel packages

    Remove packages that are detected as candidates for removal if the following conditions are met:

    • The script detects at least one candidate for removal

    • You add the --cleanup flag to the cleanup-kernel-packages command

  4. If the system outputs any packages to remove, carefully assess the list from the output of the Kernel packages to remove task.

    Caution

    The script removes all detected packages. There is no possibility to modify the list of candidates for removal.

    Example of system response with no found packages to remove
    PLAY [localhost]
    
    TASK [Get kernels to cleanup]
    ok: [localhost]
    
    TASK [Get kernels to cleanup (LOG)]
    ok: [localhost] => {
        "cleanup_kernels.log": [
            "2023-09-27 12:49:31,925 [INFO] Logging enabled",
            "2023-09-27 12:49:31,937 [DEBUG] Found kernel package linux-headers-5.15.0-83-generic, version 5.15.0.post83-generic",
            "2023-09-27 12:49:31,938 [DEBUG] Found kernel package linux-image-5.15.0-83-generic, version 5.15.0.post83-generic",
            "2023-09-27 12:49:31,938 [DEBUG] Found kernel package linux-modules-5.15.0-83-generic, version 5.15.0.post83-generic",
            "2023-09-27 12:49:31,938 [DEBUG] Found kernel package linux-modules-extra-5.15.0-83-generic, version 5.15.0.post83-generic",
            "2023-09-27 12:49:31,944 [DEBUG] Current kernel is 5.15.0.post83-generic",
            "2023-09-27 12:49:31,944 [INFO] No kernel packages prior version '5.15.0.post83' found, nothing to remove.",
            "2023-09-27 12:49:31,944 [INFO] Exiting successfully"
        ]
    }
    
    TASK [Kernel packages to remove]
    ok: [localhost] => {
        "cleanup_kernels.packages": []
    }
    
    TASK [Remove kernel packages]
    skipping: [localhost]
    
    Example of system response with several packages to remove
    TASK [Get kernels to cleanup]
    ok: [localhost]
    
    TASK [Get kernels to cleanup (LOG)]
    ok: [localhost] => {
        "cleanup_kernels.log": [
            "2023-09-28 10:08:42,849 [INFO] Logging enabled",
            "2023-09-28 10:08:42,865 [DEBUG] Found kernel package linux-headers-5.15.0-79-generic, version 5.15.0.post79-generic",
            "2023-09-28 10:08:42,865 [DEBUG] Found kernel package linux-headers-5.15.0-83-generic, version 5.15.0.post83-generic",
            "2023-09-28 10:08:42,865 [DEBUG] Found kernel package linux-hwe-5.15-headers-5.15.0-79, version 5.15.0.post79",
            "2023-09-28 10:08:42,865 [DEBUG] Found kernel package linux-hwe-5.15-headers-5.15.0-83, version 5.15.0.post83",
            "2023-09-28 10:08:42,866 [DEBUG] Found kernel package linux-image-5.15.0-79-generic, version 5.15.0.post79-generic",
            "2023-09-28 10:08:42,866 [DEBUG] Found kernel package linux-image-5.15.0-83-generic, version 5.15.0.post83-generic",
            "2023-09-28 10:08:42,866 [DEBUG] Found kernel package linux-modules-5.15.0-79-generic, version 5.15.0.post79-generic",
            "2023-09-28 10:08:42,866 [DEBUG] Found kernel package linux-modules-5.15.0-83-generic, version 5.15.0.post83-generic",
            "2023-09-28 10:08:42,866 [DEBUG] Found kernel package linux-modules-extra-5.15.0-79-generic, version 5.15.0.post79-generic",
            "2023-09-28 10:08:42,866 [DEBUG] Found kernel package linux-modules-extra-5.15.0-83-generic, version 5.15.0.post83-generic",
            "2023-09-28 10:08:42,871 [DEBUG] Current kernel is 5.15.0.post83-generic",
            "2023-09-28 10:08:42,871 [INFO] Kernel package version prior '5.15.0.post83': 5.15.0.post79",
            "2023-09-28 10:08:42,872 [INFO] No kernel packages after version '5.15.0.post83' found.",
            "2023-09-28 10:08:42,872 [INFO] Kernel package versions to remove: 5.15.0.post79",
            "2023-09-28 10:08:42,872 [DEBUG] The following packages are candidates for autoremoval: linux-headers-5.15.0-79-generic, linux-hwe-5.15-headers-5.15.0-79,linux-image-5.15.0-79-generic, linux-modules-5.15.0-79-generic, linux-modules-extra-5.15.0-79-generic",
            "2023-09-28 10:08:45,338 [DEBUG] The following packages are resolved reverse dependencies for autoremove candidates: linux-modules-5.15.0-79-generic, linux-modules-extra-5.15.0-79-generic, linux-hwe-5.15-headers-5.15.0-79, linux-headers-5.15.0-79-generic, linux-image-5.15.0-79-generic",
            "2023-09-28 10:08:45,338 [INFO] No protected packages found",
            "2023-09-28 10:08:45,339 [INFO] Exiting successfully"
        ]
    }
    
    TASK [Kernel packages to remove]
    ok: [localhost] => {
        "cleanup_kernels.packages": [
            "linux-headers-5.15.0-79-generic",
            "linux-hwe-5.15-headers-5.15.0-79",
            "linux-image-5.15.0-79-generic",
            "linux-modules-5.15.0-79-generic",
            "linux-modules-extra-5.15.0-79-generic"
        ]
    }
    
    TASK [Remove kernel packages] ****************
    skipping: [localhost]
    
  5. If you decide to proceed with removal of package candidates, rerun the script with the --cleanup flag:

    cleanup-kernel-packages --cleanup