openshift
diff --git a/‎_topic_maps/_topic_map.yml
Lines changed: 2 additions & 0 deletions b/‎_topic_maps/_topic_map.yml
Lines changed: 2 additions & 0 deletions
diff --git a/‎machine_configuration/mco-update-boot-images.adoc
Lines changed: 4 additions & 51 deletions b/‎machine_configuration/mco-update-boot-images.adoc
Lines changed: 4 additions & 51 deletions
diff --git a/‎modules/mco-update-boot-images-about.adoc
Lines changed: 83 additions & 0 deletions b/‎modules/mco-update-boot-images-about.adoc
Lines changed: 83 additions & 0 deletions
diff --git a/‎modules/mco-update-boot-images-configuring.adoc
Lines changed: 27 additions & 51 deletions b/‎modules/mco-update-boot-images-configuring.adoc
Lines changed: 27 additions & 51 deletions
@@ -2820,6 +2820,8 @@ Topics:
     File: nodes-remediating-fencing-maintaining-rhwa
   - Name: Understanding node rebooting
     File: nodes-nodes-rebooting
+  - Name: Updated boot images
+    File: nodes-update-boot-images
   - Name: Freeing node resources using garbage collection
     File: nodes-nodes-garbage-collection
   - Name: Allocating resources for nodes
 
@@ -1,60 +1,13 @@
 :_mod-docs-content-type: ASSEMBLY
 :context: machine-configs-configure
+include::_attributes/common-attributes.adoc[]
 [id="mco-update-boot-images"]
 = Updated boot images
-include::_attributes/common-attributes.adoc[]
 
 toc::[]
 
-The Machine Config Operator (MCO) uses a boot image to start a {op-system-first} node. By default, {product-title} does not manage the boot image.
-
-This means that the boot image in your cluster is not updated along with your cluster. For example, if your cluster was originally created with {product-title} 4.12, the boot image that the cluster uses to create nodes is the same 4.12 version, even if your cluster is at a later version. If the cluster is later upgraded to 4.13 or later, new nodes continue to scale with the same 4.12 image.
-
-This process could cause the following issues:
-
-* Extra time to start nodes
-* Certificate expiration issues
-* Version skew issues
-
-To avoid these issues, you can configure your cluster to update the boot image whenever you update your cluster. By modifying the `MachineConfiguration` object, you can enable this feature. Currently, the ability to update the boot image is available for only Google Cloud Platform (GCP) and Amazon Web Services (AWS) clusters. It is not supported for clusters managed by the {cluster-capi-operator}.
-
-If you are not using the default user data secret, named `worker-user-data`, in your machine set, or you have modified the `worker-user-data` secret, you should not use managed boot image updates. This is because the Machine Config Operator (MCO) updates the machine set to use a managed version of the secret. By using the managed boot images feature, you are giving up the capability to customize the secret stored in the machine set object. 
-
-To view the current boot image used in your cluster, examine a machine set:
-
-.Example machine set with the boot image reference
-
-[source,yaml]
-----
-apiVersion: machine.openshift.io/v1beta1
-kind: MachineSet
-metadata:
-  name: ci-ln-hmy310k-72292-5f87z-worker-a
-  namespace: openshift-machine-api
-spec:
-# ...
-  template:
-# ...
-    spec:
-# ...
-      providerSpec:
-# ...
-        value:
-          disks:
-          - autoDelete: true
-            boot: true
-            image: projects/rhcos-cloud/global/images/rhcos-412-85-202203181601-0-gcp-x86-64 <1>
-# ...
-----
-<1> This boot image is the same as the originally-installed {product-title} version, in this example {product-title} 4.12, regardless of the current version of the cluster. The way that the boot image is represented in the machine set depends on the platform, as the structure of the `providerSpec` field differs from platform to platform.
-
-If you configure your cluster to update your boot images, the boot image referenced in your machine sets matches the current version of the cluster.
-
-include::modules/mco-update-boot-images-configuring.adoc[leveloffset=+1]
-
-[role="_additional-resources"]
-.Additional resources
-
-* xref:../nodes/clusters/nodes-cluster-enabling-features.adoc#nodes-cluster-enabling[Enabling features using feature gates]
+include::snippets/mco-update-boot-images-intro.adoc[]
 
+include::modules/mco-update-boot-images-about.adoc[leveloffset=+1]
 include::modules/mco-update-boot-images-disable.adoc[leveloffset=+1]
+include::modules/mco-update-boot-images-configuring.adoc[leveloffset=+1]
@@ -0,0 +1,83 @@
+// Module included in the following assemblies:
+//
+// * nodes/nodes/nodes-update-boot-images.adoc
+// * machine_configuration/mco-update-boot-images.adoc
+
+:_mod-docs-content-type: PROCEDURE
+[id="mco-update-boot-images_{context}"]
+= About updated boot images
+
+By default, for {gcp-first} and {aws-first} clusters, the Machine Config Operator (MCO) updates the boot image in the machine sets in your cluster whenever you update your cluster.
+
+For {gcp-short} and {aws-short}, you can disable this default behavior, if needed. When disabled, the boot image no longer updates with the cluster. For example, with the default behavior disabled, if your cluster was originally created with {product-title} 4.16, the boot image that the MCO would use to create nodes is the same 4.16 version, even if your cluster is at a later version.
+
+However, using an older boot image could cause the following issues:
+
+* Extra time to start nodes
+* Certificate expiration issues
+* Version skew issues
+
+For information on how to disable the default behavior, see "Disabling updated boot images". If you disable the default behavior, you can enable the default behavior at any time. For more information, see "Enabling updated boot images".
+
+[NOTE]
+====
+The ability to configure this behavior is available for only {gcp-short} and {aws-short} clusters. It is not supported for clusters managed by the {cluster-capi-operator}.
+====
+
+How the cluster behaves after disabling or re-enabling the default behavior, depends upon when you made the change, including the following scenarios:
+
+* If you disable the behavior before updating to a new {product-title} version:
+** The boot image version used by the machine sets remains the same {product-title} version as when the feature was disabled. 
+** When you scale up nodes, the new nodes use that same {product-title} version.
+
+* If you disable the behavior after updating to a new {product-title} version: 
+** The boot image version used by the machine sets is updated to match the updated {product-title} version. 
+** When you scale up nodes, the new nodes use the updated {product-title} version. 
+** If you update to a later {product-title} version, the boot image version in the machine sets remains at the current version and is not updated with the cluster.
+
+* If you enable the behavior after disabling: 
+** The boot image version used by the machine sets is updated to the current {product-title} version, if different. 
+** When you scale up nodes, the new nodes use the current {product-title} version in the cluster. 
+
+[NOTE]
+====
+Because a boot image is used only when a node is scaled up, this feature has no effect on existing nodes.
+====
+
+To view the current boot image used in your cluster, examine a machine set:
+
+.Example machine set with the boot image reference
+
+[source,yaml]
+----
+apiVersion: machine.openshift.io/v1beta1
+kind: MachineSet
+metadata:
+  name: ci-ln-hmy310k-72292-5f87z-worker-a
+  namespace: openshift-machine-api
+spec:
+# ...
+  template:
+# ...
+    spec:
+# ...
+      providerSpec:
+# ...
+        value:
+          disks:
+          - autoDelete: true
+            boot: true
+            image: projects/rhcos-cloud/global/images/rhcos-412-85-202203181601-0-gcp-x86-64 <1>
+# ...
+----
+<1> This boot image is the same as the originally-installed {product-title} version, in this example {product-title} 4.12, regardless of the current version of the cluster. The way that the boot image is represented in the machine set depends on the platform, as the structure of the `providerSpec` field differs from platform to platform.
+
+// The following admonition is intended to address https://issues.redhat.com/browse//OSDOCS-14592
+[IMPORTANT]
+====
+If any of the machine sets for which you want to enable updated boot images uses a `*-user-data` secret that is based on Ignition version 2.2.0, the Machine Config Operator converts the Ignition version to 3.4.0 when you enable updated boot images. {product-title} versions 4.5 and lower use Ignition version 2.2.0. If this conversion fails, the MCO or your cluster could degrade. An error message that includes _err: converting ignition stub failed: failed to parse Ignition config_ is added to the output of the `oc get ClusterOperator machine-config` command. You can use the following general steps to correct the problem:
+
+. Disable updated boot images. For more information, see "Disabling updated boot images".
+. Manually update the `*-user-data` secret to use Ignition version to 3.2.0.
+. Enable updated boot images. For more information, see "Enabling updated boot images".
+====
@@ -1,26 +1,28 @@
 // Module included in the following assemblies:
 //
 // * machine-configuration/mco-update-boot-images.adoc
-// * nodes/nodes-nodes-managing.adoc
+// * nodes/nodes/nodes-update-boot-images.adoc
 
 :_mod-docs-content-type: PROCEDURE
 [id="mco-update-boot-images-configuring_{context}"]
-= Configuring updated boot images
+= Enabling updated boot images
 
-By default, {product-title} does not manage the boot image. You can configure your cluster to update the boot image whenever you update your cluster by modifying the `MachineConfiguration` object.
+By default, for {gcp-first} and {aws-first} clusters, the Machine Config Operator (MCO) updates the boot image in the machine sets in your cluster whenever you update your cluster.
 
-Currently, the ability to update the boot image is available for only Google Cloud Platform (GCP) and Amazon Web Services (AWS) clusters. It is not supported for clusters managed by the {cluster-capi-operator}.
+If you disabled this default behavior, so that the boot images are not updated, you can revert to the default behavior by editing the `MachineConfiguration` object.  
+
+Enabling the default behavior updates the boot image to the current {product-title} version. If the cluster is again updated to a new {product-title} version in the future, the boot image is updated again. New nodes created after enabling the feature use the updated boot image. This feature has no effect on existing nodes.
 
 .Procedure
 
-. Edit the `MachineConfiguration` object, named `cluster`, to enable the updating of boot images by running the following command:
+. Edit the `MachineConfiguration` object, named `cluster`, to enable the default boot image update behavior for some or all of your machine sets:
 +
 [source,terminal]
 ----
 $ oc edit MachineConfiguration cluster
 ----
 
-* Optional: Configure the boot image update feature for all the machine sets:
+* Optional: Enable the default behavior for all machine sets:
 +
 [source,yaml]
 ----
@@ -33,15 +35,17 @@ spec:
 # ...
   managedBootImages: <1>
     machineManagers:
-    - resource: machinesets
-      apiGroup: machine.openshift.io
+    - apiGroup: machine.openshift.io <2>
+      resource: machinesets <3>
       selection:
-        mode: All <2>
+        mode: All <4>
 ----
-<1> Activates the boot image update feature.
-<2> Specifies that all the machine sets in the cluster are to be updated.
+<1> Configures the boot image update feature.
+<2> Specifies the API group. This must be `machine.openshift.io`. 
+<3> Specifies the resource within the specified API group to apply the change. This must be `machinesets`.
+<4> Specifies that the default behavior is enabled for all machine sets in the cluster.
 
-* Optional: Configure the boot image update feature for specific machine sets:
+* Optional: Enable the default behavior for specific machine sets:
 +
 [source,yaml]
 ----
@@ -54,62 +58,34 @@ spec:
 # ...
   managedBootImages: <1>
     machineManagers:
-    - resource: machinesets
-      apiGroup: machine.openshift.io
+    - apiGroup: machine.openshift.io <2>
+      resource: machinesets <3>
       selection:
-        mode: Partial
+        mode: Partial <4>
         partial:
           machineResourceSelector:
             matchLabels:
-              update-boot-image: "true" <2>
+              region: "east"
 ----
-<1> Activates the boot image update feature.
-<2> Specifies that any machine set with this label is to be updated.
+<1> Configures the boot image update feature.
+<2> Specifies the API group. This must be `machine.openshift.io`.
+<3> Specifies the resource within the specified API group to apply the change. This must be `machinesets`.
+<4> Specifies that the default behavior is enabled for machine sets with the specified label.
 +
 [TIP]
 ====
 If an appropriate label is not present on the machine set, add a key-value pair by running a command similar to following:
 
 ----
-$ oc label machineset.machine ci-ln-hmy310k-72292-5f87z-worker-a update-boot-image=true -n openshift-machine-api
+$ oc label machineset.machine ci-ln-hmy310k-72292-5f87z-worker-a region: "east" -n openshift-machine-api
 ----
 ====
 
 .Verification
 
-. View the current state of the boot image updates by viewing the machine configuration object:
-+
-[source,terminal]
-----
-$ oc get machineconfiguration cluster -n openshift-machine-api -o yaml
-----
-+
-.Example machine set with the boot image reference
-+
-[source,yaml]
-----
-kind: MachineConfiguration
-metadata:
-  name: cluster
-# ...
-status:
-  conditions:
-  - lastTransitionTime: "2024-09-09T13:51:37Z" <1>
-    message: Reconciled 1 of 2 MAPI MachineSets | Reconciled 0 of 0 CAPI MachineSets
-      | Reconciled 0 of 0 CAPI MachineDeployments
-    reason: BootImageUpdateConfigurationAdded
-    status: "True"
-    type: BootImageUpdateProgressing
-  - lastTransitionTime: "2024-09-09T13:51:37Z" <2>
-    message: 0 Degraded MAPI MachineSets | 0 Degraded CAPI MachineSets | 0 CAPI MachineDeployments
-    reason: BootImageUpdateConfigurationAdded
-    status: "False"
-    type: BootImageUpdateDegraded
-----
-<1> Status of the boot image update. {cluster-capi-operator} machine sets and machine deployments are not currently supported for boot image updates.  
-<2> Indicates if any boot image updates failed. If any of the updates fail, the Machine Config Operator is degraded. In this case, manual intervention might be required.    
+include::snippets/mco-update-boot-images-verification.adoc[]
 
-. Get the boot image version by running the following command:
+* Get the boot image version by running the following command:
 +
 [source,terminal]
 ----