i am trying to get COS version of GKE nodes we are running but I can only see this under node pool details. also gcloud command lines are not getting me the oputput COs version info. anyone got any idea?
Hi @gcp888,
Unfortunately, there is no direct command line that shows the COS version of the GKE nodes, but we do have a mapping of the COS image to the GKE version. You can get the node version of your cluster by applying this command line gcloud container node-pools describe [pool-name] –cluster [cluster name] –location [location] and you can use the JSON to map the COS version. For example, GKE node version: 1.21.10-gke.1300 uses COS version: cos-89-16108-604-17.
Another way is by inspecting the /etc/os-release file, Container-Optimized OS images are identified using what we call milestones. Over the lifetime of a Container-Optimized OS milestone, we may release several updates containing bug fixes, security fixes and other changes. These incremental releases on a milestone can be identified using the build number.
For example in this image:
version_ID = 121 - this is your milestone
Build_ID = 18867.90.67 - this is your build number
Then your COS version will be = cos-121-18867-90-67
thank you. does upgrading the node version automativally upgrades the cos version to the mapping in the json file?
Upgrading GKE version can sometimes upgrade COS. You can check the GKE release notes for details https://cloud.google.com/kubernetes-engine/docs/release-notes
i am trying to fix CVE-2025-32462 and CVE-2025-3246. according to: Container-Optimized OS Release Notes: Milestone 117 | Google Cloud
it is fixed on Container-Optimized OS Release Notes: Milestone 117 | Google Cloud
but the GKE version corresponding o that shows {
"gke_version": "1.31.11-gke.1036000",
“image”: “cos-117-18613-263-58”
},
I am already on {
"gke_version": "1.32.6-gke.1060000",
“image”: “cos-117-18613-263-56”
},
any idea whats going on here? am i needing to go backwars on GKE?