Rancher OS security updates

Newby question: coming from a weekly “sudo yum update” AWS background,

Is there a Rancher OS equivalent or is “sudo ros os update” all I need to cover me for security updates?

If so: sweet!

The answer could be a little complicated than is/no.
RancherOS itself only provideS Linux kernel + initramfs + docker engine, everything else are run inside containers. Assume you have a container running CentOS/redhat, yes, you could run “sudo yum update” as you do today. But it only update your container, let out RancherOS (the kernel part of the system). If you did not do a system reboot after “sudo yum update” today, you have what you want with RancherOS

In theory, you could do “sudo ros os upgrade rancher/os:latest” to upgrade RancherOS to the latest at the same time. However that will involve a system reboot since the kernel is also updated.

Now it’s possible to upgrade

sudo ros os upgrade

Related commands are:

sudo ros os version
sudo ros os list

# upgrade to a specific version
sudo ros os upgrade -i rancher/os:v1.5.3

# and reboot after upgrade
sudo reboot