2.7 Kubernetes的版本升级
2.7.1 二进制升级
Kubernetes的版本升级需要考虑到不要让当前集群中正在运行的容器受到影响。应对集群中的各Node逐个进行隔离,然后等待在其上运行的容器全部执行完成,再更新该Node上的kubelet和kube-proxy服务,将全部Node都更新完成后,再更新Master的服务。
◎ 通过官网获取最新版本的二进制包kubernetes.tar.gz,解压后提取服务的二进制文件。
◎ 逐个隔离Node,等待在其上运行的全部容器工作完成后,更新kubelet和kube-proxy服务文件,然后重启这两个服务。
◎ 更新Master的kube-apiserver、kube-controller-manager、kube-scheduler服务文件并重启。
2.7.2 使用kubeadm进行集群升级
kubeadm提供了upgrade命令用于对kubeadm安装的Kubernetes集群进行升级。这一功能提供了从1.10到1.11、从1.11到1.12、从1.12到1.13及从1.13到1.14的升级能力,这里试用一下从1.13到1.14的升级。
开始之前需要注意:
◎ 虽然kubeadm的升级不会触及工作负载,但还是要在升级之前做好备份。
◎ 升级过程可能会因为Pod的变化而造成容器重启。
继续以CentOS 7环境为例,首先需要升级的是kubeadm:
# yum install -y kubeadm-1.14.0--disableexcludes=kubernetes
查看kubeadm的版本:
# kubeadm version
kubeadm version: &version.Info{Major:"1", Minor:"14", GitVersion:"v1.14.0",
GitCommit:"641856db18352033a0d96dbc99153fa3b27298e5", GitTreeState:"clean",
BuildDate:"2019-03-25T15:51:21Z", GoVersion:"go1.12.1", Compiler:"gc",
Platform:"linux/amd64"}
接下来查看kubeadm的升级计划:
# kubeadm upgrade plan
会出现预备升级的内容描述:
[preflight] Running pre-flight checks.
[upgrade] Making sure the cluster is healthy:
[upgrade/config] Making sure the configuration is correct:
[upgrade/config] Reading configuration from the cluster...
[upgrade/config] FYI: You can look at this config file with 'kubectl -n kube-system
get cm kubeadm-config -oyaml'
[upgrade] Fetching available versions to upgrade to
[upgrade/versions] Cluster version: v1.13.2
[upgrade/versions] kubeadm version: v1.14.0
Awesome, you're up-to-date! Enjoy!
按照任务指引进行升级:
# kubeadm upgrade apply 1.14.0
[preflight] Running pre-flight checks.
[upgrade] Making sure the cluster is healthy:
[upgrade/config] Making sure the configuration is correct:
[upgrade/config] Reading configuration from the cluster...
[upgrade/config] FYI: You can look at this config file with 'kubectl -n kube-system
get cm kubeadm-config -oyaml'
[upgrade/version] You have chosen to change the cluster version to "v1.14.0"
[upgrade/versions] Cluster version: v1.13.2
[upgrade/versions] kubeadm version: v1.14.0
[upgrade/confirm] Are you sure you want to proceed with the upgrade? [y/N]:
输入“y”,确认之后,开始进行升级。
运行完成之后,再次查询版本:
# kubectl version
Client Version: version.Info{Major:"1", Minor:"13", GitVersion:"v1.13.2",
GitCommit:"cff46ab41ff0bb44d8584413b598ad8360ec1def", GitTreeState:"clean",
BuildDate:"2019-01-10T23:35:51Z", GoVersion:"go1.11.4", Compiler:"gc",
Platform:"linux/amd64"}
Server Version: version.Info{Major:"1", Minor:"14", GitVersion:"v1.14.0",
GitCommit:"641856db18352033a0d96dbc99153fa3b27298e5", GitTreeState:"clean",
BuildDate:"2019-03-25T15:45:25Z", GoVersion:"go1.12.1", Compiler:"gc",
Platform:"linux/amd64"}
可以看到,虽然kubectl还是1.13.2,服务端的控制平面已经升级到了1.14.0,但是查看Node版本,会发现Node版本还是滞后的:
# kubectl get nodes
NAME STATUS ROLES AGE VERSION
node-kubeadm-1 Ready master 15m v1.13.2
node-kubeadm-2 Ready <none> 13m v1.13.2
然后可以对节点配置进行升级:
# kubeadm upgrade node config --kubelet-version 1.14.0
接下来,按照和二进制升级一样的步骤将kubelct升级,这样就完成了集群的整体升级:
# kubectl get nodes
NAME STATUS ROLES AGE VERSION
node-kubeadm-1 Ready master 25m v1.14.0
node-kubeadm-2 Ready <none> 22m v1.14.0