kubernetes系列教程(四)离线+在线升级kubernetes至1.15

1. kubernetes升级概述

kubernetes版本升级迭代非常快,每三个月更新一个版本,很多新的功能在新版本中快速迭代,为了与社区版本功能保持一致,升级kubernetes集群,社区已通过kubeadm工具统一升级集群,升级步骤简单易行。首先来看下升级kubernetes集群需要升级那些组件:

  • 升级管理节点,管理节点上的kube-apiserver,kuber-controller-manager,kube-scheduler,etcd等;
  • 其他管理节点,管理节点如果以高可用的方式部署,多个高可用节点需要一并升级;
  • worker工作节点,升级工作节点上的Container Runtime如docker,kubelet和kube-proxy。

    版本升级通常分为两类:小版本升级和跨版本升级,小版本升级如1.14.1升级只1.14.2,小版本之间可以跨版本升级如1.14.1直接升级至1.14.3;跨版本升级指大版本升级,如1.14.x升级至1.15.x。本文以离线的方式将1.14.1升级至1.1.5.1版本,升级前需要满足条件如下:

  • 当前集群版本需要大于1.14.x,可升级至1.14.x和1.15.x版本,小版本和跨版本之间升级;
  • 关闭swap空间;
  • 备份数据,将etcd数据备份,以及一些重要目录如/etc/kubernetes,/var/lib/kubelet;
  • 升级过程中pod需要重启,确保应用使用RollingUpdate滚动升级策略,避免业务有影响。

2. 离线升级至1.15.1

2.1 升级前准备工作

1、查看当前版本,系统上部署的版本是1.1.4.1

[[email protected] ~]# kubectl version
Client Version: version.Info{Major:"1", Minor:"14", GitVersion:"v1.14.1", GitCommit:"b7394102d6ef778017f2ca4046abbaa23b88c290", GitTreeState:"clean", BuildDate:"2019-04-08T17:11:31Z", GoVersion:"go1.12.1", Compiler:"gc", Platform:"linux/amd64"}
Server Version: version.Info{Major:"1", Minor:"14", GitVersion:"v1.14.1", GitCommit:"b7394102d6ef778017f2ca4046abbaa23b88c290", GitTreeState:"clean", BuildDate:"2019-04-08T17:02:58Z", GoVersion:"go1.12.1", Compiler:"gc", Platform:"linux/amd64"}

[[email protected] ~]# kubeadm version
kubeadm version: &version.Info{Major:"1", Minor:"14", GitVersion:"v1.14.1", GitCommit:"b7394102d6ef778017f2ca4046abbaa23b88c290", GitTreeState:"clean", BuildDate:"2019-04-08T17:08:49Z", GoVersion:"go1.12.1", Compiler:"gc", Platform:"linux/amd64"}

2、查看node节点的版本,node上的kubelet和kube-proxy使用1.1.4.1版本

[[email protected] ~]# kubectl get nodes
NAME     STATUS   ROLES    AGE   VERSION
node-1   Ready    master   25h   v1.14.1
node-2   Ready    <none>   25h   v1.14.1
node-3   Ready    <none>   25h   v1.14.1

3、其他组件状态,确保当前组件,应用状态正常

[[email protected] ~]# kubectl get componentstatuses
NAME                 STATUS    MESSAGE             ERROR
scheduler            Healthy   ok
controller-manager   Healthy   ok
etcd-0               Healthy   {"health":"true"}
[[email protected] ~]#
[[email protected] ~]# kubectl get deployments --all-namespaces
NAMESPACE     NAME      READY   UP-TO-DATE   AVAILABLE   AGE
default       demo      3/3     3            3           37m
kube-system   coredns   2/2     2            2           25h

4、查看kubernetes最新版本(配置kubernetes的yum源,需要合理上网才可以访问),使用yum list --showduplicates kubeadm --disableexcludes=kubernetes查看当前能升级版本,绿色为当前版本,蓝色为可以升级的版本,如下图:

2.2 升级master节点

1、倒入安装镜像,先从https://pan.baidu.com/s/1hw8Q0Vf3xvhKoEiVtMi6SA网盘中下载kubernetes安装镜像并上传到集群中,解压并进入到v1.15.1目录下,将镜像倒入到三个节点中,以node-2为例倒入镜像:

倒入镜像:
[[email protected] v1.15.1]# docker image load -i kube-apiserver\:v1.15.1.tar
[[email protected] v1.15.1]# docker image load -i kube-scheduler\:v1.15.1.tar
[[email protected] v1.15.1]# docker image load -i kube-controller-manager\:v1.15.1.tar
[[email protected] v1.15.1]# docker image load -i kube-proxy\:v1.15.1.tar 

查看当前系统导入镜像列表:
[[email protected] ~]# docker image list
REPOSITORY                           TAG                 IMAGE ID            CREATED             SIZE
k8s.gcr.io/kube-proxy                v1.15.1             89a062da739d        8 weeks ago         82.4MB
k8s.gcr.io/kube-controller-manager   v1.15.1             d75082f1d121        8 weeks ago         159MB
k8s.gcr.io/kube-scheduler            v1.15.1             b0b3c4c404da        8 weeks ago         81.1MB
k8s.gcr.io/kube-apiserver            v1.15.1             68c3eb07bfc3        8 weeks ago         207MB
k8s.gcr.io/kube-proxy                v1.14.1             20a2d7035165        5 months ago        82.1MB
k8s.gcr.io/kube-apiserver            v1.14.1             cfaa4ad74c37        5 months ago        210MB
k8s.gcr.io/kube-scheduler            v1.14.1             8931473d5bdb        5 months ago        81.6MB
k8s.gcr.io/kube-controller-manager   v1.14.1             efb3887b411d        5 months ago        158MB
quay.io/coreos/flannel               v0.11.0-amd64       ff281650a721        7 months ago        52.6MB
k8s.gcr.io/coredns                   1.3.1               eb516548c180        8 months ago        40.3MB
k8s.gcr.io/etcd                      3.3.10              2c4adeb21b4f        9 months ago        258MB
k8s.gcr.io/pause                     3.1                 da86e6ba6ca1        21 months ago       742kB

2、更新kubeadm版本至1.15.1,国内可以参考https://blog.51cto.com/2157217/1983992设置kubernetes源

3、校验kubeadm版本,已升级至1.1.5.1版本

[[email protected] ~]# kubeadm version
kubeadm version: &version.Info{Major:"1", Minor:"15", GitVersion:"v1.15.1", GitCommit:"4485c6f18cee9a5d3c3b4e523bd27972b1b53892", GitTreeState:"clean", BuildDate:"2019-07-18T09:15:32Z", GoVersion:"go1.12.5", Compiler:"gc", Platform:"linux/amd64"}

4、查看升级计划,通过kubeadm可以查看当前集群的升级计划,会显示当前小版本最新的版本以及社区最新的版本

[[email protected] ~]# kubeadm upgrade plan
[upgrade/config] Making sure the configuration is correct:
[upgrade/config] Reading configuration from the cluster...
[upgrade/config] FYI: You can look at this config file with ‘kubectl -n kube-system get cm kubeadm-config -oyaml‘
[preflight] Running pre-flight checks.
[upgrade] Making sure the cluster is healthy:
[upgrade] Fetching available versions to upgrade to
[upgrade/versions] Cluster version: v1.14.1  #当前集群版本
[upgrade/versions] kubeadm version: v1.15.1  #当前kubeadm版本
[upgrade/versions] Latest stable version: v1.15.3 #社区最新版本
[upgrade/versions] Latest version in the v1.14 series: v1.14.6 #1.14.x中最新的版本

Components that must be upgraded manually after you have upgraded the control plane with ‘kubeadm upgrade apply‘:
COMPONENT   CURRENT       AVAILABLE
Kubelet     3 x v1.14.1   v1.14.6

Upgrade to the latest version in the v1.14 series:

COMPONENT            CURRENT   AVAILABLE #可升级的版本信息,当前可从1.14.1升级至1.14.6版本
API Server           v1.14.1   v1.14.6
Controller Manager   v1.14.1   v1.14.6
Scheduler            v1.14.1   v1.14.6
Kube Proxy           v1.14.1   v1.14.6
CoreDNS              1.3.1     1.3.1
Etcd                 3.3.10    3.3.10

You can now apply the upgrade by executing the following command:

    kubeadm upgrade apply v1.14.6 #升级至1.14.6执行的操作命令

_____________________________________________________________________

Components that must be upgraded manually after you have upgraded the control plane with ‘kubeadm upgrade apply‘:
COMPONENT   CURRENT       AVAILABLE
Kubelet     3 x v1.14.1   v1.15.3

Upgrade to the latest stable version:

COMPONENT            CURRENT   AVAILABLE #跨版本升级的版本,当前最新的版本是1.15.3
API Server           v1.14.1   v1.15.3
Controller Manager   v1.14.1   v1.15.3
Scheduler            v1.14.1   v1.15.3
Kube Proxy           v1.14.1   v1.15.3
CoreDNS              1.3.1     1.3.1
Etcd                 3.3.10    3.3.10

You can now apply the upgrade by executing the following command:

    kubeadm upgrade apply v1.15.3 #升级至社区最新的版本执行的操作

Note: Before you can perform this upgrade, you have to update kubeadm to v1.15.3.

_____________________________________________________________________

5、当前镜像没有下载最新镜像,本文以升级1.1.5.1版本为例,升级其他版本相类似,需要确保当前集群已获取到相关镜像,升级过程中也会更新证书,可通过--certificate-renewal=false关闭证书升级,升级至1.15.1版本操作如下:

[[email protected] ~]# kubeadm upgrade apply v1.15.1
[upgrade/config] Making sure the configuration is correct:
[upgrade/config] Reading configuration from the cluster...
[upgrade/config] FYI: You can look at this config file with ‘kubectl -n kube-system get cm kubeadm-config -oyaml‘
[preflight] Running pre-flight checks.
[upgrade] Making sure the cluster is healthy:
[upgrade/version] You have chosen to change the cluster version to "v1.15.1"
[upgrade/versions] Cluster version: v1.14.1
[upgrade/versions] kubeadm version: v1.15.1
[upgrade/confirm] Are you sure you want to proceed with the upgrade? [y/N]: y 版本升级信息,确认操作
[upgrade/prepull] Will prepull images for components [kube-apiserver kube-controller-manager kube-scheduler etcd]
[upgrade/prepull] Prepulling image for component etcd.
[upgrade/prepull] Prepulling image for component kube-apiserver.
[upgrade/prepull] Prepulling image for component kube-controller-manager.
[upgrade/prepull] Prepulling image for component kube-scheduler.
[apiclient] Found 0 Pods for label selector k8s-app=upgrade-prepull-kube-controller-manager
[apiclient] Found 0 Pods for label selector k8s-app=upgrade-prepull-kube-apiserver
[apiclient] Found 0 Pods for label selector k8s-app=upgrade-prepull-etcd
[apiclient] Found 0 Pods for label selector k8s-app=upgrade-prepull-kube-scheduler
[apiclient] Found 1 Pods for label selector k8s-app=upgrade-prepull-kube-controller-manager
[apiclient] Found 1 Pods for label selector k8s-app=upgrade-prepull-kube-scheduler
[apiclient] Found 1 Pods for label selector k8s-app=upgrade-prepull-etcd
[apiclient] Found 1 Pods for label selector k8s-app=upgrade-prepull-kube-apiserver
[upgrade/prepull] Prepulled image for component kube-controller-manager.
[upgrade/prepull] Prepulled image for component kube-scheduler.
[upgrade/prepull] Prepulled image for component etcd.
[upgrade/prepull] Prepulled image for component kube-apiserver. #拉取镜像的步骤
[upgrade/prepull] Successfully prepulled the images for all the control plane components
[upgrade/apply] Upgrading your Static Pod-hosted control plane to version "v1.15.1"...
Static pod: kube-apiserver-node-1 hash: bdf7ffba48feb2fc4c7676e7525066fd
Static pod: kube-controller-manager-node-1 hash: ecf9c37413eace225bc60becabeddb3b
Static pod: kube-scheduler-node-1 hash: f44110a0ca540009109bfc32a7eb0baa
[upgrade/etcd] Upgrading to TLS for etcd #开始更新静态pod,及master上的每个节点
[upgrade/staticpods] Writing new Static Pod manifests to "/etc/kubernetes/tmp/kubeadm-upgraded-manifests122291749"
[upgrade/staticpods] Preparing for "kube-apiserver" upgrade
[upgrade/staticpods] Renewing apiserver certificate
[upgrade/staticpods] Renewing apiserver-kubelet-client certificate
[upgrade/staticpods] Renewing front-proxy-client certificate
[upgrade/staticpods] Renewing apiserver-etcd-client certificate #更新证书
[upgrade/staticpods] Moved new manifest to "/etc/kubernetes/manifests/kube-apiserver.yaml" and backed up old manifest to "/etc/kubernetes/tmp/kubeadm-backup-manifests-2019-09-15-12-41-40/kube-apiserver.yaml"
[upgrade/staticpods] Waiting for the kubelet to restart the component
[upgrade/staticpods] This might take a minute or longer depending on the component/version gap (timeout 5m0s)
Static pod: kube-apiserver-node-1 hash: bdf7ffba48feb2fc4c7676e7525066fd
Static pod: kube-apiserver-node-1 hash: bdf7ffba48feb2fc4c7676e7525066fd
Static pod: kube-apiserver-node-1 hash: bdf7ffba48feb2fc4c7676e7525066fd
Static pod: kube-apiserver-node-1 hash: 4cd1e2acc44e2d908fd2c7b307bfce59
[apiclient] Found 1 Pods for label selector component=kube-apiserver
[upgrade/staticpods] Component "kube-apiserver" upgraded successfully! #更新成功
[upgrade/staticpods] Preparing for "kube-controller-manager" upgrade
[upgrade/staticpods] Renewing controller-manager.conf certificate
[upgrade/staticpods] Moved new manifest to "/etc/kubernetes/manifests/kube-controller-manager.yaml" and backed up old manifest to "/etc/kubernetes/tmp/kubeadm-backup-manifests-2019-09-15-12-41-40/kube-controller-manager.yaml"
[upgrade/staticpods] Waiting for the kubelet to restart the component
[upgrade/staticpods] This might take a minute or longer depending on the component/version gap (timeout 5m0s)
Static pod: kube-controller-manager-node-1 hash: ecf9c37413eace225bc60becabeddb3b
Static pod: kube-controller-manager-node-1 hash: 17b23c8c6fcf9b9f8a3061b3a2fbf633
[apiclient] Found 1 Pods for label selector component=kube-controller-manager
[upgrade/staticpods] Component "kube-controller-manager" upgraded successfully!#更新成功
[upgrade/staticpods] Preparing for "kube-scheduler" upgrade
[upgrade/staticpods] Renewing scheduler.conf certificate
[upgrade/staticpods] Moved new manifest to "/etc/kubernetes/manifests/kube-scheduler.yaml" and backed up old manifest to "/etc/kubernetes/tmp/kubeadm-backup-manifests-2019-09-15-12-41-40/kube-scheduler.yaml"
[upgrade/staticpods] Waiting for the kubelet to restart the component
[upgrade/staticpods] This might take a minute or longer depending on the component/version gap (timeout 5m0s)
Static pod: kube-scheduler-node-1 hash: f44110a0ca540009109bfc32a7eb0baa
Static pod: kube-scheduler-node-1 hash: 18859150495c74ad1b9f283da804a3db
[apiclient] Found 1 Pods for label selector component=kube-scheduler
[upgrade/staticpods] Component "kube-scheduler" upgraded successfully! #更新成功
[upload-config] Storing the configuration used in ConfigMap "kubeadm-config" in the "kube-system" Namespace
[kubelet] Creating a ConfigMap "kubelet-config-1.15" in namespace kube-system with the configuration for the kubelets in the cluster
[kubelet-start] Downloading configuration for the kubelet from the "kubelet-config-1.15" ConfigMap in the kube-system namespace
[kubelet-start] Writing kubelet configuration to file "/var/lib/kubelet/config.yaml"
[bootstrap-token] configured RBAC rules to allow Node Bootstrap tokens to post CSRs in order for nodes to get long term certificate credentials
[bootstrap-token] configured RBAC rules to allow the csrapprover controller automatically approve CSRs from a Node Bootstrap Token
[bootstrap-token] configured RBAC rules to allow certificate rotation for all node client certificates in the cluster
[addons] Applied essential addon: CoreDNS
[addons] Applied essential addon: kube-proxy

[upgrade/successful] SUCCESS! Your cluster was upgraded to "v1.15.1". Enjoy! #更新成功提示
[upgrade/kubelet] Now that your control plane is upgraded, please proceed with upgrading your kubelets if you haven‘t already done so.

6、上述可看到master升级成功的信息,升级指特定版本只需要在apply的后面指定具体的版本即可,升级完完master后可以升级各个组件的plugin,详情参考不同网络的升级步骤,如flannel,calico等,升级过程升级对应的DaemonSets即可。

7、升级kubelet版本并重启kubelet服务,至此,master节点版本升级完毕。

[[email protected] ~]# yum install -y kubelet-1.15.1-0 kubectl-1.15.1-0 --disableexcludes=kubernetes
[[email protected] ~]# systemctl daemon-reload
[[email protected] ~]# systemctl restart kubelet

2.3 升级worker节点

1、升级kubeadm和kubelet软件包

[[email protected] ~]# yum install -y kubelet-1.15.1-0  --disableexcludes=kubernetes
[[email protected] ~]# yum install -y kubeadm-1.15.1-0 --disableexcludes=kubernetes
[[email protected] ~]# yum install -y kubectl-1.15.1-0 --disableexcludes=kubernetes

2、设置节点进入维护模式并驱逐worker节点上的应用,会将出了DaemonSets之外的其他应用迁移到其他节点上

设置维护和驱逐:
[[email protected] ~]# kubectl drain node-2 --ignore-daemonsets
node/node-2 cordoned
WARNING: ignoring DaemonSet-managed Pods: kube-system/kube-flannel-ds-amd64-tm6wj, kube-system/kube-proxy-2wqhj
evicting pod "coredns-5c98db65d4-86gg7"
evicting pod "demo-7b86696648-djvgb"
pod/demo-7b86696648-djvgb evicted
pod/coredns-5c98db65d4-86gg7 evicted
node/node-2 evicted

查看node的情况,此时node-2多了SchedulingDisabled标识位,即新的node都不会调度到该节点上
[[email protected] ~]# kubectl get nodes
NAME     STATUS                     ROLES    AGE   VERSION
node-1   Ready                      master   26h   v1.15.1
node-2   Ready,SchedulingDisabled   <none>   26h   v1.14.1
node-3   Ready                      <none>   26h   v1.14.1

查看node-2上的pods,pod都已经迁移到其他node节点上
[[email protected] ~]# kubectl get pods --all-namespaces -o wide
NAMESPACE     NAME                             READY   STATUS    RESTARTS   AGE    IP               NODE     NOMINATED NODE   READINESS GATES
default       demo-7b86696648-6f22r            1/1     Running   0          30s    10.244.2.5       node-3   <none>           <none>
default       demo-7b86696648-fjmxn            1/1     Running   0          116m   10.244.2.2       node-3   <none>           <none>
default       demo-7b86696648-nwwxf            1/1     Running   0          116m   10.244.2.3       node-3   <none>           <none>
kube-system   coredns-5c98db65d4-cqbbl         1/1     Running   0          30s    10.244.0.6       node-1   <none>           <none>
kube-system   coredns-5c98db65d4-g59qt         1/1     Running   2          28m    10.244.2.4       node-3   <none>           <none>
kube-system   etcd-node-1                      1/1     Running   0          13m    10.254.100.101   node-1   <none>           <none>
kube-system   kube-apiserver-node-1            1/1     Running   0          13m    10.254.100.101   node-1   <none>           <none>
kube-system   kube-controller-manager-node-1   1/1     Running   0          13m    10.254.100.101   node-1   <none>           <none>
kube-system   kube-flannel-ds-amd64-99tjl      1/1     Running   1          26h    10.254.100.101   node-1   <none>           <none>
kube-system   kube-flannel-ds-amd64-jp594      1/1     Running   0          26h    10.254.100.103   node-3   <none>           <none>
kube-system   kube-flannel-ds-amd64-tm6wj      1/1     Running   0          26h    10.254.100.102   node-2   <none>           <none>
kube-system   kube-proxy-2wqhj                 1/1     Running   0          28m    10.254.100.102   node-2   <none>           <none>
kube-system   kube-proxy-k7c4f                 1/1     Running   1          27m    10.254.100.101   node-1   <none>           <none>
kube-system   kube-proxy-zffgq                 1/1     Running   0          28m    10.254.100.103   node-3   <none>           <none>
kube-system   kube-scheduler-node-1            1/1     Running   0          13m    10.254.100.101   node-1   <none>           <none>

3、升级worker节点

[[email protected] ~]# kubeadm upgrade node
[upgrade] Reading configuration from the cluster...
[upgrade] FYI: You can look at this config file with ‘kubectl -n kube-system get cm kubeadm-config -oyaml‘
[upgrade] Skipping phase. Not a control plane node[kubelet-start] Downloading configuration for the kubelet from the "kubelet-config-1.15" ConfigMap in the kube-system namespace
[kubelet-start] Writing kubelet configuration to file "/var/lib/kubelet/config.yaml"
[upgrade] The configuration for this node was successfully updated!
[upgrade] Now you should go ahead and upgrade the kubelet package using your package manager.

4、重启kubelet服务

[[email protected] ~]# systemctl daemon-reload
[[email protected] ~]# systemctl restart kubelet

5、取消节点调度标志,确保worker节点可正常调度

[[email protected] ~]# kubectl uncordon node-2
node/node-2 uncordoned
[[email protected] ~]# kubectl get nodes
NAME     STATUS   ROLES    AGE   VERSION
node-1   Ready    master   27h   v1.15.1
node-2   Ready    <none>   27h   v1.15.1 #已升级成功
node-3   Ready    <none>   27h   v1.14.1

按照上述步骤升级node-3节点,如下是升级完成后所有节点版本状态:

[[email protected] ~]# kubectl get nodes
NAME     STATUS   ROLES    AGE   VERSION
node-1   Ready    master   27h   v1.15.1
node-2   Ready    <none>   27h   v1.15.1
node-3   Ready    <none>   27h   v1.15.1

2.3 升级原理

1、kubeadm upgrade apply执行动作

  • 检查集群是否具备更新条件,检查apiserver处于可用状态,所有node处于ready状态,确保cs组件正常
  • 强制版本更新策略
  • 检查更新所需镜像是否下载或者可拉取
  • 更新所有控制节点组件,确保异常时能回滚到原有状态
  • 更新kube-dns和kube-proxy的配置文件,确保所需的的RBAC授权配置正常
  • 生成新的证书文件并备份证书(当证书超时超过180天)

2、kubeadm upgrade node执行动作

  • 从kubeadm中获取ClusterConfiguration,即从集群中获取到更新集群的配置文件并应用
  • 更新node节点上的kubelet配置信息和软件

3. 更新集群至最新版本

截止至2019.9.15,当前kubernetes社区最新版本是1.15.3,本文演示以在线的方式升级kubernetes集群至1.15.3版本,步骤和前文操作类似。

1、安装最新软件包,kubeadm,kubelet,kubectl,三个节点均需要安装

[[email protected] ~]# yum install kubeadm kubectl kubelet
已加载插件:fastestmirror, langpacks
Loading mirror speeds from cached hostfile
正在解决依赖关系
--> 正在检查事务
---> 软件包 kubeadm.x86_64.0.1.15.1-0 将被 升级
---> 软件包 kubeadm.x86_64.0.1.15.3-0 将被 更新
---> 软件包 kubectl.x86_64.0.1.15.1-0 将被 升级
---> 软件包 kubectl.x86_64.0.1.15.3-0 将被 更新
---> 软件包 kubelet.x86_64.0.1.15.1-0 将被 升级
---> 软件包 kubelet.x86_64.0.1.15.3-0 将被 更新
--> 解决依赖关系完成

依赖关系解决

========================================================================================================================================================================
 Package                                架构                                  版本                                      源                                         大小
========================================================================================================================================================================
正在更新:
 kubeadm                                x86_64                                1.15.3-0                                  kubernetes                                8.9 M
 kubectl                                x86_64                                1.15.3-0                                  kubernetes                                9.5 M
 kubelet                                x86_64                                1.15.3-0                                  kubernetes                                 22 M

事务概要
========================================================================================================================================================================
升级  3 软件包

2、升级master节点

查看升级计划
[[email protected] ~]# kubeadm upgrade plan
[upgrade/config] Making sure the configuration is correct:
[upgrade/config] Reading configuration from the cluster...
[upgrade/config] FYI: You can look at this config file with ‘kubectl -n kube-system get cm kubeadm-config -oyaml‘
[preflight] Running pre-flight checks.
[upgrade] Making sure the cluster is healthy:
[upgrade] Fetching available versions to upgrade to
[upgrade/versions] Cluster version: v1.15.1
[upgrade/versions] kubeadm version: v1.15.3
[upgrade/versions] Latest stable version: v1.15.3
[upgrade/versions] Latest version in the v1.15 series: v1.15.3

Components that must be upgraded manually after you have upgraded the control plane with ‘kubeadm upgrade apply‘:
COMPONENT   CURRENT       AVAILABLE
Kubelet     3 x v1.15.1   v1.15.3

Upgrade to the latest version in the v1.15 series:

COMPONENT            CURRENT   AVAILABLE
API Server           v1.15.1   v1.15.3
Controller Manager   v1.15.1   v1.15.3
Scheduler            v1.15.1   v1.15.3
Kube Proxy           v1.15.1   v1.15.3
CoreDNS              1.3.1     1.3.1
Etcd                 3.3.10    3.3.10

You can now apply the upgrade by executing the following command:

    kubeadm upgrade apply v1.15.3

_____________________________________________________________________

升级master节点
[[email protected] ~]# kubeadm upgrade apply v1.15.3

3、升级worker节点,以此升级node-2和node-3节点

设置五污点去驱逐
[[email protected] ~]# kubectl drain node-2 --ignore-daemonsets

执行升级操作
[[email protected] ~]# kubeadm upgrade node
[[email protected] ~]# systemctl daemon-reload
[[email protected] ~]# systemctl restart kubelet

取消调度标志位
[[email protected] ~]# kubectl uncordon node-2
node/node-2 uncordoned

确认版本升级
[[email protected] ~]# kubectl get nodes
NAME     STATUS   ROLES    AGE   VERSION
node-1   Ready    master   27h   v1.15.3
node-2   Ready    <none>   27h   v1.15.3
node-3   Ready    <none>   27h   v1.15.1

4、所有节点升级后的状态

所有node状态
[[email protected] ~]# kubectl get nodes
NAME     STATUS   ROLES    AGE   VERSION
node-1   Ready    master   27h   v1.15.3
node-2   Ready    <none>   27h   v1.15.3
node-3   Ready    <none>   27h   v1.15.3

查看组件状态
[[email protected] ~]# kubectl get componentstatuses
NAME                 STATUS    MESSAGE             ERROR
scheduler            Healthy   ok
controller-manager   Healthy   ok
etcd-0               Healthy   {"health":"true"}   

查看应用状态
[[email protected] ~]# kubectl get deployments --all-namespaces
NAMESPACE     NAME      READY   UP-TO-DATE   AVAILABLE   AGE
default       demo      3/3     3            3           160m
kube-system   coredns   2/2     2            2           27h

查看DaemonSets状态
[[email protected] ~]# kubectl get daemonsets --all-namespaces
NAMESPACE     NAME                    DESIRED   CURRENT   READY   UP-TO-DATE   AVAILABLE   NODE SELECTOR                   AGE
kube-system   kube-flannel-ds-amd64   3         3         3       3            3           beta.kubernetes.io/arch=amd64   27h
kube-system   kube-proxy              3         3         3       3            3           beta.kubernetes.io/os=linux     27h

4. 写在最后

至此,通过上述的两个案例介绍了kubernetes离线升级(无法连接外网)和在线升级(需合理上网)的操作,升级master节点,升级node节点的流程和实现细节,对于体验新功能和线上版本升级提供指导。

5. 参考文献

https://kubernetes.io/docs/tasks/administer-cluster/kubeadm/kubeadm-upgrade-1-15/

当你的才华撑不起你的野心时,你就应该静下心来学习

原文地址:https://blog.51cto.com/happylab/2467256

时间: 2024-08-02 02:30:54

kubernetes系列教程(四)离线+在线升级kubernetes至1.15的相关文章

kubernetes系列教程(一)初探kubernetes功能与组件

1. kubernetes简介 1.1 kubernetes介绍 Kubernetes是google开源的一套微服务,容器化的编排引擎,是google内部容器十多年实战沉淀的结晶,已战胜Swarm,Messo成为容器编排的行业标准.kuberntes内置有很多非常优秀的特性使开发者专注于业务本身,其包含的功能如下: Service discovery and load balancing,服务发现和负载均衡,通过DNS实现内部解析,service实现负载均衡 Storage orchestrat

kubernetes系列教程(九)初识Pod存储管理

写在前面 上一篇文章中kubernetes系列教程(八)Pod健康检查机制介绍了kubernetes中Pod健康检查机制,通过实战介绍了kubernetes中两种健康检查探针:livenessProbe存活检查,readinessProbe就绪检查,存活检查用于检查应用的可用性,就绪检查用于检查容器是否准备接受流量,健康检查包含三种探测的方法:exec命令行探测,tcpSocket端口检测,httpGet请求检测,分别适用于不同场景下的健康检查.接下来介绍kubernetes系列教程pod的存储

kubernetes系列教程(六)kubernetes资源管理和服务质量

写在前面 上一篇文章中kubernetes系列教程(五)深入掌握核心概念pod初步介绍了yaml学习kubernetes中重要的一个概念pod,接下来介绍kubernetes系列教程pod的resource资源管理和pod的Quality of service服务质量. 1. Pod资源管理 1.1 resource定义 容器运行过程中需要分配所需的资源,如何与cggroup联动配合呢?答案是通过定义resource来实现资源的分配,资源的分配单位主要是cpu和memory,资源的定义分两种:r

kubernetes系列教程(三)kubernetes快速入门

写在前面 kubernetes中涉及很多概念,包含云生态社区中各类技术,学习成本比较高,k8s中通常以编写yaml文件完成资源的部署,对于较多入门的人来说是个较高的门坎,本文以命令行的形式代理大家快速入门,俯瞰kubernetes核心概念,快速入门. 1. 基础概念 1.1 集群与节点 kubernetes是一个开源的容器引擎管理平台,实现容器化应用的自动化部署,任务调度,弹性伸缩,负载均衡等功能,cluster是由master和node两种角色组成,其中master负责管理集群,master节

kubernetes系列教程(五)初识核心概念pod

写在前面 前面的系列文章已介绍kubernetes架构,安装,升级和快速入门,读者通过文章的实操已对kubernetes已有初步的认识和理解,从本章开始逐步介绍kubernetes中的基础概念概念和核心概念,基础概念包括:namespace,labels,annotations,pods,volumes等:核心概念包含kubernetes中各种controller,包含以下几种: 应用副本控制器有:Deployments,ReplicaSets,DaemonSets,StatefulSets:

kubernetes系列教程(七)深入玩转pod调度

关于作者 刘海平(HappyLau )云计算高级顾问 目前在腾讯云从事公有云相关工作,曾就职于酷狗,EasyStack,拥有多年公有云+私有云计算架构设计,运维,交付相关经验,参与了酷狗,南方电网,国泰君安等大型私有云平台建设,精通Linux,Kubernetes,OpenStack,Ceph等开源技术,在云计算领域具有丰富实战经验,拥有RHCA/OpenStack/Linux授课经验. 写在前面 上一篇文章中kubernetes系列教程(六)kubernetes资源管理和服务质量初步介绍了ku

kubernetes系列教程(十八)TKE中实现ingress服务暴露

写在前面 上一篇文章中介绍了基于Nginx实现Ingress Controller的实现,介绍了Nginx Ingress Controller安装.相关功能,TLS,高级特性等介绍,本章开始介绍基于腾讯云TKE实现ingress服务暴露. 1. TKE ingress 1.1 TKE ingress架构 TKE是Tencent Kubernetes Engine即腾讯云基于kubernetes提供的公有云上容器云服务,TKE提供了两种暴露服务的方式:service和ingress. 内网CLB

史上最详细的Android Studio系列教程四--Gradle基础

史上最详细的Android Studio系列教程四--Gradle基础

CRL快速开发框架系列教程四(删除数据)

本系列目录 CRL快速开发框架系列教程一(Code First数据表不需再关心) CRL快速开发框架系列教程二(基于Lambda表达式查询) CRL快速开发框架系列教程三(更新数据) CRL快速开发框架系列教程四(删除数据) CRL快速开发框架系列教程五(使用缓存) CRL快速开发框架系列教程六(分布式缓存解决方案) CRL快速开发框架系列教程七(使用事务) CRL快速开发框架系列教程八(使用CRL.Package) CRL快速开发框架系列教程九(导入/导出数据) CRL快速开发框架系列教程十(