升级 1.16.0
This commit is contained in:
huanqing.shao
@ -167,8 +167,7 @@ export default {
|
||||
justify-content space-between
|
||||
.feature
|
||||
flex-grow 1
|
||||
flex-basis 30%
|
||||
max-width 32%
|
||||
width 32%
|
||||
height calc(240px + 2rem)
|
||||
cursor pointer
|
||||
h2
|
||||
@ -212,8 +211,10 @@ export default {
|
||||
.features
|
||||
flex-direction column
|
||||
.feature
|
||||
max-width 100%
|
||||
padding 0 2.5rem
|
||||
width calc(100%)
|
||||
height calc(240px + 2rem)
|
||||
margin-bottom 2rem
|
||||
|
||||
|
||||
@media (max-width: $MQMobileNarrow)
|
||||
.home
|
||||
|
||||
@ -171,6 +171,7 @@ module.exports = {
|
||||
children: [
|
||||
// ['install-k8s-upgrade', '升级Kubernetes集群'],
|
||||
'upgrade-k8s/1.15.x-1.15.4',
|
||||
'upgrade-k8s/1.15.x-1.16.x',
|
||||
]
|
||||
},
|
||||
{
|
||||
|
||||
@ -167,8 +167,8 @@ export default {
|
||||
|
||||
安装后的拓扑图如下:<span v-on:click="downloadDiagram"><a :href="$withBase('/kuboard.rp')" download="www.kuboard.cn.rp">下载拓扑图源文件</a></span> <font color="#999">使用Axure RP 9.0可打开该文件</font>
|
||||
|
||||
<p>
|
||||
<img src="/images/topology/k8s.png" style="max-width: 720px;" alt="Kubernetes安装:Kubernetes安装拓扑图">
|
||||
<p style="max-width: 720px;">
|
||||
<img src="/images/topology/k8s.png" style="max-width: 100%;" alt="Kubernetes安装:Kubernetes安装拓扑图">
|
||||
</p>
|
||||
|
||||
::: tip
|
||||
|
||||
@ -6,7 +6,7 @@ meta:
|
||||
content: Kubernetes升级,K8S升级,升级Kuberentes1.15.4
|
||||
---
|
||||
|
||||
# Kubernetes从1.15.x升级到 1.15.4
|
||||
# K8S从1.15.x升级到 1.15.4
|
||||
|
||||
参考文档: kubernetes 官网文档 [kubeadm upgrade](https://kubernetes.io/docs/reference/setup-tools/kubeadm/kubeadm-upgrade/)
|
||||
|
||||
|
||||
258
install/upgrade-k8s/1.15.x-1.16.x.md
Normal file
258
install/upgrade-k8s/1.15.x-1.16.x.md
Normal file
@ -0,0 +1,258 @@
|
||||
---
|
||||
vssueId: 107
|
||||
description: Kubernetes升级1.16.x。本文描述了如何从 kubernetes v1.15.x(或1.16.x)升级到 Kubernetes v1.16.y,前提是,您的 Kubernetes 集群是使用 kubeadm 安装的。
|
||||
meta:
|
||||
- name: keywords
|
||||
content: Kubernetes升级,K8S升级,升级Kuberentes1.16.x,Kubernetes升级到1.16
|
||||
---
|
||||
|
||||
# K8S从1.15.x(1.16.x)升级到 1.16.x
|
||||
|
||||
参考文档: kubernetes 官网文档 [kubeadm upgrade](https://kubernetes.io/docs/reference/setup-tools/kubeadm/kubeadm-upgrade/)
|
||||
|
||||
本文描述了如何从 kubernetes v1.15.x(或1.16.x)升级到 Kubernetes v1.16.y,前提是,您的 Kubernetes 集群是使用 kubeadm 安装的。
|
||||
|
||||
升级的高阶过程如下所示:
|
||||
|
||||
1. 升级主 master 节点
|
||||
2. 升级从 master 节点
|
||||
3. 升级 worker 节点
|
||||
|
||||
## 预备工作
|
||||
|
||||
* 请确保您的 Kubernetes 集群是通过 kubeadm 安装的,且版本号不低于 1.15.0
|
||||
* swap 已禁用(如果您参考 www.kuboard.cn 上的文档安装,swap已禁用)
|
||||
* 集群使用静态Pod(apiserver、etcd)或者使用外部 etcd(如果您参考 www.kuboard.cn 上的文档安装,则您的集群符合此条件)
|
||||
* 确保您备份了重要的信息,例如应用程序的数据库,部署配置信息等。`kubeadm upgrade` 在升级过程中并不涉及到部署在 Kubernetes 上应用程序,而是只升级 Kubernetes 的内部组件,尽管如此,备份始终是推荐的
|
||||
|
||||
::: tip
|
||||
* 升级后,所有的容器都会重启,因为升级改变了容器定义的 hash 值
|
||||
* 只能从一个小版本升级到下一个小版本,或者在小版本内部升级补丁版本,不能跳过小版本升级。例如,您可以从 1.15.0 升级到 1.15.4,也可以从 1.15.0 升级到 1.16.1,但是您不能从 1.14.9 升级到 1.16.0
|
||||
:::
|
||||
|
||||
## 确定当前版本
|
||||
|
||||
在 CentOS 上执行:
|
||||
``` sh
|
||||
yum list --showduplicates kubeadm --disableexcludes=kubernetes
|
||||
# 在列表中找到最新的 1.16 版本号
|
||||
# 该版本号格式为 1.16.x-0,其中 x 是最新的补丁
|
||||
```
|
||||
|
||||
## 升级 master 节点
|
||||
|
||||
### 升级第一个 master 节点
|
||||
|
||||
假设所有命令都以 root 身份执行
|
||||
|
||||
* 在第一个 master 节点上执行如下命令,升级 kubeadm
|
||||
``` sh
|
||||
# 将 1.16.x-0 中的 x 替换为最新的补丁版本
|
||||
yum install -y kubeadm-1.16.x-0 --disableexcludes=kubernetes
|
||||
```
|
||||
执行命令 `kubeadm version`,以验证升级结果
|
||||
|
||||
* 在第一个 master 节点上执行命令 `kubeadm upgrade plan`,输出结果如下所示:
|
||||
|
||||
``` {9,24,25,26,27,28,29}
|
||||
[upgrade/config] Making sure the configuration is correct:
|
||||
[upgrade/config] Reading configuration from the cluster...
|
||||
[upgrade/config] FYI: You can look at this config file with 'kubectl -n kube-system get cm kubeadm-config -oyaml'
|
||||
[preflight] Running pre-flight checks.
|
||||
[upgrade] Making sure the cluster is healthy:
|
||||
[upgrade] Fetching available versions to upgrade to
|
||||
[upgrade/versions] Cluster version: v1.15.4
|
||||
[upgrade/versions] kubeadm version: v1.16.0
|
||||
W1002 21:49:38.572516 14315 version.go:101] could not fetch a Kubernetes version from the internet: unable to get URL "https://dl.k8s.io/release/stable.txt": Get https://dl.k8s.io/release/stable.txt: net/http: request canceled while waiting for connection (Client.Timeout exceeded while awaiting headers)
|
||||
W1002 21:49:38.572555 14315 version.go:102] falling back to the local client version: v1.16.0
|
||||
[upgrade/versions] Latest stable version: v1.16.0
|
||||
W1002 21:49:48.655494 14315 version.go:101] could not fetch a Kubernetes version from the internet: unable to get URL "https://dl.k8s.io/release/stable-1.15.txt": Get https://dl.k8s.io/release/stable-1.15.txt: net/http: request canceled while waiting for connection (Client.Timeout exceeded while awaiting headers)
|
||||
W1002 21:49:48.655532 14315 version.go:102] falling back to the local client version: v1.16.0
|
||||
[upgrade/versions] Latest version in the v1.15 series: v1.16.0
|
||||
|
||||
Components that must be upgraded manually after you have upgraded the control plane with 'kubeadm upgrade apply':
|
||||
COMPONENT CURRENT AVAILABLE
|
||||
Kubelet 1 x v1.15.3 v1.16.0
|
||||
3 x v1.15.4 v1.16.0
|
||||
|
||||
Upgrade to the latest version in the v1.15 series:
|
||||
|
||||
COMPONENT CURRENT AVAILABLE
|
||||
API Server v1.15.4 v1.16.0
|
||||
Controller Manager v1.15.4 v1.16.0
|
||||
Scheduler v1.15.4 v1.16.0
|
||||
Kube Proxy v1.15.4 v1.16.0
|
||||
CoreDNS 1.3.1 1.6.2
|
||||
Etcd 3.3.10 3.3.15-0
|
||||
|
||||
You can now apply the upgrade by executing the following command:
|
||||
|
||||
kubeadm upgrade apply v1.16.0
|
||||
|
||||
_____________________________________________________________________
|
||||
```
|
||||
|
||||
::: tip
|
||||
* 请忽略错误 `could not fetch a Kubernetes version from the internet: unable to get URL "https://dl.k8s.io/release/stable.txt"`,在不能获得最新 kubernetes 版本列表的情况下,将使用 kubeadm 的版本作为升级的目标版本(在前面的步骤中,已经从 yum 仓库找到了最新 kubeadm 的版本)
|
||||
:::
|
||||
|
||||
* 执行如下命令以升级:
|
||||
|
||||
``` sh
|
||||
# 替换 x 为最新补丁的版本号
|
||||
kubeadm upgrade apply v1.16.x
|
||||
```
|
||||
::: tip
|
||||
* `kubeadm upgrade` 同时会自动更新节点上的证书。如果不想更新证书,请使用参数 `--certificate-renewal=false`
|
||||
:::
|
||||
|
||||
输出信息如下所示:
|
||||
``` {11}
|
||||
[upgrade/config] Making sure the configuration is correct:
|
||||
[upgrade/config] Reading configuration from the cluster...
|
||||
[upgrade/config] FYI: You can look at this config file with 'kubectl -n kube-system get cm kubeadm-config -oyaml'
|
||||
[preflight] Running pre-flight checks.
|
||||
[upgrade] Making sure the cluster is healthy:
|
||||
[upgrade/version] You have chosen to change the cluster version to "v1.16.0"
|
||||
[upgrade/versions] Cluster version: v1.15.4
|
||||
[upgrade/versions] kubeadm version: v1.16.0
|
||||
[upgrade/confirm] Are you sure you want to proceed with the upgrade? [y/N]: y
|
||||
[upgrade/prepull] Will prepull images for components [kube-apiserver kube-controller-manager kube-scheduler etcd]
|
||||
...省略部分内容以节省篇幅...
|
||||
[bootstrap-token] configured RBAC rules to allow the csrapprover controller automatically approve CSRs from a Node Bootstrap Token
|
||||
[bootstrap-token] configured RBAC rules to allow certificate rotation for all node client certificates in the cluster
|
||||
[addons] Applied essential addon: CoreDNS
|
||||
[addons] Applied essential addon: kube-proxy
|
||||
|
||||
[upgrade/successful] SUCCESS! Your cluster was upgraded to "v1.16.0". Enjoy!
|
||||
|
||||
[upgrade/kubelet] Now that your control plane is upgraded, please proceed with upgrading your kubelets if you haven't already done so.
|
||||
```
|
||||
|
||||
* 手动升级CNI插件
|
||||
|
||||
### 升级其他 master 节点
|
||||
|
||||
* 在其他 master 节点上执行命令
|
||||
|
||||
``` sh
|
||||
kubeadm upgrade node
|
||||
```
|
||||
::: tip
|
||||
* 不需要执行 `kubeadm upgrade plan`
|
||||
* 第一个 master 节点上执行的是 `kubeadm upgrade apply v1.16.x`,此时执行的是 `kubeadm upgrade node`
|
||||
:::
|
||||
|
||||
### 升级 kbuelet 和 kubectl
|
||||
|
||||
* 在所有的 master 节点上执行如下命令以升级 kubelet 和 kubectl
|
||||
|
||||
``` sh
|
||||
# 替换 x 为最新补丁的版本号
|
||||
yum install -y kubelet-1.16.x-0 kubectl-1.16.x-0 --disableexcludes=kubernetes
|
||||
```
|
||||
|
||||
* 执行如下命令,以重启 kubelet
|
||||
|
||||
``` sh
|
||||
systemctl daemon-reload
|
||||
systemctl restart kubelet
|
||||
```
|
||||
|
||||
## 升级 worker 节点
|
||||
|
||||
建议逐个升级 worker 节点,或者同一时间点只升级少量的 worker 节点,以避免集群出现资源紧缺的状况。
|
||||
|
||||
### 升级 kubeadm
|
||||
|
||||
* 在所有的 worker 节点上执行如下命令,升级 kubeadm
|
||||
``` sh
|
||||
# 将 1.16.x-0 中的 x 替换为最新的补丁版本
|
||||
yum install -y kubeadm-1.16.x-0 --disableexcludes=kubernetes
|
||||
```
|
||||
|
||||
### 排空(drain)节点
|
||||
|
||||
* 执行以下命令,将节点标记为 `不可调度的` 并驱逐节点上所有的 Pod,
|
||||
|
||||
``` sh
|
||||
kubectl drain $NODE --ignore-daemonsets
|
||||
```
|
||||
|
||||
输出结果如下所示:
|
||||
|
||||
```
|
||||
node/ip-172-31-85-18 cordoned
|
||||
WARNING: ignoring DaemonSet-managed Pods: kube-system/kube-proxy-dj7d7, kube-system/weave-net-z65qx
|
||||
node/ip-172-31-85-18 drained
|
||||
```
|
||||
|
||||
### 升级 kubelet 的配置
|
||||
|
||||
* 执行命令
|
||||
``` sh
|
||||
kubeadm upgrade node
|
||||
```
|
||||
|
||||
### 升级 kubelet 和 kubectl
|
||||
|
||||
* 在所有的 worker 节点执行命令
|
||||
|
||||
``` sh
|
||||
# 替换 x 为最新补丁的版本号
|
||||
yum install -y kubelet-1.16.x-0 kubectl-1.16.x-0 --disableexcludes=kubernetes
|
||||
```
|
||||
|
||||
* 执行如下命令,以重启 kubelet
|
||||
|
||||
``` sh
|
||||
systemctl daemon-reload
|
||||
systemctl restart kubelet
|
||||
```
|
||||
|
||||
### 恢复(uncordon)节点
|
||||
|
||||
* 执行如下命令,使节点重新接受调度并投入使用:
|
||||
|
||||
``` sh
|
||||
kubectl uncordon $NODE
|
||||
```
|
||||
|
||||
## 检查集群的状态
|
||||
|
||||
在所有节点的 kubelet 本升级以后,执行如下命令以验证所有节点都可用:
|
||||
|
||||
``` sh
|
||||
kubectl get nodes -o wide
|
||||
```
|
||||
|
||||
`STATUS` 字段应该为 `Ready`,版本号也应该显示目标版本号。
|
||||
|
||||
## 从错误状态中恢复
|
||||
|
||||
如果 `kubeadm upgrade` 执行过程中出现错误且未曾回滚,例如执行过程中意外关机,您可以再次执行 `kubeadm upgrade`。该命令是 [幂等](glossary/idempotent.html) 的,并将最终保证您能够达到最终期望的升级结果。
|
||||
|
||||
从失败状态中恢复时,请执行 `kubeadm upgrade --force` 命令,注意要使用集群的当前版本号。
|
||||
|
||||
## 工作过程
|
||||
|
||||
在第一个 master 节点上,`kubeadm upgrade apply` 执行了如下操作:
|
||||
* 检查集群是否处于可升级的状态:
|
||||
* API Server 可以调用
|
||||
* 所有的节点处于 `Ready` 装填
|
||||
* master 节点处于 `healthy` 状态
|
||||
* 检验是否可以从当前版本升级到目标版本
|
||||
* 确保 master 节点所需要的镜像可以被抓取到节点上
|
||||
* 升级 master 节点的组件,(如果碰到问题,则回滚)
|
||||
* 应用新的 `kube-dns` 和 `kube-proxy` 的 manifests 文件,并确保需要的 RBAC 规则被创建
|
||||
* 如果证书在 180 天内将要过期,则为 API Server 创建新的证书文件,并备份旧的文件
|
||||
|
||||
在其他 master 节点上,`kubeadm upgrade node` 执行了如下操作:
|
||||
* 从集群中抓取 kubeadm 的配置信息 `ClusterConfiguration`
|
||||
* 备份 kube-apiserver 的证书
|
||||
* 升级 master 节点上静态组件的 manifest 信息
|
||||
* 升级 master 节点上 kubelet 的配置信息
|
||||
|
||||
在所有的 worker 节点上,`kubeadm upgrade node` 执行了如下操作:
|
||||
* 从集群中抓取 kubeadm 的配置信息 `ClusterConfiguration`
|
||||
* 升级 worker 节点上 kubelet 的配置信息
|
||||
@ -165,7 +165,7 @@ Kubernetes 目前支持多达 28 种数据卷类型(其中大部分特定于
|
||||
|
||||
* 使用 ConfigMap 中的某一 key 作为文件名,对应 value 作为文件内容,替换 nginx 容器中的 /etc/nginx/conf.d/default.conf 配置文件。请参考 [使用 ConfigMap 配置您的应用程序](/learning/k8s-intermediate/config/config-map.html#configmap-数据卷)
|
||||
|
||||
### secret <Badge text="Kuboard正在计划中" type="warn"/>
|
||||
### secret <Badge text="Kuboard已支持" type="success"/>
|
||||
|
||||
* **描述**
|
||||
|
||||
|
||||
@ -20,7 +20,7 @@ meta:
|
||||
align-items: flex-start;
|
||||
align-content: stretch;
|
||||
justify-content: space-between;">
|
||||
<div style="flex-grow: 1; flex-basis: 25%; min-width: 200px;">
|
||||
<div style="flex-grow: 1; flex-basis: 25%; min-width: 200px; cursor: pointer;" @click="$router.push({path: '/install/install-k8s.html'})">
|
||||
<h2 style="font-size: 1.1rem; font-weight: 500; border-bottom: none; padding-bottom: 0; color: #3a5169;">
|
||||
Kubernetes安装文档
|
||||
</h2>
|
||||
@ -35,7 +35,7 @@ meta:
|
||||
</li>
|
||||
</div>
|
||||
|
||||
<div style="flex-grow: 1; flex-basis: 25%; min-width: 200px;">
|
||||
<div style="flex-grow: 1; flex-basis: 25%; min-width: 200px; cursor: pointer;" @click="$router.push({path: '/learning/'})">
|
||||
<h2 style="font-size: 1.1rem; font-weight: 500; border-bottom: none; padding-bottom: 0; color: #3a5169;">
|
||||
Kubernetes免费教程
|
||||
</h2>
|
||||
@ -47,7 +47,7 @@ meta:
|
||||
</li>
|
||||
</div>
|
||||
|
||||
<div style="flex-grow: 1; flex-basis: 25%; min-width: 200px;">
|
||||
<div style="flex-grow: 1; flex-basis: 25%; min-width: 200px; cursor: pointer;" @click="$router.push({path: '/learning/k8s-practice/ocp/'})">
|
||||
<h2 style="font-size: 1.1rem; font-weight: 500; border-bottom: none; padding-bottom: 0; color: #3a5169;">
|
||||
Kubernetes+SpringCloud实战
|
||||
</h2>
|
||||
|
||||
@ -1,21 +1,5 @@
|
||||
Kuboard v1.0.x 的更新说明
|
||||
|
||||
## v1.0.4-beta.1
|
||||
|
||||
**发布日期**
|
||||
|
||||
2019年9月2x日
|
||||
|
||||
**新特性**
|
||||
|
||||
* 工作负载编辑器 --> 容器组 --> terminationGracePeriodSeconds
|
||||
* 工作负载编辑器 --> 容器组 --> 容器 --> 挂载点 --> 增加 mountPropagation 选项
|
||||
|
||||
**优化**
|
||||
|
||||
|
||||
**BUG 修复**
|
||||
* Secret 表单验证
|
||||
|
||||
|
||||
|
||||
|
||||
@ -7,6 +7,24 @@ description: 本文描述了Kuboard_v1.0.x的版本变更说明
|
||||
|
||||
Kuboard v1.0.x 的更新说明
|
||||
|
||||
## v1.0.4-beta.1
|
||||
|
||||
**发布日期**
|
||||
|
||||
2019年10月2日
|
||||
|
||||
**新特性**
|
||||
|
||||
* 工作负载编辑器 --> 容器组 --> terminationGracePeriodSeconds
|
||||
* 工作负载编辑器 --> 容器组 --> 容器 --> 挂载点 --> 增加 mountPropagation 选项
|
||||
* 工作负载编辑器 --> 数据卷 --> 增加对 secret 类型数据卷的支持
|
||||
|
||||
**BUG 修复**
|
||||
* Secret 表单验证
|
||||
* 导入工作负载时,调整节点端口字段应为数字类型
|
||||
* 工作负载编辑器 --> 容器组 --> 容器 --> 资源限制中,如果只填写内存不填写CPU,能够保存保存成功,但是重新进入编辑界面时失败
|
||||
|
||||
|
||||
## v1.0.3
|
||||
|
||||
**发布日期**
|
||||
|
||||
Reference in New Issue
Block a user