二進位制叢集升級
阿新 • • 發佈:2020-10-09
k8s 二進位制叢集平滑升級 1.15.2升級至1.16.4
基於之前的二進位制安裝 kubernetes 叢集來升級
1,既然要平滑升級,我們肯定不能一口氣把所有節點同時升級,我們需要一個節點一個節點的來操作,先刪除一個節點,然後kube-scheduler會把刪除的這個節點上的 pod 遷移到還存在的節點上,先升級節點
2,升級 master ,首先需要先把要升級的 master 節點從 nginx 中摘除,防止有流量進來
3,升級服務
4,流量切回來,檢視叢集狀態是否正常
node 節點升級
1,下載1.16.4 版本的二進位制包
我們到 github 上面下載需要的二進位制安裝包 https://github.com/kubernetes/kubernetes/releases/tag/v1.16.14
mkdir -p /opt/src/kubernetes-v1.16.4
wget https://dl.k8s.io/v1.16.15/kubernetes-server-linux-amd64.tar.gz -O /opt/src/kubernetes-v1.16.4
2,刪除一個節點
[root@jx4-74 ~]# kubectl get nodes NAME STATUS ROLES AGE VERSION jx4-74.host.com Ready master,node 33d v1.15.4 jx4-75.host.com Ready master,node 33d v1.15.4 jx4-76.host.com Ready node 33d v1.15.4 [root@jx4-74 ~]# kubectl delete node jx4-76.host.com node "jx4-76.host.com" deleted [root@jx4-74 ~]# kubectl get nodes NAME STATUS ROLES AGE VERSION jx4-74.host.com Ready master,node 33d v1.15.4 jx4-75.host.com Ready master,node 33d v1.15.4
將節點設定成不可排程狀態:
[root@jx4-74 ~]# kubectl cordon jx4-76.host.com node/jx4-75.host.com cordoned [root@jx4-74 ~]# kubectl get nodes NAME STATUS ROLES AGE VERSION jx4-74.host.com Ready master,node 33d v1.15.4 jx4-75.host.com Ready master,node 33d v1.15.4 jx4-76.host.com Ready node,SchedulingDisabled 33d v1.15.4
當節點設定成不可排程狀態之後,新啟動的 pod 不會排程到此節點上,但是該節點上正在執行的 Pod 將不會被影響。
驅逐節點上的 Pod
[root@jx4-74 ~]# kubectl drain jx4-76.host.com --delete-local-data --ignore-daemonsets --force
- --delete-local-data 即使pod使用了emptyDir也刪除
- --ignore-daemonsets 忽略deamonset控制器的pod,如果不忽略,deamonset控制器控制的pod被刪除後可能馬上又在此節點上啟動起來,會成為死迴圈;
- --force 不加force引數只會刪除該NODE上由ReplicationController, ReplicaSet, DaemonSet,StatefulSet or Job建立的Pod,加了後還會刪除'裸奔的pod'(沒有繫結到任何replication controller)
[root@jx4-74 ~]# kubectl get pods -o wide --all-namespaces | grep jx4-76.host.com
default test-nginx-r7wcs 1/1 Running 0 29h 10.103.75.4 jx4-76.host.com <none> <none>
kube-system traefik-ingress-controller-mflr8 1/1 Running 0 29h 10.103.75.3 jx4-76.host.com <none> <none>
monitoring log-loki-c8d2v 1/1 Running 0 29h 10.103.75.6 jx4-76.host.com <none> <none>
monitoring node-exporter-qdh7g 2/2 Running 0 29h 192.168.4.75 jx4-76.host.com <none> <none>
[root@jx4-74 ~]# kubectl get ds --all-namespaces
NAMESPACE NAME DESIRED CURRENT READY UP-TO-DATE AVAILABLE NODE SELECTOR AGE
default test-nginx 3 3 3 3 3 <none> 22d
kube-system traefik-ingress-controller 3 3 3 3 3 <none> 29d
monitoring log-loki 3 3 3 3 3 <none> 5d2h
monitoring node-exporter 3 3 3 3 3 <none> 19d
可以看到除了 deamonSet
控制器之外的所有 pods 都已經被驅逐,
摘除此節點
[root@jx4-74 ~]# kubectl delete node jx4-76.host.com
3, 升級節點
[root@jx4-76 kubernetes-v1.16.4]# tar xvf kubernetes-server-linux-amd64.tar.gz -C /opt/kubernetes-1.16.4/
[root@jx4-76 kubernetes-v1.16.4]# cd /opt/kubernetes-1.16.4/
[root@jx4-76 kubernetes-1.16.4]# mv kubernetes/* ./
[root@jx4-76 kubernetes-1.16.4]# rm -rf kubernetes kubernetes-src.tar.gz LICENSES
[root@jx4-76 kubernetes-1.16.4]# cd server/bin/
[root@jx4-76 bin]# ls
apiextensions-apiserver kube-apiserver kube-controller-manager kubectl kube-proxy.docker_tag kube-scheduler.docker_tag
hyperkube kube-apiserver.docker_tag kube-controller-manager.docker_tag kubelet kube-proxy.tar kube-scheduler.tar
kubeadm kube-apiserver.tar kube-controller-manager.tar kube-proxy kube-scheduler mounter
[root@jx4-76 bin]# rm -f *_tag *.tar
[root@jx4-76 bin]# ls
apiextensions-apiserver hyperkube kubeadm kube-apiserver kube-controller-manager kubectl kubelet kube-proxy kube-scheduler mounter
[root@jx4-76 bin]# cp -r /opt/kubernetes-1.15.4/server/bin/conf/ ./
[root@jx4-76 bin]# cp -r /opt/kubernetes-1.15.4/server/bin/certs/ ./
[root@jx4-76 bin]# cp /opt/kubernetes-1.15.4/server/bin/*.sh kubernetes-1.16.4/server/bin/
[root@jx4-76 opt]# rm -rf kubernetes
[root@jx4-76 opt]# ln -s /opt/kubernetes-1.16.4/ kubernetes
[root@jx4-76 opt]# supervisorctl restart kube-kubelet-4-76 kube-proxy-4-76
[root@jx4-76 opt]# supervisorctl status
flanneld-4-76 RUNNING pid 1154, uptime 29 days, 18:05:52
kube-kubelet-4-76 RUNNING pid 15550, uptime 0:01:12
kube-proxy-4-76 RUNNING pid 16173, uptime 0:00:42
然後檢視 node 版本
[root@jx4-74 ~]# kubectl get nodes
NAME STATUS ROLES AGE VERSION
jx4-74.host.com Ready master,node 33d v1.15.4
jx4-75.host.com Ready master,node 33d v1.15.4
jx4-76.host.com Ready <none> 73s v1.16.15
可以看到此節點我們已經升級成功了。
然後也檢視到 76 上面已經有 running 的 pod 了
[root@jx4-74 ~]# kubectl get pods --all-namespaces -o wide | grep jx4-76.host.com
default test-nginx-szlnq 1/1 Running 0 2m58s 10.103.76.2 jx4-76.host.com <none> <none>
kube-system traefik-ingress-controller-r7dtx 1/1 Running 0 2m58s 10.103.76.4 jx4-76.host.com <none> <none>
monitoring log-loki-2rtwt 1/1 Running 0 2m58s 10.103.76.3 jx4-76.host.com <none> <none>
monitoring node-exporter-8zpd7 2/2 Running 0 3m8s 192.168.4.76 jx4-76.host.com <none> <none>
master 升級
master 升級和 node 升級大致相同,先升級一個,把升級的哪臺先從 nginx 負載裡面摘除,然後在單個服務單個服務的升級,這裡面不在贅述。
升級完成之後我們檢視節點資訊
[root@jx4-74 tmp]# kubectl get nodes
NAME STATUS ROLES AGE VERSION
jx4-74.host.com Ready master,node 33d v1.16.15
jx4-75.host.com Ready master,node 80m v1.16.15
jx4-76.host.com Ready node 3h40m v1.16.15