在CentOS7上k8s1.16升级到1.17.x
我的k8s集群是单master节点+2个worker节点,主要参照以下2篇文章,把CentOS7上的kubernhetes1.16.0升级到1.17.2,
https://kubernetes.io/docs/tasks/administer-cluster/kubeadm/kubeadm-upgrade/
https://www.codetd.com/article/8427952
一、升级第一个master节点
在第1个主节点,检查当前kubeadm版本,执行
yum list --showduplicates kubeadm --disableexcludes=kubernetes
执行结果
kubeadm.x86_64 1.15.8-0 kubernetes
kubeadm.x86_64 1.15.9-0 kubernetes
kubeadm.x86_64 1.16.0-0 kubernetes
kubeadm.x86_64 1.16.1-0 kubernetes
kubeadm.x86_64 1.16.2-0 kubernetes
kubeadm.x86_64 1.16.3-0 kubernetes
kubeadm.x86_64 1.16.4-0 kubernetes
kubeadm.x86_64 1.16.5-0 kubernetes
kubeadm.x86_64 1.16.6-0 kubernetes
kubeadm.x86_64 1.17.0-0 kubernetes
kubeadm.x86_64 1.17.1-0 kubernetes
kubeadm.x86_64 1.17.2-0 kubernetes
安装kubeadm,把x换成需要的子版本号,执行
yum install -y kubeadm-1.17.x-0 --disableexcludes=kubernetes
我的实例,注意-0一定要有
yum install -y kubeadm-1.17.2-0 --disableexcludes=kubernetes
执行完毕后检查结果
kubeadm version
把当前节点放空,cp-node-name可以通过kubeadm get node 查询到
kubectl drain <cp-node-name> --ignore-daemonsets
我的实例
kubectl drain k8smaster1 --ignore-daemonsets
显示升级计划
sudo kubeadm upgrade plan
结果应该如下
Components that must be upgraded manually after you have upgraded the
control plane with ‘kubeadm upgrade apply’: COMPONENT CURRENT
AVAILABLE Kubelet 3 x v1.16.0 v1.17.2Upgrade to the latest version in the v1.16 series:
COMPONENT CURRENT AVAILABLE API Server v1.16.0
v1.17.2 Controller Manager v1.16.0 v1.17.2 Scheduler
v1.16.0 v1.17.2 Kube Proxy v1.16.0 v1.17.2 CoreDNS
1.6.2 1.6.5 Etcd 3.3.15 3.4.3-0You can now apply the upgrade by executing the following command:
kubeadm upgrade apply v1.17.2
kubeadm升级
kubeadm upgrade apply v1.17.2
应该看到如下结果:
[bootstrap-token] configured RBAC rules to allow the csrapprover
controller automatically approve CSRs from a Node Bootstrap Token
[bootstrap-token] configured RBAC rules to allow certificate rotation
for all node client certificates in the cluster [addons]: Migrating
CoreDNS Corefile [addons] Applied essential addon: CoreDNS [addons]
Applied essential addon: kube-proxy[upgrade/successful] SUCCESS! Your cluster was upgraded to “v1.17.2”.
Enjoy![upgrade/kubelet] Now that your control plane is upgraded, please
proceed with upgrading your kubelets if you haven’t already done so.
解除放空
kubectl uncordon <cp-node-name>
升级kubelet和kubectl
yum install -y kubelet-1.17.2-0 kubectl-1.17.2-0 --disableexcludes=kubernetes
重启kubelet,搞定
sudo systemctl restart kubelet
我实操时有警告,需要执行
systemctl daemon-reload
二. 升级worker节点
安装新版kubeadm
yum install -y kubeadm-1.17.2-0 --disableexcludes=kubernetes
在master节点上放空worker节点
kubectl drain <node-to-drain> --ignore-daemonsets
在worker上执行
kubeadm upgrade node
完成后,升级kubelet和kubectl
yum install -y kubelet-1.17.2-0 kubectl-1.17.2-0 --disableexcludes=kubernetes
重启kubelet,搞定
sudo systemctl restart kubelet
在master节点上解除放空
kubectl uncordon <node-to-drain>
三. 检查结果
在master节点上执行
kubectl get nodes
结果大致如下
NAME STATUS ROLES AGE VERSION
k8smaster1.taihecom Ready master 19h v1.17.2
k8sworker1.taihecom Ready 18h v1.17.2
k8sworker2.taihecom Ready 18h v1.17.2