k8s-Kubernetes集群升级
文章目录
- 前言
- 一、集群升级:1.23.17升级至1.24.0
-
- 1.部署cri-docker (所有集群节点均需部署)
- 2.升级master节点
- 3.升级worker节点
- 二、集群升级:1.24升级至1.25
-
- 1.说明
- 2.升级master节点
- 3.升级worker节点
前言
一、集群升级:1.23.17升级至1.24.0
https://v1-24.docs.kubernetes.io/zh-cn/docs/tasks/administer-cluster/kubeadm/kubeadm-upgrade/
查看官网,得知必须安装cri-docker:
1.部署cri-docker (所有集群节点均需部署)
k8s从1.24版本开始移除了dockershim,所以需要安装cri-docker插件才能使用docker
软件下载:https://github.com/Mirantis/cri-dockerd
安装
[root@server2 ~]# rpm -ivh cri-dockerd-0.3.1-3.el7.x86_64.rpm
配置cri-docker
[root@server2 ~]# vim /usr/lib/systemd/system/cri-docker.service
[Service]
Type=notify
ExecStart=/usr/bin/cri-dockerd --container-runtime-endpoint fd:// --network-plugin=cni --pod-infra-container-image=reg.westos.org/k8s/pause:3.7
[root@server2 ~]# systemctl daemon-reload
[root@server2 ~]# systemctl enable --now cri-docker
[root@server2 ~]# ll /var/run/cri-dockerd.sock
srw-rw---- 1 root docker 0 Jan 9 17:51 /var/run/cri-dockerd.sock
cri-docker官网得来下图
2.升级master节点
首先上传镜像到harbor仓库,便于升级
reg.westos.org/k8s/kube-apiserver v1.24.0
reg.westos.org/k8s/kube-proxy v1.24.0
reg.westos.org/k8s/kube-scheduler v1.24.0
reg.westos.org/k8s/kube-controller-manager v1.24.0
reg.westos.org/k8s/etcd 3.5.3-0
reg.westos.org/k8s/pause 3.7
reg.westos.org/k8s/coredns v1.8.6
注:本实验更新的镜像为tar包导入,1.24升级至1.25镜像为阿里云下载!
导入镜像命令:
[root@server2 ~]# docker load -i k8s-1.24.0.tar
上传仓库命令(挨个上传):
[root@server2 ~]# docker push reg.westos.org/k8s/kube-proxy:v1.24.0
升级kubeadm
[root@server2 ~]# yum install -y kubeadm-1.24.0-0
执行升级
[root@server2 ~]# kubeadm upgrade plan
由官方上图得到下面:修改节点套接字
修改节点套接字:找本地的cri-dockerd.sock
[root@server2 ~]# kubectl edit nodes server2
…
kubeadm.alpha.kubernetes.io/cri-socket: unix:///var/run/cri-dockerd.sock
[root@server2 ~]# kubeadm upgrade apply v1.24.0
腾空节点
[root@server2 ~]# kubectl drain server2 --ignore-daemonsets
升级kubelet
[root@server2 ~]# yum install -y kubelet-1.24.0-0 kubectl-1.24.0-0
配置kubelet使用cri-docker
[root@server2 ~]# vim /var/lib/kubelet/kubeadm-flags.env
KUBELET_KUBEADM_ARGS=“–pod-infra-container-image=reg.westos.org/k8s/pause:3.7 --container-runtime=remote --container-runtime-endpoint=unix:///var/run/cri-dockerd.sock”
重启kubelet
[root@server2 ~]# systemctl daemon-reload
[root@server2 ~]# systemctl restart kubelet
解除节点保护
[root@server2 ~]# kubectl uncordon server2
3.升级worker节点
升级kubeadm
[root@server3 ~]# yum install -y kubeadm-1.24.0-0
执行升级
[root@server3 ~]# kubeadm upgrade node
腾空节点
[root@server2 ~]# kubectl drain server3 --ignore-daemonsets #需要在master节点执行
升级kubelet
[root@server3 ~]# yum install -y kubelet-1.24.0-0 kubectl-1.24.0-0
配置kubelet使用cri-docker
[root@server3 ~]# vim /var/lib/kubelet/kubeadm-flags.env
KUBELET_KUBEADM_ARGS=“–pod-infra-container-image=reg.westos.org/k8s/pause:3.7 --container-runtime=remote --container-runtime-endpoint=unix:///var/run/cri-dockerd.sock”
修改节点套接字
[root@server2 ~]# kubectl edit nodes server3 #需要在master节点执行
…
kubeadm.alpha.kubernetes.io/cri-socket: unix:///var/run/cri-dockerd.sock
重启kubelet
[root@server3 ~]# systemctl daemon-reload
[root@server3 ~]# systemctl restart kubelet
解除节点保护
[root@server2 ~]# kubectl uncordon server3 #需要在master节点执行
其它node节点(server4)依此类推
二、集群升级:1.24升级至1.25
1.说明
上面实验已将cri-docker 部署,所以本实验不需要在次部署
【配置cri-docker、配置kubelet使用cri-docker】这两个文件设置也可以不改变,若改变(3.7改为3.8),需将集群内所有节点都进行修改
配置cri-docker
[root@server2 ~]# vim /usr/lib/systemd/system/cri-docker.service
[Service]
Type=notify
ExecStart=/usr/bin/cri-dockerd --container-runtime-endpoint fd:// --network-plugin=cni --pod-infra-container-image=reg.westos.org/k8s/pause:3.7
[root@server2 ~]# systemctl daemon-reload
[root@server2 ~]# systemctl enable --now cri-docker
配置kubelet使用cri-docker
[root@server2 ~]# vim /var/lib/kubelet/kubeadm-flags.env
KUBELET_KUBEADM_ARGS=“–pod-infra-container-image=reg.westos.org/k8s/pause:3.7 --container-runtime=remote --container-runtime-endpoint=unix:///var/run/cri-dockerd.sock”
重启kubelet
[root@kserver2 ~]# systemctl daemon-reload
[root@kserver2 ~]# systemctl restart kubelet
2.升级master节点
升级kubeadm
[root@server2 ~]# yum install -y kubeadm-1.25.0-0
下载所需镜像
[root@server2 ~]# kubeadm config images pull --image-repository registry.aliyuncs.com/google_containers --kubernetes-version v1.25.0 --cri-socket unix:///var/run/cri-dockerd.sock
[config/images] Pulled registry.aliyuncs.com/google_containers/kube-apiserver:v1.25.0
[config/images] Pulled registry.aliyuncs.com/google_containers/kube-controller-manager:v1.25.0
[config/images] Pulled registry.aliyuncs.com/google_containers/kube-scheduler:v1.25.0
[config/images] Pulled registry.aliyuncs.com/google_containers/kube-proxy:v1.25.0
[config/images] Pulled registry.aliyuncs.com/google_containers/pause:3.8
[config/images] Pulled registry.aliyuncs.com/google_containers/etcd:3.5.4-0
[config/images] Pulled registry.aliyuncs.com/google_containers/coredns:v1.9.3
上传镜像到harbor仓库:上传前需确认好镜像
[root@server2 ~]# docker images |grep google_containers | awk ‘{print $1":"$2}’ | awk -F/ ‘{system(“docker tag “$0” reg.westos.org/k8s/”$3"")}’
[root@server2 ~]# docker images |grep k8s | awk ‘{system(“docker push “$1”:”$2"")}’
升级集群版本
[root@server2 ~]# kubeadm upgrade apply v1.25.0
腾空节点
[root@server2 ~]# kubectl drain server2 --ignore-daemonsets
升级kubelet
[root@server2 ~]# yum install -y kubelet-1.25.0-0 kubectl-1.25.0-0
[root@server2 ~]# systemctl daemon-reload
[root@server2 ~]# systemctl restart kubelet
解除节点保护
[root@server2 ~]# kubectl uncordon server2
node/server2 uncordoned
[root@server2 ~]# kubectl get node
NAME STATUS ROLES AGE VERSION
server2 Ready control-plane 2d1h v1.25.0
server3 Ready 2d1h v1.24.0
server4 Ready 2d1h v1.24.0
3.升级worker节点
[root@server3 ~]# yum install -y kubeadm-1.25.0-0
[root@server3 ~]# kubeadm upgrade node
腾空节点
[root@server2 ~]# kubectl drain server3 --ignore-daemonsets
升级kubelet
[root@server3 ~]# yum install -y kubelet-1.25.0-0 kubectl-1.25.0-0
[root@server3 ~]# systemctl daemon-reload
[root@server3 ~]# systemctl restart kubelet
解除节点保护
[root@server2 ~]# kubectl uncordon server3
node/server3 uncordoned
[root@server2 ~]# kubectl get node
NAME STATUS ROLES AGE VERSION
server2 Ready control-plane 2d1h v1.25.0
server3 Ready 2d1h v1.25.0
server4 Ready 2d1h v1.24.0
其它node节点(server4)依此类推
