본문 바로가기

CKA &. CKAD/Cluster Maintenance

Kuberenetes Upgrade Process

 

[Kubernetes Release]

 

https://kubernetes.io/docs/concepts/overview/kubernetes-api/

 

The Kubernetes API

The Kubernetes API lets you query and manipulate the state of objects in Kubernetes. The core of Kubernetes' control plane is the API server and the HTTP API that it exposes. Users, the different parts of your cluster, and external components all communica

kubernetes.io

Here is a link to kubernetes documentation if you want to learn more about this topic (You don't need it for the exam though):

https://github.com/kubernetes/community/blob/master/contributors/devel/sig-architecture/api-conventions.md

 

kubernetes/community

Kubernetes community content. Contribute to kubernetes/community development by creating an account on GitHub.

github.com

https://github.com/kubernetes/community/blob/master/contributors/devel/sig-architecture/api_changes.md

 

kubernetes/community

Kubernetes community content. Contribute to kubernetes/community development by creating an account on GitHub.

github.com

[Cluster Upgrade Process]

 

Kubernets에서는 kube-apiserver보다 동일 또는 하위 버전이 되어야 한다.

업그레이드는 마이너버전 한 단계씩..

 

 

kubectl get pods -A

node 버전 확인

kubectl get nodes

 

Upgrade를 위한 버전 결정

 

(Ubuntu, Debian or HypriotOS)

apt update
apt-cache madison kubeadm

(CentOS, RHEL or Fedora)

yum list --showduplicates kubeadm --disableexcludes=kubernetes

 

Upgrade Control plane nodes

 

 

[Practice Test]

ㅁ What is the current version of the cluster?

kubectl get nodes

NAME           STATUS   ROLES    AGE     VERSION
controlplane   Ready    master   5m25s   v1.18.0
node01         Ready    <none>   4m57s   v1.18.0
kubectl version --short

 

ㅁ How many nodes are part of this cluster?

[0], [2], [3], [1], [4]

 

ㅁ How many nodes can host workload in this cluster (Inspect the applications and taints set on the nodes)

- Check the taints on both master and node01. If none exists, then both nodes can host workloads.

[4], [2], [3], [1]

kubectl describe node controlplane | grep -i Taint
Taints:             <none>

kubectl describe node node01 | grep -i Taint
Taints:             <none>

ㅁ How many applications are hosted on the cluster?

kubectl get deployment

ㅁ What nodes are the pods hosted on?

kubectl get pods -o wide

ㅁ You are tasked to upgrade the cluster. User's accessing the applications must not be impacted. And you cannot provision new VMs. What strategy would you use to upgrade the cluster?

[Upgrade one node at a time while moving the workloads to the other]

[Users will be impacted since there is only one worker node]

[Add new nodes with newer versions while taking down existing nodes]

[Upgrade all nodes at once] 

 

ㅁ What is the latest stable version available for upgrade?

 

[v1.12.1]

[v1.13.0]

[v1.18.17]

[v1.10.0]

kubeadm upgrade plan

[upgrade/config] Making sure the configuration is correct:
[upgrade/config] Reading configuration from the cluster...
[upgrade/config] FYI: You can look at this config file with 'kubectl -n kube-system get cm kubeadm-config -oyaml'
[preflight] Running pre-flight checks.
[upgrade] Running cluster health checks
[upgrade] Fetching available versions to upgrade to
[upgrade/versions] Cluster version: v1.18.0
[upgrade/versions] kubeadm version: v1.18.0
I0328 04:08:40.186928   32456 version.go:252] remote version is much newer: v1.20.5; falling back to: stable-1.18
[upgrade/versions] Latest stable version: v1.18.17
[upgrade/versions] Latest stable version: v1.18.17
[upgrade/versions] Latest version in the v1.18 series: v1.18.17
[upgrade/versions] Latest version in the v1.18 series: v1.18.17

Components that must be upgraded manually after you have upgraded the control plane with 'kubeadm upgrade apply':
COMPONENT   CURRENT       AVAILABLE
Kubelet     2 x v1.18.0   v1.18.17

Upgrade to the latest version in the v1.18 series:

COMPONENT            CURRENT   AVAILABLE
API Server           v1.18.0   v1.18.17
Controller Manager   v1.18.0   v1.18.17
Scheduler            v1.18.0   v1.18.17
Kube Proxy           v1.18.0   v1.18.17
CoreDNS              1.6.7     1.6.7
Etcd                 3.4.3     3.4.3-0

You can now apply the upgrade by executing the following command:

        kubeadm upgrade apply v1.18.17

Note: Before you can perform this upgrade, you have to update kubeadm to v1.18.17.

_____________________________________________________________________

 

ㅁ We will be upgrading the master node first. Drain the master node of w orkloads and mark it

kubectl drain controlplane --ignore-deamonsets

node/controlplane cordoned
WARNING: ignoring DaemonSet-managed Pods: kube-system/kube-flannel-ds-amd64-6bh67, kube-system/kube-keepalived-vip-d55fx, kube-system/kube-proxy-b9vm4
evicting pod kube-system/coredns-66bff467f8-2qzhx
evicting pod kube-system/coredns-66bff467f8-gczlb
pod/coredns-66bff467f8-gczlb evicted
pod/coredns-66bff467f8-2qzhx evicted
node/controlplane evicted

kubectl get nodes
NAME           STATUS                     ROLES    AGE   VERSION
controlplane   Ready,SchedulingDisabled   master   21m   v1.18.0
node01         Ready                      <none>   21m   v1.18.0

 

ㅁ Upgrade the master/controlplane compnents to exact version v1.19.0

Upgrade kubeadm tool (if not already), then the master components, and fnally the kubelet. Practice referring to the kubernetes documentation page. Note: while upgrading kubelet, if you hit dependency issue while running the apt-get upgrade kubelet command, use the apt install kubelet=1.19.0-00 command instead

 

ㅇ Master Node

 

1) 먼저 kubeadm upgrade plan을 수행하여 업그레이드 가능 버전 확인

kubeadm upgrade plan

1.18.17-00 으로 확인되어 kubeadm 업데이트

 

2) apt install kubeadm=1.18.17-00 업데이트

apt install kubeadm=1.18.17-00

업데이트 후 kubeadm 버전 확인

kubeadm version

3) master node의 업데이트

 

먼저 master node 상태 확인

kubectl get nodes

 

master node upgrade

kubeadm upgrade apply v1.18.17

 

kubelet upgrade

apt install kubelet=1.18.17-00

 

업데이트 여부 확인

kubectl get nodes

 

4) 정상 상태(Schedulable)로 Controlplane 변경

 

ㅇ Worker Node Udpate

1) Worker Node 상태 drain 으로 변경

kubectl drain node01 --ignore-daemonsets

 

2) Worker Node로 접속

ssh node01

 

 

3) kubeadm update 

 

kubeadm 버전 확인

kubeadm version

kubeadm upgrade

apt install kubeadm=1.18.17-00

 

4) worker node kubelet update

apt install kubelet=1.18.17-00

 

5) Control Plane으로 접속하여 Uncordon 함

kubectl uncordon node01

 

ㅇ 최종적으로 모두 업데이트 되었는지 확인

kubectl get nodes

kubectl version --short

 

 

 

'CKA &. CKAD > Cluster Maintenance' 카테고리의 다른 글

Practice Test - Backup and Restore Methods  (0) 2021.03.28
Working with ETCDCTL  (0) 2021.03.28
Backup and Restore Methods  (0) 2021.03.28
Operating system Upgrade  (0) 2021.03.28