Kuberenetes Upgrade Process
[Kubernetes Release]
https://kubernetes.io/docs/concepts/overview/kubernetes-api/
The Kubernetes API
The Kubernetes API lets you query and manipulate the state of objects in Kubernetes. The core of Kubernetes' control plane is the API server and the HTTP API that it exposes. Users, the different parts of your cluster, and external components all communica
kubernetes.io
Here is a link to kubernetes documentation if you want to learn more about this topic (You don't need it for the exam though):
kubernetes/community
Kubernetes community content. Contribute to kubernetes/community development by creating an account on GitHub.
github.com
kubernetes/community
Kubernetes community content. Contribute to kubernetes/community development by creating an account on GitHub.
github.com
[Cluster Upgrade Process]
Kubernets에서는 kube-apiserver보다 동일 또는 하위 버전이 되어야 한다.
업그레이드는 마이너버전 한 단계씩..
kubectl get pods -Anode 버전 확인
kubectl get nodes
Upgrade를 위한 버전 결정
(Ubuntu, Debian or HypriotOS)
apt update
apt-cache madison kubeadm(CentOS, RHEL or Fedora)
yum list --showduplicates kubeadm --disableexcludes=kubernetes
Upgrade Control plane nodes
[Practice Test]
ㅁ What is the current version of the cluster?
kubectl get nodes
NAME STATUS ROLES AGE VERSION
controlplane Ready master 5m25s v1.18.0
node01 Ready <none> 4m57s v1.18.0kubectl version --short
ㅁ How many nodes are part of this cluster?
[0], [2], [3], [1], [4]
ㅁ How many nodes can host workload in this cluster (Inspect the applications and taints set on the nodes)
- Check the taints on both master and node01. If none exists, then both nodes can host workloads.
[4], [2], [3], [1]
kubectl describe node controlplane | grep -i Taint
Taints: <none>
kubectl describe node node01 | grep -i Taint
Taints: <none>ㅁ How many applications are hosted on the cluster?
kubectl get deploymentㅁ What nodes are the pods hosted on?
kubectl get pods -o wideㅁ You are tasked to upgrade the cluster. User's accessing the applications must not be impacted. And you cannot provision new VMs. What strategy would you use to upgrade the cluster?
[Upgrade one node at a time while moving the workloads to the other]
[Users will be impacted since there is only one worker node]
[Add new nodes with newer versions while taking down existing nodes]
[Upgrade all nodes at once]
ㅁ What is the latest stable version available for upgrade?
[v1.12.1]
[v1.13.0]
[v1.18.17]
[v1.10.0]
kubeadm upgrade plan
[upgrade/config] Making sure the configuration is correct:
[upgrade/config] Reading configuration from the cluster...
[upgrade/config] FYI: You can look at this config file with 'kubectl -n kube-system get cm kubeadm-config -oyaml'
[preflight] Running pre-flight checks.
[upgrade] Running cluster health checks
[upgrade] Fetching available versions to upgrade to
[upgrade/versions] Cluster version: v1.18.0
[upgrade/versions] kubeadm version: v1.18.0
I0328 04:08:40.186928 32456 version.go:252] remote version is much newer: v1.20.5; falling back to: stable-1.18
[upgrade/versions] Latest stable version: v1.18.17
[upgrade/versions] Latest stable version: v1.18.17
[upgrade/versions] Latest version in the v1.18 series: v1.18.17
[upgrade/versions] Latest version in the v1.18 series: v1.18.17
Components that must be upgraded manually after you have upgraded the control plane with 'kubeadm upgrade apply':
COMPONENT CURRENT AVAILABLE
Kubelet 2 x v1.18.0 v1.18.17
Upgrade to the latest version in the v1.18 series:
COMPONENT CURRENT AVAILABLE
API Server v1.18.0 v1.18.17
Controller Manager v1.18.0 v1.18.17
Scheduler v1.18.0 v1.18.17
Kube Proxy v1.18.0 v1.18.17
CoreDNS 1.6.7 1.6.7
Etcd 3.4.3 3.4.3-0
You can now apply the upgrade by executing the following command:
kubeadm upgrade apply v1.18.17
Note: Before you can perform this upgrade, you have to update kubeadm to v1.18.17.
_____________________________________________________________________
ㅁ We will be upgrading the master node first. Drain the master node of w orkloads and mark it
kubectl drain controlplane --ignore-deamonsets
node/controlplane cordoned
WARNING: ignoring DaemonSet-managed Pods: kube-system/kube-flannel-ds-amd64-6bh67, kube-system/kube-keepalived-vip-d55fx, kube-system/kube-proxy-b9vm4
evicting pod kube-system/coredns-66bff467f8-2qzhx
evicting pod kube-system/coredns-66bff467f8-gczlb
pod/coredns-66bff467f8-gczlb evicted
pod/coredns-66bff467f8-2qzhx evicted
node/controlplane evicted
kubectl get nodes
NAME STATUS ROLES AGE VERSION
controlplane Ready,SchedulingDisabled master 21m v1.18.0
node01 Ready <none> 21m v1.18.0
ㅁ Upgrade the master/controlplane compnents to exact version v1.19.0
Upgrade kubeadm tool (if not already), then the master components, and fnally the kubelet. Practice referring to the kubernetes documentation page. Note: while upgrading kubelet, if you hit dependency issue while running the apt-get upgrade kubelet command, use the apt install kubelet=1.19.0-00 command instead
ㅇ Master Node
1) 먼저 kubeadm upgrade plan을 수행하여 업그레이드 가능 버전 확인
kubeadm upgrade plan1.18.17-00 으로 확인되어 kubeadm 업데이트
2) apt install kubeadm=1.18.17-00 업데이트
apt install kubeadm=1.18.17-00업데이트 후 kubeadm 버전 확인
kubeadm version3) master node의 업데이트
먼저 master node 상태 확인
kubectl get nodes
master node upgrade
kubeadm upgrade apply v1.18.17
kubelet upgrade
apt install kubelet=1.18.17-00
업데이트 여부 확인
kubectl get nodes
4) 정상 상태(Schedulable)로 Controlplane 변경
ㅇ Worker Node Udpate
1) Worker Node 상태 drain 으로 변경
kubectl drain node01 --ignore-daemonsets
2) Worker Node로 접속
ssh node01
3) kubeadm update
kubeadm 버전 확인
kubeadm versionkubeadm upgrade
apt install kubeadm=1.18.17-00
4) worker node kubelet update
apt install kubelet=1.18.17-00
5) Control Plane으로 접속하여 Uncordon 함
kubectl uncordon node01
ㅇ 최종적으로 모두 업데이트 되었는지 확인
kubectl get nodes
kubectl version --short