K8s集群的升级
root@node22 ~]# kubeadm upgrade apply v1.24.4 --etcd-upgrade=false升级并且不升级etcd。安装从官网下载的cri插件rpm包。先将镜像上传到私有仓库再进行此步。2. 配置cri-docker。1.清除其他主机之前的配置。3. 安装kubeadm。2.升级kubelet。1.删除之前版本数据。
方法一:
- 安装cri-docker(升级的版本是1.24一下的不需要此插件)
[root@node22 ~]# yum install -y cri-dockerd-0.2.5-3.el7.x86_64.rpm
安装从官网下载的cri插件rpm包
[root@node33 ~]# yum install cri-dockerd-0.2.5-3.el7.x86_64.rpm[root@node44 ~]# yum install cri-dockerd-0.2.5-3.el7.x86_64.rpm
2. 配置cri-docker
先将镜像上传到私有仓库再进行此步
[root@node22 ~]# vim /usr/lib/systemd/system/cri-docker.service
[Service]
Type=notify
ExecStart=/usr/bin/cri-dockerd --container-runtime-endpoint fd:// --network-plugin=cni --pod-infra-container-image=reg.westos.org/k8s/pause:3.7
[root@node22 ~]# systemctl daemon-reload
[root@node22 ~]# systemctl enable --now cri-docker
Created symlink from
/etc/systemd/system/multi-user.target.wants/cri-docker.service to
/usr/lib/systemd/system/cri-docker.service.
[root@node33 ~]# vim /usr/lib/systemd/system/cri-docker.service
[root@node33 ~]# systemctl daemon-reload
[root@node33 ~]# systemctl enable --now cri-docker
Created symlink from
/etc/systemd/system/multi-user.target.wants/cri-docker.service to
/usr/lib/systemd/system/cri-docker.service.
[root@node44 ~]# vim /usr/lib/systemd/system/cri-docker.service
[root@node44 ~]# systemctl daemon-reload
[root@node44 ~]# systemctl enable --now cri-docker
Created symlink from
/etc/systemd/system/multi-user.target.wants/cri-docker.service to
/usr/lib/systemd/system/cri-docker.service.
3. 安装kubeadm
yum install -y kubeadm-1.24.4-0
[root@node22 ~]# systemctl daemon-reload
[root@node22 ~]# systemctl restart kubelet
systemctl enable --now kubelet
4.执行升级
kubeadm upgrade plan
[root@node22 ~]# kubeadm upgrade apply v1.24.4 --etcd-upgrade=false升级并且不升级etcd
5.腾空节点
[root@node22 ~]# kubectl drain node22 --ignore-daemonsets
node/node22 cordoned
WARNING: ignoring DaemonSet-managed Pods: kube-flannel/kube-flannel-ds-g5vsg, kube-system/kube-proxy-qnzxf, metallb-system/speaker-jkh2b
evicting pod kube-system/coredns-7b56f6bc55-g458w
evicting pod kube-system/coredns-7b56f6bc55-2pwnh
pod/coredns-7b56f6bc55-g458w evicted
pod/coredns-7b56f6bc55-2pwnh evicted
yum install -y kubectl-1.24.4-0 kubelet-1.24.4-0
6.[root@node22 ~]# vim /var/lib/kubelet/kubeadm-flags.env
KUBELET_KUBEADM_ARGS="--container-runtime=remote --container-runtime-endpoint=unix:///var/run/cri-dockerd.sock --pod-infra-container-image=reg.westos.org/k8s/pause:3.7"
[root@node22 ~]# systemctl daemon-reload
[root@node22 ~]# systemctl restart kubelet
7.解除节点保护
[root@node22 ~]# kubectl uncordon node22
node/node22 uncordoned
方法二:
方法二:
1.删除之前版本数据
[root@node22 ~]# kubeadm reset
[root@node22 ~]# iptables -F -t nat
[root@node22 ~]# iptables -F
[root@node22 ~]# ipvsadm -C
[root@node22 ~]# ipvsadm -ln
IP Virtual Server version 1.2.1 (size=4096)
Prot LocalAddress:Port Scheduler Flags
-> RemoteAddress:Port Forward Weight ActiveConn InActConn
[root@node22 ~]# kubeadm reset
--cri-socket=unix:///var/run/cri-dockerd.sock
[root@node22 ~]# ipvsadm -C
[root@node22 ~]# iptables -F
[root@node22 ~]# iptables -F
[root@node22 ~]# iptables -F -t nat
2.初始化集群
kubeadm init --pod-network-cidr=10.244.0.0/16
--image-repository=reg.westos.org/k8s --cri-socket=unix:///var/run/cri-dockerd.sock
[root@node22 ~]# kubectl get node
NAME STATUS ROLES AGE VERSION
node22 Ready control-plane 57s v1.24.4
3.部署网络插件
[root@node22 ~]# vim kube-flannel.yml
[root@node22 ~]# kubectl apply -f kube-flannel.yml
namespace/kube-flannel created
clusterrole.rbac.authorization.k8s.io/flannel created
clusterrolebinding.rbac.authorization.k8s.io/flannel created
serviceaccount/flannel created
configmap/kube-flannel-cfg created
daemonset.apps/kube-flannel-ds created
[root@node22 ~]# kubectl get pod -A
NAMESPACE NAME READY STATUS RESTARTS AGE
kube-flannel kube-flannel-ds-4hh8t 1/1 Running 0 56s
kube-system coredns-7555f94cb5-f2pff 1/1 Running 0 3m54s
kube-system coredns-7555f94cb5-ht7sf 1/1 Running 0 3m54s
kube-system etcd-node22 1/1 Running 0 4m8s
kube-system kube-apiserver-node22 1/1 Running 0 4m8s
kube-system kube-controller-manager-node22 1/1 Running 0 4m9s
kube-system kube-proxy-jnmhh 1/1 Running 0 3m54s
kube-system kube-scheduler-node22 1/1 Running 0 4m8s
1.清除其他主机之前的配置
[root@node33 ~]# kubeadm reset
[root@node44 ~]# kubeadm reset
[root@node33 ~]# iptables -F
[root@node33 ~]# iptables -F -t nat
[root@node33 ~]# ipvsadm -C
[root@node44 ~]# iptables -F
[root@node44 ~]# iptables -F -t nat
[root@node44 ~]# ipvsadm -C
2.升级kubelet
[root@node33 ~]# yum install -y kubeadm-1.24.4-0 kubelet-1.24.4-0 kubectl-1.24.4-0
[root@node44 ~]# yum install -y kubeadm-1.24.4-0 kubelet-1.24.4-0 kubectl-1.24.4-0
3.
[root@node33 ~]# kubeadm join 192.168.0.22:6443 --token 3dpt4s.fzeqt2zeqton80rv --discovery-token-ca-cert-hash sha256:6067f1a4ddac1428a4789dc020fbecd102e9d5cb3b568062e11b4e9dc11259d2 --cri-socket=unix:///var/run/cri-dockerd.sock
[root@node44 ~]# kubeadm join 192.168.0.22:6443 --token 3dpt4s.fzeqt2zeqton80rv --discovery-token-ca-cert-hash sha256:6067f1a4ddac1428a4789dc020fbecd102e9d5cb3b568062e11b4e9dc11259d2 --cri-socket=unix:///var/run/cri-dockerd.sock
[root@node22 ~]# kubectl get node
NAME STATUS ROLES AGE VERSION
node22 Ready control-plane 41m v1.24.4
node33 Ready <none> 18s v1.24.4
node44 Ready <none> 20s v1.24.4
[root@node22 ~]# kubectl get pod -A
NAMESPACE NAME READY STATUS RESTARTS AGE
kube-flannel kube-flannel-ds-4hh8t 1/1 Running 0 39m
kube-flannel kube-flannel-ds-p5wxp 1/1 Running 0 115s
kube-flannel kube-flannel-ds-qkvpt 1/1 Running 0 113s
kube-system coredns-7555f94cb5-f2pff 1/1 Running 0 42m
kube-system coredns-7555f94cb5-ht7sf 1/1 Running 0 42m
kube-system etcd-node22 1/1 Running 0 43m
kube-system kube-apiserver-node22 1/1 Running 0 43m
kube-system kube-controller-manager-node22 1/1 Running 0 43m
kube-system kube-proxy-2dfrx 1/1 Running 0 113s
kube-system kube-proxy-6vxxp 1/1 Running 0 115s
kube-system kube-proxy-jnmhh 1/1 Running 0 42m
kube-system kube-scheduler-node22 1/1 Running 0 43m
k8s从1.24升级到1.25:
1.升级
[root@node22 ~]# yum install -y kubeadm-1.25.0
[root@node33 ~]# yum install -y kubeadm-1.25.0
[root@node44 ~]# yum install -y kubeadm-1.25.0
2.拉取镜像
[root@node22 ~]# kubeadm config images pull --image-repository registry.aliyuncs.com/google_containers --cri-socket=unix:///var/run/cri-dockerd.sock
[root@node22 ~]# docker images | grep google | awk '{print $1":"$2}' | awk -F/ '{system("docker tag "$0" reg.westos.org/k8s/"$3"")}'
[root@node22 ~]# docker push reg.westos.org/k8s/kube-apiserver:v1.25.0
[root@node22 ~]# docker push reg.westos.org/k8s/kube-scheduler:v1.25.0
[root@node22 ~]# docker push reg.westos.org/k8s/kube-controller-manager:v1.25.0
[root@node22 ~]# docker push reg.westos.org/k8s/kube-proxy:v1.25.0
[root@node22 ~]# docker push reg.westos.org/k8s/pause:3.8
[root@node22 ~]# docker push reg.westos.org/k8s/etcd:3.5.4-0
[root@node22 ~]# docker push reg.westos.org/k8s/coredns:v1.9.3
3.执行升级
[root@node22 ~]# kubeadm upgrade apply v1.25.0
[root@node22 ~]# kubeadm version
kubeadm version: &version.Info{Major:"1", Minor:"25", GitVersion:"v1.25.0", GitCommit:"a866cbe2e5bbaa01cfd5e969aa3e033f3282a8a2", GitTreeState:"clean", BuildDate:"2022-08-23T17:43:25Z", GoVersion:"go1.19", Compiler:"gc", Platform:"linux/amd64"}
[root@node33 ~]# kubeadm upgrade node
[root@node44 ~]# kubeadm upgrade node
4.腾空节点
[root@node22 ~]# kubectl drain node22 --ignore-daemonsets
node/node22 cordoned
WARNING: ignoring DaemonSet-managed Pods: kube-flannel/kube-flannel-ds-4hh8t, kube-system/kube-proxy-nqx9m
evicting pod kube-system/coredns-7555f94cb5-f2pff
pod/coredns-7555f94cb5-f2pff evicted
node/node22 drained
[root@node22 ~]# kubectl get node
NAME STATUS ROLES AGE VERSION
node22 Ready,SchedulingDisabled control-plane 91m v1.24.4
node33 Ready <none> 50m v1.24.4
node44 Ready <none> 50m v1.24.4
[root@node22 ~]# kubectl drain node33 --ignore-daemonsets
[root@node22 ~]# kubectl drain node44 --ignore-daemonsets
5.升级
[root@node22 ~]# yum install -y kubelet-1.25.0-0 kubectl-1.25.0-0
[root@node33 ~]# yum install -y kubelet-1.25.0-0 kubectl-1.25.0-0
[root@node44 ~]# yum install -y kubelet-1.25.0-0 kubectl-1.25.0-0
[root@node22 ~]# systemctl daemon-reload
[root@node22 ~]# systemctl restart kubelet.service
[root@node33 ~]# systemctl daemon-reload
[root@node33 ~]# systemctl restart kubelet.service
[root@node44 ~]# systemctl daemon-reload
[root@node44 ~]# systemctl restart kubelet.service
6.解除节点保护
[root@node22 ~]# kubectl uncordon node22
node/node22 uncordoned
[root@node22 ~]# kubectl get node
NAME STATUS ROLES AGE VERSION
node22 Ready control-plane 3h18m v1.25.0
node33 Ready <none> 157m v1.24.4
node44 Ready <none> 157m v1.24.4
[root@node22 ~]# kubectl uncordon node33
[root@node22 ~]# kubectl uncordon node44
更多推荐
所有评论(0)