kubernetes基础-集群从 1.20 升级到 1.22

 1
 2
 3
 4
 5
 6
 7
 8
 9
10
11
12
13

mkdir etcd-backup
cd etcd-backup

etcdctl --cacert=/etc/kubernetes/pki/etcd/ca.crt --cert=/etc/kubernetes/pki/etcd/peer.crt --key=/etc/kubernetes/pki/etcd/peer.key   --endpoints=192.168.21.120:2379 snapshot save `hostname`-etcd_`date +%Y%m%d%H%M`.db

1.120:2379 snapshot save ./`hostname`-etcd_`date +%Y%m%d%H%M`.db
{"level":"info","ts":1676356145.779007,"caller":"snapshot/v3_snapshot.go:119","msg":"created temporary db file","path":"./ops-k8s-node1-etcd_202302141429.db.part"}
{"level":"info","ts":"2023-02-14T14:29:05.803+0800","caller":"clientv3/maintenance.go:200","msg":"opened snapshot stream; downloading"}
{"level":"info","ts":1676356145.8043346,"caller":"snapshot/v3_snapshot.go:127","msg":"fetching snapshot","endpoint":"192.168.21.120:2379"}
{"level":"info","ts":"2023-02-14T14:29:08.291+0800","caller":"clientv3/maintenance.go:208","msg":"completed snapshot read; closing"}
{"level":"info","ts":1676356148.3410313,"caller":"snapshot/v3_snapshot.go:142","msg":"fetched snapshot","endpoint":"192.168.21.120:2379","size":"75 MB","took":2.561458458}
{"level":"info","ts":1676356148.3413002,"caller":"snapshot/v3_snapshot.go:152","msg":"saved","path":"./ops-k8s-node1-etcd_202302141429.db"}
Snapshot saved at ./ops-k8s-node1-etcd_202302141429.db

1
2
3
4
5
6
7

 etcdctl snapshot status master01-202209081433.db --write-out=table
 
+----------+----------+------------+------------+
|   HASH   | REVISION | TOTAL KEYS | TOTAL SIZE |
+----------+----------+------------+------------+
| 7806a3e5 | 57960523 |       3486 |      75 MB |
+----------+----------+------------+------------+

 1
 2
 3
 4
 5
 6
 7
 8
 9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27

[root@k8s-master-73 ~]# kubectl get cm -o yaml -n kube-system kubeadm-config > kubeadm_config.yaml

# 我们只需要拿到 configmap 里面 data.ClusterConfiguration 字段下的配置信息
apiServer:
  extraArgs:
    authorization-mode: Node,RBAC
  timeoutForControlPlane: 4m0s
apiVersion: kubeadm.k8s.io/v1beta2
certificatesDir: /etc/kubernetes/pki
clusterName: kubernetes
controlPlaneEndpoint: 192.168.21.120:6444
controllerManager:
  extraArgs:
    node-cidr-mask-size: "25"
dns:
  type: CoreDNS
etcd:
  local:
    dataDir: /var/lib/etcd
imageRepository: registry.aliyuncs.com/google_containers
kind: ClusterConfiguration
kubernetesVersion: v1.21.14
networking:
  dnsDomain: cluster.local
  podSubnet: 10.224.0.0/16
  serviceSubnet: 10.96.0.0/12
scheduler: {}

1
2
3
4

yum install kubeadm-1.21.14 -y

# 升级到 1.22.17
# yum install kubeadm-1.22.17 -y

1
2
3
4

kubeadm upgrade diff v1.21.14 --config kubeadm_config.yaml

# 升级到 1.22.17
# kubeadm upgrade diff v1.22.17 --config kubeadm_config.yaml

1
2
3
4
5
6
7

kubeadm upgrade apply v1.21.14 --config kubeadm_config.yaml --dry-run

# 升级到 1.22.17
# kubeadm upgrade apply v1.22.17 --config kubeadm_config.yaml --dry-run

# 最后输出这个代表没什么大问题
[dryrun] Finished dryrunning successfully!

1
2
3

kubectl drain ops-k8s-node1 --ignore-daemonsets
# 如果有pod没被控制器管理，可能会提示 --force 删除
# 如果有挂载空目录可能需要加这个参数 --delete-emptydir-data

 1
 2
 3
 4
 5
 6
 7
 8
 9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44

kubeadm upgrade plan --config kubeadm_config.yaml

[upgrade/config] Making sure the configuration is correct:
[upgrade/config] Reading configuration from the cluster...
[upgrade/config] FYI: You can look at this config file with 'kubectl -n kube-system get cm kubeadm-config -o yaml'
[preflight] Running pre-flight checks.
[upgrade] Running cluster health checks
[upgrade] Fetching available versions to upgrade to
[upgrade/versions] Cluster version: v1.20.15
[upgrade/versions] kubeadm version: v1.21.14
I0214 15:10:24.774241   15892 version.go:254] remote version is much newer: v1.26.1; falling back to: stable-1.21
[upgrade/versions] Target version: v1.21.14
[upgrade/versions] Latest version in the v1.20 series: v1.20.15

Components that must be upgraded manually after you have upgraded the control plane with 'kubeadm upgrade apply':
COMPONENT   CURRENT        TARGET
kubelet     4 x v1.20.15   v1.21.14

Upgrade to the latest stable version:

COMPONENT                 CURRENT    TARGET
kube-apiserver            v1.20.15   v1.21.14
kube-controller-manager   v1.20.15   v1.21.14
kube-scheduler            v1.20.15   v1.21.14
kube-proxy                v1.20.15   v1.21.14
CoreDNS                   1.7.0      v1.8.0
etcd                      3.4.13-0   3.4.13-0

You can now apply the upgrade by executing the following command:

        kubeadm upgrade apply v1.21.14

_____________________________________________________________________


The table below shows the current state of component configs as understood by this version of kubeadm.
Configs that have a "yes" mark in the "MANUAL UPGRADE REQUIRED" column require manual config upgrade or
resetting to kubeadm defaults before a successful upgrade can be performed. The version to manually
upgrade to is denoted in the "PREFERRED VERSION" column.

API GROUP                 CURRENT VERSION   PREFERRED VERSION   MANUAL UPGRADE REQUIRED
kubeproxy.config.k8s.io   v1alpha1          v1alpha1            no
kubelet.config.k8s.io     v1beta1           v1beta1             no
_____________________________________________________________________

 1
 2
 3
 4
 5
 6
 7
 8
 9
10
11
12
13
14

kubeadm upgrade apply v1.21.14 --config kubeadm_config.yaml
# 需要根据提示按 y 确认
# worker 节点 只需要知悉 kubeadm upgrade node

# 升级到 1.22.17
# kubeadm upgrade apply v1.22.17 --config kubeadm_config.yaml
......
[addons] Applied essential addon: CoreDNS
[endpoint] WARNING: port specified in controlPlaneEndpoint overrides bindPort in the controlplane address
[addons] Applied essential addon: kube-proxy

[upgrade/successful] SUCCESS! Your cluster was upgraded to "v1.21.14". Enjoy!

[upgrade/kubelet] Now that your control plane is upgraded, please proceed with upgrading your kubelets if you haven't already done so.

1
2
3
4
5
6
7
8

yum install -y kubelet-1.21.14 kubectl-1.21.14 --disableexcludes=kubernetes

# 升级到 1.22.17
# yum install -y kubelet-1.22.17 kubectl-1.22.17 --disableexcludes=kubernetes

sudo systemctl daemon-reload
sudo systemctl restart kubelet
# 可能会出现重启kubelet后pod一直pending，重启多一次kubelet

1
2
3
4

yum install kubeadm-1.21.14 -y

# 升级到 1.22.17
# yum install kubeadm-1.22.17 -y

1
2
3

kubectl drain ops-k8s-node4 --ignore-daemonsets
# 如果有pod没被控制器管理，可能会提示 --force 删除
# 如果有挂载空目录可能需要加这个参数 --delete-emptydir-data

 1
 2
 3
 4
 5
 6
 7
 8
 9
10

kubeadm upgrade node

[upgrade] Reading configuration from the cluster...
[upgrade] FYI: You can look at this config file with 'kubectl -n kube-system get cm kubeadm-config -o yaml'
[preflight] Running pre-flight checks
[preflight] Skipping prepull. Not a control plane node.
[upgrade] Skipping phase. Not a control plane node.
[kubelet-start] Writing kubelet configuration to file "/var/lib/kubelet/config.yaml"
[upgrade] The configuration for this node was successfully updated!
[upgrade] Now you should go ahead and upgrade the kubelet package using your package manager.

1
2
3
4
5
6
7
8

yum install -y kubelet-1.21.14 kubectl-1.21.14 --disableexcludes=kubernetes

# 升级到 1.22.17
# yum install -y kubelet-1.22.17 kubectl-1.22.17 --disableexcludes=kubernetes

sudo systemctl daemon-reload
sudo systemctl restart kubelet
# 可能会出现重启kubelet后pod一直pending，重启多一次kubelet