mirror of https://github.com/easzlab/kubeasz.git
更新升级集群相关脚本和文档
parent
ecf2ba149c
commit
61d8f032c1
|
@ -1,6 +1,8 @@
|
||||||
# to install docker service
|
# to install docker service
|
||||||
- hosts:
|
- hosts:
|
||||||
- kube-master
|
- kube-master
|
||||||
|
- new-master
|
||||||
- kube-node
|
- kube-node
|
||||||
|
- new-node
|
||||||
roles:
|
roles:
|
||||||
- docker
|
- docker
|
||||||
|
|
|
@ -2,26 +2,14 @@
|
||||||
# Read the guide: 'op/upgrade.md' .
|
# Read the guide: 'op/upgrade.md' .
|
||||||
|
|
||||||
# update kubectl binary
|
# update kubectl binary
|
||||||
- hosts:
|
|
||||||
- kube-master
|
|
||||||
- kube-node
|
|
||||||
- deploy
|
|
||||||
roles:
|
|
||||||
- prepare
|
|
||||||
|
|
||||||
# update etcd
|
|
||||||
- hosts: etcd
|
|
||||||
roles:
|
|
||||||
- etcd
|
|
||||||
|
|
||||||
# update docker binary
|
|
||||||
- hosts:
|
- hosts:
|
||||||
- kube-master
|
- kube-master
|
||||||
- new-master
|
- new-master
|
||||||
- kube-node
|
- kube-node
|
||||||
- new-node
|
- new-node
|
||||||
|
- deploy
|
||||||
roles:
|
roles:
|
||||||
- docker
|
- prepare
|
||||||
|
|
||||||
# update masters
|
# update masters
|
||||||
- hosts:
|
- hosts:
|
||||||
|
|
|
@ -1,13 +1,13 @@
|
||||||
## 升级注意事项
|
## k8s 集群升级
|
||||||
|
|
||||||
集群更新存在一定风险,请谨慎操作。
|
集群升级存在一定风险,请谨慎操作。
|
||||||
|
|
||||||
- 项目分支`master`安装的集群可以在k8s 1.8/1.9/1.10/1.11/1.12 任意小版本、大版本间升级(特别注意如果跨大版本升级需要修改/etc/ansible/hosts文件中的参数K8S_VER)
|
- 项目分支`master`安装的集群可以在k8s 1.8/1.9/1.10/1.11/1.12 任意小版本、大版本间升级(特别注意如果跨大版本升级需要修改/etc/ansible/hosts文件中的参数K8S_VER)
|
||||||
- 项目分支`closed`(已停止更新)安装的集群目前只能进行小版本1.8.x的升级
|
- 项目分支`closed`(已停止更新)安装的集群目前只能进行小版本1.8.x的升级
|
||||||
|
|
||||||
### 备份etcd数据
|
### 备份etcd数据
|
||||||
|
|
||||||
- 升级前手动对 etcd数据做镜像备份,在任意 etcd节点上执行:
|
- 升级前对 etcd数据做备份,在任意 etcd节点上执行:
|
||||||
|
|
||||||
``` bash
|
``` bash
|
||||||
# snapshot备份
|
# snapshot备份
|
||||||
|
@ -17,18 +17,31 @@ $ ETCDCTL_API=3 etcdctl --write-out=table snapshot status backup.db
|
||||||
```
|
```
|
||||||
- `kubeasz`项目也可以方便执行 `ansible-playbook /etc/ansible/23.backup.yml`,详情阅读文档[备份恢复](cluster_restore.md)
|
- `kubeasz`项目也可以方便执行 `ansible-playbook /etc/ansible/23.backup.yml`,详情阅读文档[备份恢复](cluster_restore.md)
|
||||||
|
|
||||||
### 升级步骤
|
### 快速k8s版本升级
|
||||||
|
|
||||||
- 1.下载新的二进制解压并替换 `/etc/ansible/bin/` 目录下文件
|
快速升级是指只升级`k8s`版本,比较常见如`Bug修复` `重要特性发布`时使用。
|
||||||
|
|
||||||
- 2a.如果不需要升级 docker版本:执行 `ansible-playbook -t upgrade_k8s 22.upgrade.yml` 即可完成k8s 升级,不会中断业务应用
|
- 首先去官网release下载待升级的k8s版本,例如`https://dl.k8s.io/v1.11.5/kubernetes-server-linux-amd64.tar.gz`
|
||||||
- 注:建议使用稳定版本 docker
|
- 解压下载的tar.gz文件,找到如下`kube*`开头的二进制,复制替换deploy节点目录`/etc/ansible/bin`对应文件
|
||||||
|
- kube-apiserver
|
||||||
|
- kube-controller-manager
|
||||||
|
- kubectl
|
||||||
|
- kubelet
|
||||||
|
- kube-proxy
|
||||||
|
- kube-scheduler
|
||||||
|
- 在deploy节点执行`ansible-playbook -t upgrade_k8s 22.upgrade.yml`即可完成k8s 升级,不会中断业务应用
|
||||||
|
|
||||||
- 2b.如果可以接受短暂业务中断,执行 `ansible-playbook -t upgrade_k8s,upgrade_docker 22.upgrade.yml` 即可升级 k8s和 docker(如果有新的docker二进制)
|
### 其他升级说明
|
||||||
|
|
||||||
- 2c.如果要求零中断升级 k8s和 docker
|
其他升级是指升级k8s组件包括:`etcd版本` `docker版本`,一般不需要用到,以下仅作说明。
|
||||||
- i 执行 `ansible-playbook -t upgrade_k8s,download_docker 22.upgrade.yml` (该步骤不会影响k8s上的业务应用)
|
|
||||||
- ii 逐个升级重启每个node节点的dockerd服务
|
- 1.下载所有组件相关新的二进制解压并替换 `/etc/ansible/bin/` 目录下文件
|
||||||
- 待重启节点,先应用`kubectl cordon`和`kubectl drain`命令迁移业务pod
|
|
||||||
- 待重启节点执行 `systemctl restart docker`
|
- 2.升级 etcd: `ansible-playbook -t upgrade_etcd 02.etcd.yml`
|
||||||
|
|
||||||
|
- 3.升级 docker (建议使用k8s官方支持的docker稳定版本)
|
||||||
|
- 如果可以接受短暂业务中断,执行 `ansible-playbook -t upgrade_docker 03.docker.yml`
|
||||||
|
- 如果要求零中断升级,执行 `ansible-playbook -t download_docker 03.docker.yml`,然后手动执行如下
|
||||||
|
- 待升级节点,先应用`kubectl cordon`和`kubectl drain`命令迁移业务pod
|
||||||
|
- 待升级节点执行 `systemctl restart docker`
|
||||||
- 恢复节点可调度 `kubectl uncordon`
|
- 恢复节点可调度 `kubectl uncordon`
|
||||||
|
|
|
@ -3,7 +3,7 @@
|
||||||
with_items:
|
with_items:
|
||||||
- etcd
|
- etcd
|
||||||
- etcdctl
|
- etcdctl
|
||||||
tags: upgrade_k8s
|
tags: upgrade_etcd
|
||||||
|
|
||||||
- name: 创建etcd证书目录
|
- name: 创建etcd证书目录
|
||||||
file: name=/etc/etcd/ssl state=directory
|
file: name=/etc/etcd/ssl state=directory
|
||||||
|
@ -31,6 +31,7 @@
|
||||||
|
|
||||||
- name: 创建etcd的systemd unit文件
|
- name: 创建etcd的systemd unit文件
|
||||||
template: src=etcd.service.j2 dest=/etc/systemd/system/etcd.service
|
template: src=etcd.service.j2 dest=/etc/systemd/system/etcd.service
|
||||||
|
tags: upgrade_etcd
|
||||||
|
|
||||||
- name: 开机启用etcd服务
|
- name: 开机启用etcd服务
|
||||||
shell: systemctl enable etcd
|
shell: systemctl enable etcd
|
||||||
|
@ -38,4 +39,4 @@
|
||||||
|
|
||||||
- name: 开启etcd服务
|
- name: 开启etcd服务
|
||||||
shell: systemctl daemon-reload && systemctl restart etcd
|
shell: systemctl daemon-reload && systemctl restart etcd
|
||||||
tags: upgrade_k8s
|
tags: upgrade_etcd
|
||||||
|
|
|
@ -12,13 +12,15 @@
|
||||||
- "{{ ca_dir }}"
|
- "{{ ca_dir }}"
|
||||||
- /root/.kube
|
- /root/.kube
|
||||||
|
|
||||||
- name: 下载证书工具 CFSSL和 kubectl
|
- name: 分发证书工具 CFSSL
|
||||||
copy: src={{ base_dir }}/bin/{{ item }} dest={{ bin_dir }}/{{ item }} mode=0755
|
copy: src={{ base_dir }}/bin/{{ item }} dest={{ bin_dir }}/{{ item }} mode=0755
|
||||||
with_items:
|
with_items:
|
||||||
- cfssl
|
- cfssl
|
||||||
- cfssl-certinfo
|
- cfssl-certinfo
|
||||||
- cfssljson
|
- cfssljson
|
||||||
- kubectl
|
|
||||||
|
- name: 分发 kubectl
|
||||||
|
copy: src={{ base_dir }}/bin/kubectl dest={{ bin_dir }}/kubectl mode=0755
|
||||||
tags: upgrade_k8s
|
tags: upgrade_k8s
|
||||||
|
|
||||||
- name: 分发 kubeconfig配置文件
|
- name: 分发 kubeconfig配置文件
|
||||||
|
|
Loading…
Reference in New Issue