Add system-upgrade to upgrade-cluster playbook (#10184)
parent
2aafab6c19
commit
77069354cf
|
@ -403,3 +403,16 @@ Please note that **migrating container engines is not officially supported by Ku
|
||||||
As of Kubespray 2.18.0, containerd is already the default container engine. If you have the chance, it is advisable and safer to reset and redeploy the entire cluster with a new container engine.
|
As of Kubespray 2.18.0, containerd is already the default container engine. If you have the chance, it is advisable and safer to reset and redeploy the entire cluster with a new container engine.
|
||||||
|
|
||||||
* [Migrating from Docker to Containerd](upgrades/migrate_docker2containerd.md)
|
* [Migrating from Docker to Containerd](upgrades/migrate_docker2containerd.md)
|
||||||
|
|
||||||
|
## System upgrade
|
||||||
|
|
||||||
|
If you want to upgrade the APT or YUM packages while the nodes are cordoned, you can use:
|
||||||
|
|
||||||
|
```ShellSession
|
||||||
|
ansible-playbook upgrade-cluster.yml -b -i inventory/sample/hosts.ini -e system_upgrade=true
|
||||||
|
```
|
||||||
|
|
||||||
|
Nodes will be rebooted when there are package upgrades (`system_upgrade_reboot: on-upgrade`).
|
||||||
|
This can be changed to `always` or `never`.
|
||||||
|
|
||||||
|
Note: Downloads will happen twice unless `system_upgrade_reboot` is `never`.
|
||||||
|
|
|
@ -84,6 +84,8 @@
|
||||||
roles:
|
roles:
|
||||||
- { role: kubespray-defaults }
|
- { role: kubespray-defaults }
|
||||||
- { role: upgrade/pre-upgrade, tags: pre-upgrade }
|
- { role: upgrade/pre-upgrade, tags: pre-upgrade }
|
||||||
|
- { role: upgrade/system-upgrade, tags: system-upgrade }
|
||||||
|
- { role: download, tags: download, when: "system_upgrade and system_upgrade_reboot != 'never' and not skip_downloads" }
|
||||||
- { role: kubernetes-apps/kubelet-csr-approver, tags: kubelet-csr-approver }
|
- { role: kubernetes-apps/kubelet-csr-approver, tags: kubelet-csr-approver }
|
||||||
- { role: container-engine, tags: "container-engine", when: deploy_container_engine }
|
- { role: container-engine, tags: "container-engine", when: deploy_container_engine }
|
||||||
- { role: kubernetes/node, tags: node }
|
- { role: kubernetes/node, tags: node }
|
||||||
|
@ -116,6 +118,8 @@
|
||||||
roles:
|
roles:
|
||||||
- { role: kubespray-defaults }
|
- { role: kubespray-defaults }
|
||||||
- { role: upgrade/pre-upgrade, tags: pre-upgrade }
|
- { role: upgrade/pre-upgrade, tags: pre-upgrade }
|
||||||
|
- { role: upgrade/system-upgrade, tags: system-upgrade }
|
||||||
|
- { role: download, tags: download, when: "system_upgrade and system_upgrade_reboot != 'never' and not skip_downloads" }
|
||||||
- { role: container-engine, tags: "container-engine", when: deploy_container_engine }
|
- { role: container-engine, tags: "container-engine", when: deploy_container_engine }
|
||||||
- { role: kubernetes/node, tags: node }
|
- { role: kubernetes/node, tags: node }
|
||||||
- { role: kubernetes/kubeadm, tags: kubeadm }
|
- { role: kubernetes/kubeadm, tags: kubeadm }
|
||||||
|
|
|
@ -681,3 +681,6 @@ krew_root_dir: "/usr/local/krew"
|
||||||
|
|
||||||
# sysctl_file_path to add sysctl conf to
|
# sysctl_file_path to add sysctl conf to
|
||||||
sysctl_file_path: "/etc/sysctl.d/99-sysctl.conf"
|
sysctl_file_path: "/etc/sysctl.d/99-sysctl.conf"
|
||||||
|
|
||||||
|
system_upgrade: false
|
||||||
|
system_upgrade_reboot: on-upgrade # never, always
|
||||||
|
|
|
@ -0,0 +1,13 @@
|
||||||
|
---
|
||||||
|
- name: APT Dist-Upgrade
|
||||||
|
apt:
|
||||||
|
upgrade: dist
|
||||||
|
autoremove: true
|
||||||
|
dpkg_options: force-confold,force-confdef
|
||||||
|
register: apt_upgrade
|
||||||
|
|
||||||
|
- name: Reboot after APT Dist-Upgrade # noqa no-handler
|
||||||
|
when:
|
||||||
|
- apt_upgrade.changed or system_upgrade_reboot == 'always'
|
||||||
|
- system_upgrade_reboot != 'never'
|
||||||
|
reboot:
|
|
@ -0,0 +1,17 @@
|
||||||
|
---
|
||||||
|
- name: APT upgrade
|
||||||
|
when:
|
||||||
|
- system_upgrade
|
||||||
|
- ansible_os_family == "Debian"
|
||||||
|
include_tasks: apt.yml
|
||||||
|
tags:
|
||||||
|
- system-upgrade-apt
|
||||||
|
|
||||||
|
- name: YUM upgrade
|
||||||
|
when:
|
||||||
|
- system_upgrade
|
||||||
|
- ansible_os_family == "RedHat"
|
||||||
|
- not is_fedora_coreos
|
||||||
|
include_tasks: yum.yml
|
||||||
|
tags:
|
||||||
|
- system-upgrade-yum
|
|
@ -0,0 +1,12 @@
|
||||||
|
---
|
||||||
|
- name: YUM upgrade all packages # noqa package-latest
|
||||||
|
yum:
|
||||||
|
name: '*'
|
||||||
|
state: latest
|
||||||
|
register: yum_upgrade
|
||||||
|
|
||||||
|
- name: Reboot after YUM upgrade # noqa no-handler
|
||||||
|
when:
|
||||||
|
- yum_upgrade.changed or system_upgrade_reboot == 'always'
|
||||||
|
- system_upgrade_reboot != 'never'
|
||||||
|
reboot:
|
Loading…
Reference in New Issue