Documents: v1-18. The docs. Kubernetes. IO/useful/docs/tas…
1. Upgrade the master node
1. View the version list
yum list --showduplicates kubeadm --disableexcludes=kubernetes
Copy the code
Download the new version of Kubeadm
[root@master ~]# yum install -y kubeadm-1.20.2 -- DisableExcludes =kubernetes # check kubeadm version [root@master ~]# kubeadm version kubeadm version: & Version. The Info {Major: "1", Minor: "20", GitVersion: "v1.20.2 GitCommit:" faecb196815e248d3ecfb03c680a4507229c2a56." GitTreeState:"clean", BuildDate:" 2021-01-13T13:25:59z ", GoVersion:" GO1.15.5 ", Compiler:" GC ", Platform:" Linux/AMD64 "}Copy the code
3. Empty the upgrade server node
[root@master ~]# kubectl drain master --ignore-daemonsets
node/master cordoned
WARNING: ignoring DaemonSet-managed Pods: kube-system/calico-node-rdqxb, kube-system/kube-proxy-78lws
Copy the code
4. Verify the upgrade plan
[root@master ~]# kubeadm upgrade plan [upgrade/config] Making sure the configuration is correct: [upgrade/config] Reading configuration from the cluster... [upgrade/config] FYI: You can look at this config file with 'kubectl -n kube-system get cm kubeadm-config -o yaml' [preflight] Running pre-flight checks. [upgrade] Running cluster health checks [upgrade] Fetching available versions to upgrade to [Upgrade /versions] Cluster version: v1.19.8 [upgrade/versions] kubeadm version: V1.20.2 [upgrade/versions] Latest Stable Version: V1.20.4 [upgrade/versions] Latest Stable Version: V1.20.4 [Upgrade /versions] Latest version in the V1.19 Series: V1.19.8 [Upgrade /versions] Latest version in the V1.19 Series: V1.19.8 Components that must be upgraded manually after you have upgraded the control plane with 'kubeadm upgrade Apply ': COMPONENT CURRENT AVAILABLE kubelet 2 x v1.19.8 v1.20.4 Upgrade to the latest stable version: COMPONENT CURRENT AVAILABLE kube-Apiserver v1.19.8 v1.20.4 kube-controller-Manager v1.19.8 v1.20.4 kube-scheduler V1.19.8 v1.20.4 kube-proxy v1.19.8 v1.20.4 CoreDNS 1.7.0 1.7.0 ETCD 3.4.13-0 3.4.13-0 You can now apply the upgrade by Executing the following command: kubeadm upgrade apply v1.20.4 Note: Before you can perform this upgrade, You have to update kubeadm to v1.20.4. _____________________________________________________________________ The table below shows the current state of component configs as understood by this version of kubeadm. Configs that have a "yes" mark in the "MANUAL UPGRADE REQUIRED" column require manual config upgrade or resetting to kubeadm defaults before a successful upgrade can be performed. The version to manually upgrade to is denoted in the "PREFERRED VERSION" column. API GROUP CURRENT VERSION PREFERRED VERSION MANUAL UPGRADE REQUIRED kubeproxy.config.k8s.io v1alpha1 v1alpha1 no kubelet.config.k8s.io v1beta1 v1beta1 no _____________________________________________________________________Copy the code
5. Select the target version to upgrade to
Execute kubeadm upgrade node if it is not the first master to upgrade
Only the master of the first upgrade performs the kubeadm upgrade apply operation
[root@master ~]# kubeadm upgrade apply v1.20.2
[upgrade/config] Making sure the configuration is correct:
[upgrade/config] Reading configuration from the cluster...
[upgrade/config] FYI: You can look at this config file with 'kubectl -n kube-system get cm kubeadm-config -o yaml'
[preflight] Running pre-flight checks.
[upgrade] Running cluster health checks
[upgrade/version] You have chosen to change the cluster version to "v1.20.2"
[upgrade/versions] Cluster version: v1.19.8
[upgrade/versions] kubeadm version: v1.20.2
[upgrade/confirm] Are you sure you want to proceed with the upgrade? [y/N]: y
[upgrade/prepull] Pulling images required for setting up a Kubernetes cluster
[upgrade/prepull] This might take a minute or two, depending on the speed of your internet connection
[upgrade/prepull] You can also perform this action in beforehand using 'kubeadm config images pull'
[upgrade/apply] Upgrading your Static Pod-hosted control plane to version "v1.20.2"...
Static pod: kube-apiserver-master hash: 719a832e897de592e91b599477986810
Static pod: kube-controller-manager-master hash: 4331a0b9c79c549b926db152caaa327d
Static pod: kube-scheduler-master hash: 6dbdba13d86ee08fe701bc482cc2c039
[upgrade/etcd] Upgrading to TLS for etcd
Static pod: etcd-master hash: ae851f5ba1b074f38b4de05cb1aadcd4
[upgrade/staticpods] Preparing for "etcd" upgrade
[upgrade/staticpods] Renewing etcd-server certificate
[upgrade/staticpods] Renewing etcd-peer certificate
[upgrade/staticpods] Renewing etcd-healthcheck-client certificate
[upgrade/staticpods] Moved new manifest to "/etc/kubernetes/manifests/etcd.yaml" and backed up old manifest to "/etc/kubernetes/tmp/kubeadm-backup-manifests-2021-02-27-16-28-09/etcd.yaml"
[upgrade/staticpods] Waiting for the kubelet to restart the component
[upgrade/staticpods] This might take a minute or longer depending on the component/version gap (timeout 5m0s)
Static pod: etcd-master hash: ae851f5ba1b074f38b4de05cb1aadcd4
Static pod: etcd-master hash: ae851f5ba1b074f38b4de05cb1aadcd4
Static pod: etcd-master hash: 3c6eed0df938b588a1cbefd450e3bcbd
[apiclient] Found 1 Pods for label selector component=etcd
[upgrade/staticpods] Component "etcd" upgraded successfully!
[upgrade/etcd] Waiting for etcd to become available
[upgrade/staticpods] Writing new Static Pod manifests to "/etc/kubernetes/tmp/kubeadm-upgraded-manifests520412682"
[upgrade/staticpods] Preparing for "kube-apiserver" upgrade
[upgrade/staticpods] Renewing apiserver certificate
[upgrade/staticpods] Renewing apiserver-kubelet-client certificate
[upgrade/staticpods] Renewing front-proxy-client certificate
[upgrade/staticpods] Renewing apiserver-etcd-client certificate
[upgrade/staticpods] Moved new manifest to "/etc/kubernetes/manifests/kube-apiserver.yaml" and backed up old manifest to "/etc/kubernetes/tmp/kubeadm-backup-manifests-2021-02-27-16-28-09/kube-apiserver.yaml"
[upgrade/staticpods] Waiting for the kubelet to restart the component
[upgrade/staticpods] This might take a minute or longer depending on the component/version gap (timeout 5m0s)
Static pod: kube-apiserver-master hash: 719a832e897de592e91b599477986810
Static pod: kube-apiserver-master hash: 719a832e897de592e91b599477986810
Static pod: kube-apiserver-master hash: d07bc053b450ce24a8c1085f6d68d40d
[apiclient] Found 1 Pods for label selector component=kube-apiserver
[upgrade/staticpods] Component "kube-apiserver" upgraded successfully!
[upgrade/staticpods] Preparing for "kube-controller-manager" upgrade
[upgrade/staticpods] Renewing controller-manager.conf certificate
[upgrade/staticpods] Moved new manifest to "/etc/kubernetes/manifests/kube-controller-manager.yaml" and backed up old manifest to "/etc/kubernetes/tmp/kubeadm-backup-manifests-2021-02-27-16-28-09/kube-controller-manager.yaml"
[upgrade/staticpods] Waiting for the kubelet to restart the component
[upgrade/staticpods] This might take a minute or longer depending on the component/version gap (timeout 5m0s)
Static pod: kube-controller-manager-master hash: 4331a0b9c79c549b926db152caaa327d
Static pod: kube-controller-manager-master hash: 4331a0b9c79c549b926db152caaa327d
Static pod: kube-controller-manager-master hash: 4331a0b9c79c549b926db152caaa327d
Static pod: kube-controller-manager-master hash: 4331a0b9c79c549b926db152caaa327d
Static pod: kube-controller-manager-master hash: 4331a0b9c79c549b926db152caaa327d
Static pod: kube-controller-manager-master hash: 4331a0b9c79c549b926db152caaa327d
Static pod: kube-controller-manager-master hash: 4331a0b9c79c549b926db152caaa327d
Static pod: kube-controller-manager-master hash: 4331a0b9c79c549b926db152caaa327d
Static pod: kube-controller-manager-master hash: 4331a0b9c79c549b926db152caaa327d
Static pod: kube-controller-manager-master hash: 4331a0b9c79c549b926db152caaa327d
Static pod: kube-controller-manager-master hash: 4331a0b9c79c549b926db152caaa327d
Static pod: kube-controller-manager-master hash: 4331a0b9c79c549b926db152caaa327d
Static pod: kube-controller-manager-master hash: 4331a0b9c79c549b926db152caaa327d
Static pod: kube-controller-manager-master hash: 4331a0b9c79c549b926db152caaa327d
Static pod: kube-controller-manager-master hash: 4331a0b9c79c549b926db152caaa327d
Static pod: kube-controller-manager-master hash: 4331a0b9c79c549b926db152caaa327d
Static pod: kube-controller-manager-master hash: 4331a0b9c79c549b926db152caaa327d
Static pod: kube-controller-manager-master hash: 4331a0b9c79c549b926db152caaa327d
Static pod: kube-controller-manager-master hash: 4331a0b9c79c549b926db152caaa327d
Static pod: kube-controller-manager-master hash: 4331a0b9c79c549b926db152caaa327d
Static pod: kube-controller-manager-master hash: 4331a0b9c79c549b926db152caaa327d
Static pod: kube-controller-manager-master hash: 4331a0b9c79c549b926db152caaa327d
Static pod: kube-controller-manager-master hash: 4331a0b9c79c549b926db152caaa327d
Static pod: kube-controller-manager-master hash: 0c91bb51488c4e7f19222042dd8bb76d
[apiclient] Found 1 Pods for label selector component=kube-controller-manager
[upgrade/staticpods] Component "kube-controller-manager" upgraded successfully!
[upgrade/staticpods] Preparing for "kube-scheduler" upgrade
[upgrade/staticpods] Renewing scheduler.conf certificate
[upgrade/staticpods] Moved new manifest to "/etc/kubernetes/manifests/kube-scheduler.yaml" and backed up old manifest to "/etc/kubernetes/tmp/kubeadm-backup-manifests-2021-02-27-16-28-09/kube-scheduler.yaml"
[upgrade/staticpods] Waiting for the kubelet to restart the component
[upgrade/staticpods] This might take a minute or longer depending on the component/version gap (timeout 5m0s)
Static pod: kube-scheduler-master hash: 6dbdba13d86ee08fe701bc482cc2c039
Static pod: kube-scheduler-master hash: 6dbdba13d86ee08fe701bc482cc2c039
Static pod: kube-scheduler-master hash: 6dbdba13d86ee08fe701bc482cc2c039
Static pod: kube-scheduler-master hash: 6dbdba13d86ee08fe701bc482cc2c039
Static pod: kube-scheduler-master hash: 6dbdba13d86ee08fe701bc482cc2c039
Static pod: kube-scheduler-master hash: 6dbdba13d86ee08fe701bc482cc2c039
Static pod: kube-scheduler-master hash: 6dbdba13d86ee08fe701bc482cc2c039
Static pod: kube-scheduler-master hash: 6dbdba13d86ee08fe701bc482cc2c039
Static pod: kube-scheduler-master hash: 6dbdba13d86ee08fe701bc482cc2c039
Static pod: kube-scheduler-master hash: 6dbdba13d86ee08fe701bc482cc2c039
Static pod: kube-scheduler-master hash: 6dbdba13d86ee08fe701bc482cc2c039
Static pod: kube-scheduler-master hash: 6dbdba13d86ee08fe701bc482cc2c039
Static pod: kube-scheduler-master hash: 6dbdba13d86ee08fe701bc482cc2c039
Static pod: kube-scheduler-master hash: 6dbdba13d86ee08fe701bc482cc2c039
Static pod: kube-scheduler-master hash: 6dbdba13d86ee08fe701bc482cc2c039
Static pod: kube-scheduler-master hash: 6dbdba13d86ee08fe701bc482cc2c039
Static pod: kube-scheduler-master hash: 6dbdba13d86ee08fe701bc482cc2c039
Static pod: kube-scheduler-master hash: 6dbdba13d86ee08fe701bc482cc2c039
Static pod: kube-scheduler-master hash: 6dbdba13d86ee08fe701bc482cc2c039
Static pod: kube-scheduler-master hash: 6dbdba13d86ee08fe701bc482cc2c039
Static pod: kube-scheduler-master hash: 6dbdba13d86ee08fe701bc482cc2c039
Static pod: kube-scheduler-master hash: 6dbdba13d86ee08fe701bc482cc2c039
Static pod: kube-scheduler-master hash: 6dbdba13d86ee08fe701bc482cc2c039
Static pod: kube-scheduler-master hash: 6dbdba13d86ee08fe701bc482cc2c039
Static pod: kube-scheduler-master hash: 6dbdba13d86ee08fe701bc482cc2c039
Static pod: kube-scheduler-master hash: bd4765a68b7a13f0c7d6b33332e0b273
[apiclient] Found 1 Pods for label selector component=kube-scheduler
[upgrade/staticpods] Component "kube-scheduler" upgraded successfully!
[upgrade/postupgrade] Applying label node-role.kubernetes.io/control-plane='' to Nodes with label node-role.kubernetes.io/master='' (deprecated)
[upload-config] Storing the configuration used in ConfigMap "kubeadm-config" in the "kube-system" Namespace
[kubelet] Creating a ConfigMap "kubelet-config-1.20" in namespace kube-system with the configuration for the kubelets in the cluster
[kubelet-start] Writing kubelet configuration to file "/var/lib/kubelet/config.yaml"
[bootstrap-token] configured RBAC rules to allow Node Bootstrap tokens to get nodes
[bootstrap-token] configured RBAC rules to allow Node Bootstrap tokens to post CSRs in order for nodes to get long term certificate credentials
[bootstrap-token] configured RBAC rules to allow the csrapprover controller automatically approve CSRs from a Node Bootstrap Token
[bootstrap-token] configured RBAC rules to allow certificate rotation for all node client certificates in the cluster
[addons] Applied essential addon: CoreDNS
[addons] Applied essential addon: kube-proxy
[upgrade/successful] SUCCESS! Your cluster was upgraded to "v1.20.2". Enjoy!
[upgrade/kubelet] Now that your control plane is upgraded, please proceed with upgrading your kubelets if you haven't already done so.
Copy the code
6. Cancel the protection for control plane nodes
[root@master ~]# kubectl uncordon master
Copy the code
Upgrade kubelet and Kubectl
[root@master ~]# yum install -y kubelet-1.20.2 kubectl-1.20.2 -- Disableexcludes =kubernetes # restart kubelet [root@master ~]# systemctl daemon-reload [root@master ~]# systemctl restart kubeletCopy the code
2. Upgrade working Nodes (Node nodes)
1. Upgrade kubeadm
[root@node1 ~]# yum install -y kubeadm-1.20.2 -- Disableexcludes =kubernetesCopy the code
2. Protect nodes
[root@master ~]# kubectl drain node1 --ignore-daemonsets
Copy the code
Upgrade kubelet configuration
[root@node1 ~]# kubeadm upgrade node
Copy the code
Upgrade kubelet and Kubectl
[root@node1 ~]# yum install -y kubelet-1.20.2 kubectl-1.20.2 -- Disableexcludes =kubernetes # restart kubelet [root@node1 ~]# systemctl daemon-reload [root@node1 ~]# systemctl restart kubeletCopy the code
5. Disable node protection
[root@master ~]# kubectl uncordon node1
Copy the code
Verify the cluster
[root@master ~]# kubectl get nodes NAME STATUS ROLES AGE VERSION master Ready control-plane,master 68m v1.20.2node1 67 m v1.20.2 Ready noneCopy the code