01 版本说明
本次升级版本为从1.15.3升级至1.16.3。另外更高的k8s版本,要注意内核要为4.4以上,尤其是1.18版本。
02 升级
01 master节点升级
查看当前集群组件列表
代码语言:javascript复制[root@master01 ~]# kubectl get nodes
NAME STATUS ROLES AGE VERSION
master01.sy.com Ready master 3d9h v1.15.3
master02.sy.com Ready master 3d9h v1.15.3
master03.sy.com Ready master 3d9h v1.15.3[root@master01 ~]# kubeadm config images list
I0521 20:18:24.336912 23537 version.go:248] remote version is much newer: v1.18.3; falling back to: stable-1.15
W0521 20:18:34.337440 23537 version.go:98] could not fetch a Kubernetes version from the internet: unable to get URL "https://dl.k8s.io/release/stable-1.15.txt": Get https://storage.googleapis.com/kubernetes-release/release/stable-1.15.txt: net/http: request canceled while waiting for connection (Client.Timeout exceeded while awaiting headers)
W0521 20:18:34.337495 23537 version.go:99] falling back to the local client version: v1.15.3
k8s.gcr.io/kube-apiserver:v1.15.3
k8s.gcr.io/kube-controller-manager:v1.15.3
k8s.gcr.io/kube-scheduler:v1.15.3
k8s.gcr.io/kube-proxy:v1.15.3
k8s.gcr.io/pause:3.1
k8s.gcr.io/etcd:3.3.10
k8s.gcr.io/coredns:1.3.1
[root@master01 ~]#升级 Kubeadm 工具版本
代码语言:javascript复制[root@master01 ~]# yum update -y kubeadm-1.16.3-0查看待升级的 kubernetes 组件镜像列表
代码语言:javascript复制[root@master01 ~]# kubeadm config images list
W0521 20:33:34.091388 32299 version.go:101] could not fetch a Kubernetes version from the internet: unable to get URL "https://dl.k8s.io/release/stable-1.txt": Get https://storage.googleapis.com/kubernetes-release/release/stable-1.txt: net/http: request canceled while waiting for connection (Client.Timeout exceeded while awaiting headers)
W0521 20:33:34.091559 32299 version.go:102] falling back to the local client version: v1.16.3
k8s.gcr.io/kube-apiserver:v1.16.3
k8s.gcr.io/kube-controller-manager:v1.16.3
k8s.gcr.io/kube-scheduler:v1.16.3
k8s.gcr.io/kube-proxy:v1.16.3
k8s.gcr.io/pause:3.1
k8s.gcr.io/etcd:3.3.15-0
k8s.gcr.io/coredns:1.6.2创建镜像脚本,并打tag
代码语言:javascript复制[root@master01 ~]# cat pull-image.sh
## 设置镜像仓库地址
MY_REGISTRY=registry.aliyuncs.com/google_containers
## 拉取镜像
docker pull ${MY_REGISTRY}/kube-apiserver:v1.16.3
docker pull ${MY_REGISTRY}/kube-controller-manager:v1.16.3
docker pull ${MY_REGISTRY}/kube-scheduler:v1.16.3
docker pull ${MY_REGISTRY}/kube-proxy:v1.16.3
docker pull ${MY_REGISTRY}/etcd:3.3.15-0
docker pull ${MY_REGISTRY}/pause:3.1
docker pull ${MY_REGISTRY}/coredns:1.6.2
## 设置标签
docker tag ${MY_REGISTRY}/kube-apiserver:v1.16.3 k8s.gcr.io/kube-apiserver:v1.16.3
docker tag ${MY_REGISTRY}/kube-scheduler:v1.16.3 k8s.gcr.io/kube-scheduler:v1.16.3
docker tag ${MY_REGISTRY}/kube-controller-manager:v1.16.3 k8s.gcr.io/kube-controller-manager:v1.16.3
docker tag ${MY_REGISTRY}/kube-proxy:v1.16.3 k8s.gcr.io/kube-proxy:v1.16.3
docker tag ${MY_REGISTRY}/etcd:3.3.15-0 k8s.gcr.io/etcd:3.3.15-0
docker tag ${MY_REGISTRY}/pause:3.1 k8s.gcr.io/pause:3.1
docker tag ${MY_REGISTRY}/coredns:1.6.2 k8s.gcr.io/coredns:1.6.2升级kubeadm
代码语言:javascript复制[root@master01 ~]# kubectl drain master01.sy.com --ignore-daemonsets
[root@master01 ~]# kubeadm upgrade apply v1.16.3
[upgrade/config] Making sure the configuration is correct:
[upgrade/config] Reading configuration from the cluster...
[upgrade/config] FYI: You can look at this config file with 'kubectl -n kube-system get cm kubeadm-config -oyaml'
[preflight] Running pre-flight checks.
[upgrade] Making sure the cluster is healthy:
[upgrade/version] You have chosen to change the cluster version to "v1.16.3"
[upgrade/versions] Cluster version: v1.15.3
[upgrade/versions] kubeadm version: v1.16.3
[upgrade/confirm] Are you sure you want to proceed with the upgrade? [y/N]: y
.........
[upgrade/successful] SUCCESS! Your cluster was upgraded to "v1.16.3". Enjoy!
[upgrade/kubelet] Now that your control plane is upgraded, please proceed with upgrading your kubelets if you haven't already done so.升级 Kubelet
代码语言:javascript复制[root@master01 ~]# yum update -y kubelet-1.16.3-0
[root@master01 ~]# systemctl daemon-reload && systemctl restart kubelet看日志发现kubelet有报错
代码语言:javascript复制cni.go:237] Unable to update cni config: no valid networks found in /etc/cni/net.d解决
代码语言:javascript复制在v1.16中,kubelet将验证cni配置文件
在cbr0 这一行上面新增一行:
cni-conf.json: |
{
"cniVersion":"0.2.0",
"name": "cbr0",
flannal镜像改成quay.io/coreos/flannel:v0.11.0-amd64
在看node状态
[root@master01 ~]# kubectl uncordon master01.sy.com
node/master01.sy.com uncordoned
[root@master01 ~]# kubectl get nodes
NAME STATUS ROLES AGE VERSION
master01.sy.com Ready master 4d3h v1.16.3
master02.sy.com Ready master 4d3h v1.15.3
master03.sy.com Ready master 4d2h v1.15.3其他master节点升级也一样操作,不过命令替换一下
代码语言:javascript复制[root@master02 ~]# kubeadm upgrade node experimental-control-plane
[root@master01 ~]# kubectl get nodes
NAME STATUS ROLES AGE VERSION
master01.sy.com Ready master 4d3h v1.16.3
master02.sy.com Ready master 4d3h v1.16.3
master03.sy.com Ready master 4d3h v1.16.302 node节点升级
代码语言:javascript复制kubectl drain [节点名称] --ignore-daemonsets
yum update -y kubeadm-1.16.3-0
yum update -y kubelet-1.16.3-0
systemctl daemon-reload && systemctl restart kubelet
