Rancher Article Series - K3S Cluster Upgrade
This article was last updated on: July 24, 2024 am
overview
The book continues from the previous time:Rancher Series - Rancher UpgradeWe mentioned: Upgrading Rancher from v2.6.3 with Helm v2.6.4.
Next, start upgrading the K3S cluster: Upgrade the K3S cluster from v1.21.7+k3s1 to v1.22.5+k3s2
Related information
The basic information of the upgraded K3S cluster is:
- A 1 master (and etcd) 3 node K3S cluster installed on Tianyi Cloud with 4 machines
- In fact… This K3S cluster uses: k3s-ansible Script bulk installation.:
- K3S v1.21.7+k3s1
- Rancher just upgraded to v2.6.4, verification is not a big problem
- K3S clusters are useful for Traefik to manage Ingress
- K3S clusters use embedded etcd datastores
Upgrade mode assessment
official The following upgrade methods are available:
- Base upgrade
- Upgrade K3s using an installation script
- Use the binaries to manually upgrade K3s
- Automatic upgrades
- Use Rancher to upgrade your K3s cluster
- Use system-upgrad-controller to manage K3s cluster upgrades
I’ve probably gone through it all, let’s start with the reason for the pass:
Use Rancher to upgrade your K3s cluster - 🙅 ♂️
Detailed documentation here:Upgrade the Kubernetes version | Rancher | Rancher documentation
The original text is as follows:
📚️ Quote:
Prerequisite:
- The following options are only available RKE clusters and Imported K3s Kubernetes cluster。
- Before upgrading Kubernetes, please Back up your cluster。
- fromBig pictureview, locate the cluster for which you want to upgrade the Kubernetes version. choose Ellipsis > edit。
- ClickCluster options。
- from Kubernetes versiondrop-down menu, select the version of Kubernetes that you want to use for your cluster.
- ClickSave。
Outcome: The cluster starts upgrading its Kubernetes version.
But, but! I never found it on my Rancher v2.6.4 省略号 > 编辑
Where, 😂😂😂
I guess maybe it’s because the Chinese documentation I read is only Rancher v2.5, and the Rancher v2.6 UI has undergone a lot of tweaks, so I can’t find it.
In addition, this kind of Rancher’s local cluster, and still is Single master Node, my personal assessment is not achievableAutomatic upgradesTarget.
PAAS
Use system-upgrad-controller to manage K3s cluster upgrades 🙅 ♂️
Detailed documentation can be found here:Automatic upgrade | Rancher documentation
I tried it and it turned out to be in my creation server-plan
, prompt me server-plan
PODs cannot be scheduled because none of the nodes meet the conditions for scheduling.
I probably looked at it, and the condition of scheduling is that it is required to be in master
node, I only have 1 master at the same time, which is set up before the upgrade cordon: true
, resulting in a conflict and the upgrade could not proceed.
It is precisely because of this that I judge:
- Single master node, is not possibleAutomatic upgrades, or even if an upgrade is possible, the risk is greater
PAAS
Upgrade K3s manually using binaries - 🙅 ♂️
This is OK, the steps are clear, and it is just right k3s-ansible Script increase upgrade.yml
playbook to implement.
But… I don’t have time in the near future, so let’s write down this matter first, and then add this function later when I have time.
Upgrade K3s ✔️ - using an installation script
Although I didn’t install K3s with an install script, but k3s-ansible The logic of the script is basically the same as the official installation script, except that it uses ansible. After personal evaluation, it is believed: just make sureRerun the installation script with the same flagsto upgrade K3s from an older version.
It’s ✔️ up to you
Upgrade steps
〇、Information Collection
registries.yaml
There is a configuration of registries.yaml, as follows:
1 |
|
But the location did not move, still /etc/rancher/k3s/registries.yaml
. Therefore, this does not result in additional upgrade steps.
K3s Server and Agent Other Configurations
1 |
|
Analyzing the above configuration, it is just some more server installation configuration parameters, pay attention to ensure when using the official installation scriptRerun the installation script with the same flagsCan.
1. Backup
use k3s etcd-snapshot
Make a backup as follows:
1 |
|
📝Notes:
You can also add more parameters to back up data to S3.
The reason why I did not choose this time is because the Internet bandwidth of the cluster is too small, and the backup to S3 is frequently interrupted, so I give up.
The backup results are located at:/var/lib/rancher/k3s/server/db/snapshots/
, as shown below:
Twok3s-killall.sh
In order to ensure the success rate of the upgrade, and the current K3s cluster is mainly used for testing and demo, it can be completely shut down, so it can be used k3s-killall.sh
Stop the corresponding node and then upgrade.
Before upgrading the corresponding node, run the following command:
1 |
|
Third, use the installation script to upgrade the server
🐾Notes:
To upgrade K3s from an older version, you can rerun the installation script with the same flags
Run the following command to upgrade:
1 |
|
The instructions are as follows:
INSTALL_K3S_VERSION=v1.22.5+k3s2
The target version of the upgradeK3S_KUBECONFIG_MODE=644 ... --etcd-expose-metrics true
All are consistent with the previous installation flags
The upgrade is successful, and the log is as follows:
[INFO] Using v1.22.5+k3s2 as release
[INFO] Downloading hash https://rancher-mirror.rancher.cn/k3s/v1.22.5-k3s2/sha256sum-amd64.txt
[INFO] Downloading binary https://rancher-mirror.rancher.cn/k3s/v1.22.5-k3s2/k3s
[INFO] Verifying binary download
[INFO] Installing k3s to /usr/local/bin/k3s
[INFO] Skipping /usr/local/bin/kubectl symlink to k3s, already exists
[INFO] Skipping /usr/local/bin/crictl symlink to k3s, already exists
[INFO] Skipping /usr/local/bin/ctr symlink to k3s, already exists
[INFO] Creating killall script /usr/local/bin/k3s-killall.sh
[INFO] Creating uninstall script /usr/local/bin/k3s-uninstall.sh
[INFO] env: Creating environment file /etc/systemd/system/k3s.service.env
[INFO] systemd: Creating service file /etc/systemd/system/k3s.service
[INFO] systemd: Enabling k3s unit
Created symlink /etc/systemd/system/multi-user.target.wants/k3s.service → /etc/systemd/system/k3s.service.
[INFO] systemd: Starting k3s
4. Use the installation script to upgrade the agent
🐾Notes:
To upgrade K3s from an older version, you can rerun the installation script with the same flags
Run the following command to upgrade:
1 |
|
The instructions are as follows:
- Others are similar to server upgrades, mainly the version and the same flags
K3S_URL=https://<my-master-ip>:6443 K3S_TOKEN=<my-token>
This is a parameter required for installation as an agentK3S_TOKEN
Situated:/var/lib/rancher/k3s/server/node-token
, the token has not changed before and after the upgrade
5. Verification
This can be verified through some kubectl commands, or a graphical interface Lens or K9S or Rancher to verify.
A cursory look at these places:
- Events: There is no Warning
- Node status: There are no exceptions
- Pod status: There are no exceptions
- Jobs Status: There are no failures
- Ingress status: There are no access exceptions
- PVC Status: Yes or no
Bound
of the state kind: Addon
Status There are no exceptions
🎉🎉🎉
However, several problems were also found during the verification process, which are described and solved one by one: