企业网站建设基本流程学校网站建设实施方案
张小明 2026/1/3 15:39:33
企业网站建设基本流程,学校网站建设实施方案,互联网企业营销策略,杭州注册公司流程集群管理命令
etcdctl是一个命令行的客户端#xff0c;它提供了一些命令#xff0c;可以方便我们在对服务进行测试或者手动修改数据库内容。etcdctl命令基本用法如下所示#xff1a;
etcdctl [global options] command [command options] [args...]
具体的命令选项参数可…集群管理命令etcdctl是一个命令行的客户端它提供了一些命令可以方便我们在对服务进行测试或者手动修改数据库内容。etcdctl命令基本用法如下所示etcdctl [global options] command [command options] [args...]具体的命令选项参数可以通过 etcdctl command --help来获取相关帮助环境变量获得etcd数据库的访问url[rootk8s-master ~]# kubectl -n kube-system get pods etcd-k8s-master -o yaml | grep -A10 containers: | grep https:// - --advertise-client-urlshttps://192.168.158.15:2379 - --initial-advertise-peer-urlshttps://192.168.158.15:2380 - --initial-clusterk8s-masterhttps://192.168.158.15:2380 如果遇到使用了TLS加密的集群通常每条指令都需要指定证书路径和etcd节点地址可以把相关命令行参数添加在环境变量中在~/.bashrc添加以下内容[roottiaoban etcd]# cat ~/.bashrc HOST_1https://192.168.166.3:2379 ENDPOINTS${HOST_1} # 如果需要使用原生命令在命令开头加一个\ 例如\etcdctl command alias etcdctletcdctl --cert /etc/kubernetes/pki/etcd/peer.crt --key /etc/kubernetes/pki/etcd/peer.key --endpointshttps://192.168.158.6:2379 --insecure-skip-tls-verify [roottiaoban etcd]# source ~/.bashrc查看etcd版本[roottiaoban etcd]# etcdctl version etcdctl version: 3.4.23 API version: 3.4查看etcd集群节点信息etcdctl member list -w table ----------------------------------------------------------------------------------------------------------- | ID | STATUS | NAME | PEER ADDRS | CLIENT ADDRS | IS LEARNER | ----------------------------------------------------------------------------------------------------------- | eba84a8571780cea | started | k8s-master | https://192.168.166.3:2380 | https://192.168.166.3:2379 | false | ----------------------------------------------------------------------------------------------------------- 查看集群健康状态etcdctl endpoint status -w table ------------------------------------------------------------------------------------------------------------------------------------------ | ENDPOINT | ID | VERSION | DB SIZE | IS LEADER | IS LEARNER | RAFT TERM | RAFT INDEX | RAFT APPLIED INDEX | ERRORS | ------------------------------------------------------------------------------------------------------------------------------------------ | https://192.168.166.3:2379 | eba84a8571780cea | 3.5.15 | 7.1 MB | true | false | 4 | 15658 | 15658 | | ------------------------------------------------------------------------------------------------------------------------------------------ ####表格内容解析 ENDPOINT节点的地址这里是 https://192.168.158.6:2379。这表示该节点的网络地址和端口。 ID节点的唯一标识符这里是 6dc5c9ae772d8898。 VERSION节点的版本号这里是 3.5.9。 DB SIZE数据库大小这里是 9.1 MB。 IS LEADER是否为集群的领导者节点。true 表示该节点是领导者。 IS LEARNER是否为学习者节点。false 表示该节点不是学习者节点。 RAFT TERMRaft协议中的任期编号这里是 4。Raft协议用于分布式系统的共识机制任期编号用于区分不同的选举周期。 RAFT INDEXRaft协议中的日志索引这里是 30622。它表示当前日志的最新位置。 RAFT APPLIED INDEXRaft协议中已应用的日志索引这里是 30622。它表示已提交并应用到状态机的日志位置。 ERRORS错误信息这里为空表示没有错误查看告警事件如果内部出现问题会触发告警可以通过命令查看告警引起原因命令如下所示etcdctl alarm subcommand [flags]常用的子命令主要有两个# 查看所有告警 etcdctl alarm list # 解除所有告警 etcdctl alarm disarm添加成员(单节点部署的etcd无法直接扩容)不用做当集群部署完成后后续可能需要进行节点扩缩容就可以使用member命令管理节点。先查看当前集群信息[roottiaoban etcd]# etcdctl endpoint status --cluster -w table ------------------------------------------------------------------------------------------------------------------------------------------ | ENDPOINT | ID | VERSION | DB SIZE | IS LEADER | IS LEARNER | RAFT TERM | RAFT INDEX | RAFT APPLIED INDEX | ERRORS | ------------------------------------------------------------------------------------------------------------------------------------------ | http://192.168.10.100:2379 | 2e0eda3ad6bc6e1e | 3.4.23 | 20 kB | true | false | 8 | 16 | 16 | | | http://192.168.10.12:2379 | 5d2c1bd3b22f796f | 3.4.23 | 20 kB | false | false | 8 | 16 | 16 | | | http://192.168.10.11:2379 | bc34c6bd673bdf9f | 3.4.23 | 20 kB | false | false | 8 | 16 | 16 | | ------------------------------------------------------------------------------------------------------------------------------------------在启动新的etcd节点前先向etcd集群声明添加节点的peer-urls和节点名称[roottiaoban etcd]# etcdctl member add etcd4 --peer-urlshttp://192.168.158.9:2380 Member b112a60ec305e42a added to cluster cd30cff36981306b ETCD_NAMEetcd4 ETCD_INITIAL_CLUSTERetcd1http://192.168.10.100:2380,etcd3http://192.168.10.12:2380,etcd4http://192.168.10.100:12380,etcd2http://192.168.10.11:2380 ETCD_INITIAL_ADVERTISE_PEER_URLShttp://192.168.10.100:12380 ETCD_INITIAL_CLUSTER_STATEexisting接下来使用docker创建一个版本为3.4.23的etcd节点运行在192.168.10.100上使用host网络模式endpoints地址为http://192.168.10.100:12379节点名称为etcd4。[roottiaoban etcd]# mkdir -p /opt/docker/etcd/{conf,data} [roottiaoban etcd]# chown -R 1001:1001 /opt/docker/etcd/data/ [roottiaoban etcd]# cat /opt/docker/etcd/conf/etcd.conf # 节点名称 name: etcd4 # 指定节点的数据存储目录 />变更/var/lib/etcd[rootk8s-01 kubernetes]# mv /var/lib/etcd /var/lib/etcd.bak [rootk8s-01 kubernetes]#恢复etcd数据[rootk8s-01 lib]# ETCDCTL_API3 etcdctl --endpointshttps://127.0.0.1:2379 --cert/etc/kubernetes/pki/etcd/server.crt --key/etc/kubernetes/pki/etcd/server.key --cacert/etc/kubernetes/pki/etcd/ca.crt snapshot restore /opt/etcd-back/snap.db --data-dir/var/lib/etcd/启动etcd和apiserver查看pods[rootk8s-01 lib]# cd /etc/kubernetes/ [rootk8s-01 kubernetes]# mv manifests-backup manifests [rootk8s-01 kubernetes]# kubectl get pods NAME READY STATUS RESTARTS AGE nfs-client-provisioner-69b76b8dc6-6l8xs 1/1 Running 12 (2m25s ago) 4h48m [rootk8s-01 ~]# kubectl get pods -n kube-system NAME READY STATUS RESTARTS AGE calico-kube-controllers-65898446b5-t2mqq 1/1 Running 11 (16h ago) 21h calico-node-8md6b 1/1 Running 0 21h calico-node-9457b 1/1 Running 0 21h calico-node-nxs2w 1/1 Running 0 21h calico-node-p7d52 1/1 Running 0 21h coredns-7f6cbbb7b8-g84gl 1/1 Running 0 22h coredns-7f6cbbb7b8-j9q4q 1/1 Running 0 22h etcd-k8s-01 1/1 Running 0 22h kube-apiserver-k8s-01 1/1 Running 0 22h kube-controller-manager-k8s-01 1/1 Running 0 22h kube-proxy-49b8g 1/1 Running 0 22h kube-proxy-8wh5l 1/1 Running 0 22h kube-proxy-b6lqq 1/1 Running 0 22h kube-proxy-tldpv 1/1 Running 0 22h kube-scheduler-k8s-01 1/1 Running 0 22h [rootk8s-01 ~]#由于3个nginx是备份之后启动的所以恢复后都不存在了。多master集群环境准备kubeadm安装的二主二从[rootk8s-01 ~]# kubectl get nodes NAME STATUS ROLES AGE VERSION k8s-01 Ready control-plane,master 16h v1.22.3 k8s-02 Ready control-plane,master 16h v1.22.3 k8s-03 Ready none 16h v1.22.3 k8s-04 Ready none 16h v1.22.3 [rootk8s-01 etcd-v3.5.4-linux-amd64]# ETCDCTL_API3 etcdctl --endpointshttps://192.168.1.123:2379,https://192.168.1.124:2379 --cacert/etc/kubernetes/pki/etcd/ca.crt --cert/etc/kubernetes/pki/etcd/peer.crt --key/etc/kubernetes/pki/etcd/peer.key member list 58915ab47aed1957, started, k8s-02, https://192.168.1.124:2380, https://192.168.1.124:2379, false c48307bcc0ac155e, started, k8s-01, https://192.168.1.123:2380, https://192.168.1.123:2379, false [rootk8s-01 etcd-v3.5.4-linux-amd64]#2台master都需要备份[rootk8s-01 ~]# ETCDCTL_API3 etcdctl --endpointshttps://127.0.0.1:2379 --cacert/etc/kubernetes/pki/etcd/ca.crt --cert/etc/kubernetes/pki/etcd/peer.crt --key/etc/kubernetes/pki/etcd/peer.key snapshot save /snap-$(date %Y%m%d%H%M).db [rootk8s-02 ~]# ETCDCTL_API3 etcdctl --endpointshttps://127.0.0.1:2379 --cacert/etc/kubernetes/pki/etcd/ca.crt --cert/etc/kubernetes/pki/etcd/peer.crt --key/etc/kubernetes/pki/etcd/peer.key snapshot save /snap-$(date %Y%m%d%H%M).db2.创建3个测试pod[rootk8s-01 ~]# kubectl get pods NAME READY STATUS RESTARTS AGE nginx-6799fc88d8-2x6gw 1/1 Running 0 4m22s nginx-6799fc88d8-82mjz 1/1 Running 0 4m22s nginx-6799fc88d8-sbb6n 1/1 Running 0 4m22s tomcat-7d987c7694-552v2 1/1 Running 0 2m8s [rootk8s-01 ~]#3.停掉Master机器的kube-apiserver和etcd[rootk8s-01 kubernetes]# mv /etc/kubernetes/manifests/ /etc/kubernetes/manifests-backup/ [rootk8s-02 kubernetes]# mv /etc/kubernetes/manifests/ /etc/kubernetes/manifests-backup/4.变更/var/lib/etcd[rootk8s-01 kubernetes]# mv /var/lib/etcd /var/lib/etcd.bak [rootk8s-02 kubernetes]# mv /var/lib/etcd /var/lib/etcd.bak5.恢复etcd数据,etcd集群用同一份snapshot恢复[rootk8s-01 /]# ETCDCTL_API3 etcdctl snapshot restore /snap-202207182330.db --endpoints192.168.1.123:2379 --namek8s-01 --cacert/etc/kubernetes/pki/etcd/ca.crt --cert/etc/kubernetes/pki/etcd/peer.crt --key/etc/kubernetes/pki/etcd/peer.key --initial-advertise-peer-urlshttps://192.168.1.123:2380 --initial-cluster-tokenetcd-cluster-0 --initial-clusterk8s-01https://192.168.1.123:2380,k8s-02https://192.168.1.124:2380 --data-dir/var/lib/etcd [rootk8s-01 /]# scp snap-202207182330.db root192.168.1.124:/ root192.168.1.124s password: snap-202207182330.db 100% 4780KB 45.8MB/s 00:00 [rootk8s-02 /]# ETCDCTL_API3 etcdctl snapshot restore /snap-202207182330.db --endpoints192.168.1.124:2379 --namek8s-02 --cacert/etc/kubernetes/pki/etcd/ca.crt --cert/etc/kubernetes/pki/etcd/peer.crt --key/etc/kubernetes/pki/etcd/peer.key --initial-advertise-peer-urlshttps://192.168.1.124:2380 --initial-cluster-tokenetcd-cluster-0 --initial-clusterk8s-01https://192.168.1.123:2380,k8s-02https://192.168.1.124:2380 --data-dir/var/lib/etcd6.master节点上启动etcd和apiserver查看pods 6.master节点上启动etcd和apiserver查看pods[rootk8s-01 lib]# cd /etc/kubernetes/ [rootk8s-01 kubernetes]# mv manifests-backup manifests [rootk8s-02 lib]# cd /etc/kubernetes/ [rootk8s-02 kubernetes]# mv manifests-backup manifests [rootk8s-01 lib]# kubectl get pods ###发现无法看到后创建的pod信息 [rootk8s-01 ~]# kubectl get pods -n kube-system NAME READY STATUS RESTARTS AGE calico-kube-controllers-65898446b5-drjjj 1/1 Running 10 (16h ago) 16h calico-node-9s7p2 1/1 Running 0 16h calico-node-fnbj4 1/1 Running 0 16h calico-node-nx6q6 1/1 Running 0 16h calico-node-qcffj 1/1 Running 0 16h coredns-7f6cbbb7b8-mn9hj 1/1 Running 0 16h coredns-7f6cbbb7b8-nrwbf 1/1 Running 0 16h etcd-k8s-01 1/1 Running 1 16h etcd-k8s-02 1/1 Running 0 16h kube-apiserver-k8s-01 1/1 Running 2 (16h ago) 16h kube-apiserver-k8s-02 1/1 Running 0 16h kube-controller-manager-k8s-01 1/1 Running 2 16h kube-controller-manager-k8s-02 1/1 Running 0 16h kube-proxy-d824j 1/1 Running 0 16h kube-proxy-k5gw4 1/1 Running 0 16h kube-proxy-mxmhp 1/1 Running 0 16h kube-proxy-nvpf4 1/1 Running 0 16h kube-scheduler-k8s-01 1/1 Running 1 16h kube-scheduler-k8s-02 1/1 Running 0 16h [rootk8s-01 ~]#Kubernetes集群升级指南前言本文演示kubernetes集群从v1.24.1升级到v1.29.15。一、集群升级过程辅助命令1查看节点上运行的pod。kubectl get pod -o wide |grep nodename2查看集群配置文件。kubectl -n kube-system get cm kubeadm-config -o yaml3查看当前集群节点。kubectl get node二、升级master节点2.1、升级kubeadm。# 更新包管理器 yum update # 查看可用版本 apt-cache madison kubeadm yum list | grep kubeadm # 更新 yum update -y kubeadm # 验证版本 kubeadm version2.2、验证升级计划1检查可升级到哪些版本并验证你当前的集群是否可升级。kubeadm upgrade plan[upgrade/config] Making sure the configuration is correct: [upgrade/config] Reading configuration from the cluster... [upgrade/config] FYI: You can look at this config file with kubectl -n kube-system get cm kubeadm-config -o yaml [preflight] Running pre-flight checks. [upgrade] Running cluster health checks [upgrade] Fetching available versions to upgrade to [upgrade/versions] Cluster version: v1.28.15 [upgrade/versions] kubeadm version: v1.29.15 I0327 11:28:43.151508 1125701 version.go:256] remote version is much newer: v1.32.3; falling back to: stable-1.29 [upgrade/versions] Target version: v1.29.15 [upgrade/versions] Latest version in the v1.28 series: v1.28.15 Components that must be upgraded manually after you have upgraded the control plane with kubeadm upgrade apply: COMPONENT CURRENT TARGET kubelet 3 x v1.28.15 v1.29.15 Upgrade to the latest stable version: COMPONENT CURRENT TARGET kube-apiserver v1.28.15 v1.29.15 kube-controller-manager v1.28.15 v1.29.15 kube-scheduler v1.28.15 v1.29.15 kube-proxy v1.28.15 v1.29.15 CoreDNS v1.10.1 v1.11.1 etcd 3.5.15-0 3.5.16-0 You can now apply the upgrade by executing the following command: kubeadm upgrade apply v1.29.15 _____________________________________________________________________ The table below shows the current state of component configs as understood by this version of kubeadm. Configs that have a yes mark in the MANUAL UPGRADE REQUIRED column require manual config upgrade or resetting to kubeadm defaults before a successful upgrade can be performed. The version to manually upgrade to is denoted in the PREFERRED VERSION column. API GROUP CURRENT VERSION PREFERRED VERSION MANUAL UPGRADE REQUIRED kubeproxy.config.k8s.io v1alpha1 v1alpha1 no kubelet.config.k8s.io v1beta1 v1beta1 no _____________________________________________________________________注意下面的MANUAL字段The table below shows the current state of component configs as understood by this version of kubeadm. Configs that have a yes mark in the MANUAL UPGRADE REQUIRED column require manual config upgrade or resetting to kubeadm defaults before a successful upgrade can be performed. The version to manually upgrade to is denoted in the PREFERRED VERSION column. API GROUP CURRENT VERSION PREFERRED VERSION MANUAL UPGRADE REQUIRED kubeproxy.config.k8s.io v1alpha1 v1alpha1 no kubelet.config.k8s.io v1beta1 v1beta1 no _____________________________________________________________________ 指示哪些主键需要手动升级如果是yes就要手动升级。2显示哪些差异将被应用于现有的静态 pod 资源清单。kubeadm upgrade diff 1.29.15[upgrade/diff] Reading configuration from the cluster... [upgrade/diff] FYI: You can look at this config file with kubectl -n kube-system get cm kubeadm-config -o yaml --- /etc/kubernetes/manifests/kube-apiserver.yaml new manifest -40,7 40,7 - --service-cluster-ip-range10.96.0.0/12 - --tls-cert-file/etc/kubernetes/pki/apiserver.crt - --tls-private-key-file/etc/kubernetes/pki/apiserver.key - image: registry.aliyuncs.com/google_containers/kube-apiserver:v1.28.15 image: registry.aliyuncs.com/google_containers/kube-apiserver:1.29.15 imagePullPolicy: IfNotPresent livenessProbe: failureThreshold: 8 --- /etc/kubernetes/manifests/kube-controller-manager.yaml new manifest -28,7 28,7 - --service-account-private-key-file/etc/kubernetes/pki/sa.key - --service-cluster-ip-range10.96.0.0/12 - --use-service-account-credentialstrue - image: registry.aliyuncs.com/google_containers/kube-controller-manager:v1.28.15 image: registry.aliyuncs.com/google_containers/kube-controller-manager:1.29.15 imagePullPolicy: IfNotPresent livenessProbe: failureThreshold: 8 --- /etc/kubernetes/manifests/kube-scheduler.yaml new manifest -16,7 16,7 - --bind-address127.0.0.1 - --kubeconfig/etc/kubernetes/scheduler.conf - --leader-electtrue - image: registry.aliyuncs.com/google_containers/kube-scheduler:v1.28.15 image: registry.aliyuncs.com/google_containers/kube-scheduler:1.29.15 imagePullPolicy: IfNotPresent livenessProbe: failureThreshold: 8 2.3、master节点升级1升级到 1.29.15版本此命令仅升级master节点control plane。kubeadm upgrade apply v1.29.15[upgrade/config] Making sure the configuration is correct: [upgrade/config] Reading configuration from the cluster... [upgrade/config] FYI: You can look at this config file with kubectl -n kube-system get cm kubeadm-config -o yaml [preflight] Running pre-flight checks. [upgrade] Running cluster health checks [upgrade/version] You have chosen to change the cluster version to v1.29.15 [upgrade/versions] Cluster version: v1.28.15 [upgrade/versions] kubeadm version: v1.29.15 [upgrade] Are you sure you want to proceed? [y/N]: y [upgrade/prepull] Pulling images required for setting up a Kubernetes cluster [upgrade/prepull] This might take a minute or two, depending on the speed of your internet connection [upgrade/prepull] You can also perform this action in beforehand using kubeadm config images pull [upgrade/apply] Upgrading your Static Pod-hosted control plane to version v1.29.15 (timeout: 5m0s)... [upgrade/etcd] Upgrading to TLS for etcd [upgrade/staticpods] Preparing for etcd upgrade [upgrade/staticpods] Renewing etcd-server certificate [upgrade/staticpods] Renewing etcd-peer certificate [upgrade/staticpods] Renewing etcd-healthcheck-client certificate [upgrade/staticpods] Moved new manifest to /etc/kubernetes/manifests/etcd.yaml and backed up old manifest to /etc/kubernetes/tmp/kubeadm-backup-manifests-2025-03-27-11-32-38/etcd.yaml [upgrade/staticpods] Waiting for the kubelet to restart the component [upgrade/staticpods] This might take a minute or longer depending on the component/version gap (timeout 5m0s) [apiclient] Found 1 Pods for label selector componentetcd [upgrade/staticpods] Component etcd upgraded successfully! [upgrade/etcd] Waiting for etcd to become available [upgrade/staticpods] Writing new Static Pod manifests to /etc/kubernetes/tmp/kubeadm-upgraded-manifests2230279311 [upgrade/staticpods] Preparing for kube-apiserver upgrade [upgrade/staticpods] Renewing apiserver certificate [upgrade/staticpods] Renewing apiserver-kubelet-client certificate [upgrade/staticpods] Renewing front-proxy-client certificate [upgrade/staticpods] Renewing apiserver-etcd-client certificate [upgrade/staticpods] Moved new manifest to /etc/kubernetes/manifests/kube-apiserver.yaml and backed up old manifest to /etc/kubernetes/tmp/kubeadm-backup-manifests-2025-03-27-11-32-38/kube-apiserver.yaml [upgrade/staticpods] Waiting for the kubelet to restart the component [upgrade/staticpods] This might take a minute or longer depending on the component/version gap (timeout 5m0s) [apiclient] Found 1 Pods for label selector componentkube-apiserver [upgrade/staticpods] Component kube-apiserver upgraded successfully! [upgrade/staticpods] Preparing for kube-controller-manager upgrade [upgrade/staticpods] Renewing controller-manager.conf certificate [upgrade/staticpods] Moved new manifest to /etc/kubernetes/manifests/kube-controller-manager.yaml and backed up old manifest to /etc/kubernetes/tmp/kubeadm-backup-manifests-2025-03-27-11-32-38/kube-controller-manager.yaml [upgrade/staticpods] Waiting for the kubelet to restart the component [upgrade/staticpods] This might take a minute or longer depending on the component/version gap (timeout 5m0s) [apiclient] Found 1 Pods for label selector componentkube-controller-manager [upgrade/staticpods] Component kube-controller-manager upgraded successfully! [upgrade/staticpods] Preparing for kube-scheduler upgrade [upgrade/staticpods] Renewing scheduler.conf certificate [upgrade/staticpods] Moved new manifest to /etc/kubernetes/manifests/kube-scheduler.yaml and backed up old manifest to /etc/kubernetes/tmp/kubeadm-backup-manifests-2025-03-27-11-32-38/kube-scheduler.yaml [upgrade/staticpods] Waiting for the kubelet to restart the component [upgrade/staticpods] This might take a minute or longer depending on the component/version gap (timeout 5m0s) [apiclient] Found 1 Pods for label selector componentkube-scheduler [upgrade/staticpods] Component kube-scheduler upgraded successfully! [upload-config] Storing the configuration used in ConfigMap kubeadm-config in the kube-system Namespace [kubelet] Creating a ConfigMap kubelet-config in namespace kube-system with the configuration for the kubelets in the cluster [upgrade] Backing up kubelet config file to /etc/kubernetes/tmp/kubeadm-kubelet-config3777955110/config.yaml [kubelet-start] Writing kubelet configuration to file /var/lib/kubelet/config.yaml [kubeconfig] Writing admin.conf kubeconfig file [kubeconfig] Writing super-admin.conf kubeconfig file [bootstrap-token] Configured RBAC rules to allow Node Bootstrap tokens to get nodes [bootstrap-token] Configured RBAC rules to allow Node Bootstrap tokens to post CSRs in order for nodes to get long term certificate credentials [bootstrap-token] Configured RBAC rules to allow the csrapprover controller automatically approve CSRs from a Node Bootstrap Token [bootstrap-token] Configured RBAC rules to allow certificate rotation for all node client certificates in the cluster [addons] Applied essential addon: CoreDNS [addons] Applied essential addon: kube-proxy [upgrade/successful] SUCCESS! Your cluster was upgraded to v1.29.15. Enjoy! [upgrade/kubelet] Now that your control plane is upgraded, please proceed with upgrading your kubelets if you havent already done so. 2 腾空节点即将节点上除守护进程之外的其他进程调度到其他节点同时将开启调度保护。kubectl drain nodename --ignore-daemonsets$ kubectl drain k8s-master1 --ignore-daemonsets node/k8s-master1 cordoned WARNING: ignoring DaemonSet-managed Pods: kube-flannel/kube-flannel-ds-nxz4d, kube-system/kube-proxy-pbnk4 evicting pod kube-system/coredns-c676cc86f-twm96 evicting pod kube-system/coredns-c676cc86f-mdgbn pod/coredns-c676cc86f-mdgbn evicted pod/coredns-c676cc86f-twm96 evicted node/k8s-master1 drained $ kubectl get pod -A NAMESPACE NAME READY STATUS RESTARTS AGE kube-flannel kube-flannel-ds-nxz4d 1/1 Running 0 136m kube-system coredns-c676cc86f-7stvs 0/1 Pending 0 60s kube-system coredns-c676cc86f-vmkgv 0/1 Pending 0 60s kube-system etcd-k8s-master1 1/1 Running 0 11m kube-system kube-apiserver-k8s-master1 1/1 Running 0 10m kube-system kube-controller-manager-k8s-master1 1/1 Running 0 10m kube-system kube-proxy-pbnk4 1/1 Running 0 9m44s kube-system kube-scheduler-k8s-master1 1/1 Running 0 9m58s $ kubectl get node NAME STATUS ROLES AGE VERSION k8s-master1 Ready,SchedulingDisabled control-plane 162m v1.24.1 3升级kubelet与kubectl组件。yum update -y kubelet 4重启 kubelet。systemctl daemon-reload systemctl restart kubelet5解除调度保护。kubectl uncordon nodename三、升级node节点1升级节点kubelet 配置。kubeadm upgrade node2腾空节点同时开启调度保护此命令请在master节点操作kubectl drain nodename --ignore-daemonsets3升级kubelet与kubectl组件。yum update -y kubelet4重启 kubelet。systemctl daemon-reload systemctl restart kubelet5解除调度保护master节点上执行该命令。kubectl uncordon nodename总结每个版本的升级都不一样所以要根据版本进行适当调整不作为万能指导。 升级过程升级master组件。升级worker节点组件调度保护、排空节点、worker节点组件升级、解除保护。Kubernetes集群的升级可以分为以下几个步骤备份数据。在升级之前需要备份Kubernetes集群的数据包括访问控制、配置文件、数据卷等。选择升级方式。Kubernetes集群的升级方式可以分为两种滚动升级和强制替换。滚动升级是指逐个升级每个节点直到所有节点都升级完成。强制替换是指一次性替换所有节点将旧节点直接替换为新节点。准备新版本。Kubernetes升级需要准备新版本的二进制文件和镜像文件。可以从Kubernetes官方网站下载最新版本的二进制文件和镜像文件并上传到集群中的节点上。升级Master节点。首先需要升级Master节点使用新版本的二进制文件替换旧版本的二进制文件并启动新版本的Kubernetes API Server、ControllerKubernetes是一个快速发展的开源项目为了保持其功能和安全性集群的升级是必须的。查看升级文档首先需要查看官方的升级文档了解升级过程中需要注意的事项。备份数据在升级前需要备份当前的数据以防升级过程中的意外情况导致数据丢失。准备好备份在升级前需要确保备份的可用性以便在需要时能够 Manager和Scheduler。升级Node节点。接下来需要升级Node节点。首先需要将节点上的Kubelet和kube-proxy服务停止使用新版本的二进制文件替换旧版本的二进制文件然后启动新版本的Kubelet和kube-proxy服务。验证升级结果。升级完成后需要验证恢复数据。升级前的测试可以在测试环境中进行升级测试以确保升级过程和升级后的集群正常运行。升级Node首先需要升级每个Node节点中的Kubernetes组件包括kubelet和kube-proxy等。升级Control Plane然后需要升级Control Plane中的Kubernetes组件包括kube-apiserver、kube-controller-manager和kube-scheduler等。升级Kubernetes对象升级完Control Plane后需要升级Kubernetes对象如Deployment集群是否正常运行。可以使用kubectl命令查看集群的状态和资源对象的状态确保所有的服务都能够正常访问。回滚升级。如果升级失败或出现问题可以回滚到之前的版本。回滚的过程与升级的过程相同只需要使用旧版本的二进制文件和镜像文件即可。Kubernetes集群的升级需要仔细规划和准备并按照一定的步骤进行操作。只有在备份数据、选择适当的升级方式、准备新版本、升级Master节点、升级Node节点、验证升级结果等步骤都完成后才能确保集群的升级成功。、StatefulSet等。升级后的检查验证集群状态升级后需要验证集群的状态包括Node节点的状态、Pod的状态、Service的状态等。验证应用程序升级后需要验证应用程序的运行状态确保应用程序正常运行。观察日志如果发现问题可以通过查看日志来排查问题原因。Kubernetes集群升级是一个需要谨慎处理的过程需要充分准备和测试以确保升级过程的顺利和集群的稳定。在升级过程中需要注意备份数据和备份的可用性升级顺序和升级后的检查等问题以确保集群的正常运行和应用程序的稳定性。