[fedora-atomic][k8s] Support operating system upgrade
Along with the kubernetes version upgrade support we just released, we're adding the support to upgrade the operating system of the k8s cluster (including master and worker nodes). It's an inplace upgrade leveraging the atomic/ostree upgrade capability. Story: 2002210 Task: 33607 Change-Id: If6b9c054bbf5395c30e2803314e5695a531c22bcchanges/93/669593/19
parent
1b1d841097
commit
09f85f3746
@ -1,30 +1,38 @@
|
||||
Rolling upgrade is one of most important features user want to see for a
|
||||
managed Kubernetes service. And in Magnum, we're thinking more deeper to
|
||||
provide better user experience.
|
||||
Rolling upgrade is an important feature a user may want for a managed
|
||||
Kubernetes service.
|
||||
|
||||
.. note::
|
||||
|
||||
Kubernetes version upgrade is only supported by the Fedora Atomic and
|
||||
the Fedora CoreOS drivers.
|
||||
|
||||
A user can run a command as shown below to trigger a rolling ugprade for
|
||||
Kubernetes version upgrade or node operating system version upgrade.
|
||||
|
||||
.. code-block:: bash
|
||||
|
||||
#!/bin/bash -x
|
||||
|
||||
IP="192.168.122.1"
|
||||
CLUSTER="797b39e1-fac2-48d3-8377-d6e6cc443d39"
|
||||
CT="e32c8cf7-394b-45e6-a17e-4fe6a30ad64b"
|
||||
|
||||
# Upgrade curl
|
||||
req_body=$(cat << EOF
|
||||
{
|
||||
"max_batch_size": 1,
|
||||
"nodegroup": "master",
|
||||
"cluster_template": "${CT}"
|
||||
}
|
||||
EOF
|
||||
)
|
||||
USER_TOKEN=$(openstack token issue -c id -f value)
|
||||
curl -g -i -X PATCH https://${IP}:9511/v1/clusters/${CLUSTER}/actions/upgrade \
|
||||
-H "OpenStack-API-Version: container-infra latest" \
|
||||
-H "X-Auth-Token: $USER_TOKEN" \
|
||||
-H "Content-Type: application/json" \
|
||||
-H "Accept: application/json" \
|
||||
-H "User-Agent: None" \
|
||||
-d "$req_body"
|
||||
openstack coe cluster upgrade <cluster ID> <new cluster template ID>
|
||||
|
||||
The key parameter in the command is the new cluster template ID. For
|
||||
Kubernetes version upgrade, a newer version for label `kube_tag` should be
|
||||
provided. Downgrade is not supported.
|
||||
|
||||
A simple operating system upgrade can be applied using a new image ID in the
|
||||
new cluster template. However, this entails a downtime for applications running
|
||||
on the cluster, because all the nodes will be rebuilt one by one.
|
||||
|
||||
The Fedora Atomic driver supports a more gradeful operating system upgrade.
|
||||
Similar to the Kubernetes version upgrade, it will cordon and drain the nodes
|
||||
before upgrading the operating system with rpm-ostree command. There are one of
|
||||
two labels which must be provided to support this feature:
|
||||
|
||||
* `ostree_commit`: this is a commit ID of ostree the current system should be
|
||||
upgraded to. An example of a commit ID is
|
||||
`1766b4526f1a738ba1e6e0a66264139f65340bcc28e7045f10cbe6d161eb1925`,
|
||||
* `ostree_remote`: this is a remote name of ostree the current system should be
|
||||
rebased to. An example of a remote name is
|
||||
`fedora-atomic:fedora/29/x86_64/atomic-host`.
|
||||
|
||||
If both labels are present, `ostree_commit` takes precedence. To check if there
|
||||
are updates available, run `sudo rpm-ostree upgrade --check` on the Atomic host
|
||||
which will show you the latest commit ID that can be upgraded to.
|
||||
|
@ -0,0 +1,7 @@
|
||||
---
|
||||
features:
|
||||
- |
|
||||
Along with the kubernetes version upgrade support we just released, we're
|
||||
adding the support to upgrade the operating system of the k8s cluster
|
||||
(including master and worker nodes). It's an inplace upgrade leveraging the
|
||||
atomic/ostree upgrade capability.
|
Loading…
Reference in New Issue