Upgrade Kubernetes the boring way

© Copyright 2018 Pivotal Software, Inc. All rights Reserved. Version 1.0
Upgrade Kubernetes the
boring way
Oleksandr Slynko
@alex_sly

Cloud Foundry Container Runtime
● Instantiate, deploy, and manage highly available Kubernetes clusters
● Rolling upgrades

Cloud Foundry Container Runtime
● Instantiate, deploy, and manage highly available Kubernetes clusters
● Rolling upgrades
● We have fancy mascot

About 15% of Kubernetes users are 2 major
versions behind, and 10% use unsupported
versions.
According SIG Apps survey

https://www.reddit.com/r/kubernetes/comments/8lok2i/do_upgrade_to_v188_v193_and_v1100_or_your/

Why people don’t upgrade?
● Don’t know how
● Don’t want to affect applications uptime
● If it works, don’t touch it

How to upgrade Keep the applications
running
Prepare to the upgrade

Plan on Kubernetes.io
https://kubernetes.io/docs/tasks/administer-cluster/cluster-management/#upgrading-a-
cluster

Plan
etcdetcd etcd
mastermaster master
nodenode node nodenode node

Plan
1. Upgrade etcd
2. Upgrade master
3. Upgrade worker

Plan
1. Upgrade etcd
2. Upgrade master
3. Upgrade worker
0. Backup

Plan
1. Upgrade etcd
2. Upgrade master
3. Upgrade worker
0. Backup
-1. Check cluster health

Healthcheck
kubectl get componentstatus
kubectl get nodes
kubectl get pods --all-namespaces --field-selector
'status.phase!=Running,status.phase!=Succeeded'

Backup
● Etcdctl or Ark
● Know how to restore backup
● Practice in restoring
● Test your backups

etcd
etcdetcd etcd
mastermaster master
etcd
https://kubernetes.io/docs/tasks/administer-cluster/configure-upgrade-etcd/

Working cluster
etcdetcd etcd
mastermaster master

Master
etcdetcd etcd
mastermaster master
master
LOAD BALANCER

Working cluster in mixed mode
etcdetcd etcd
mastermaster master
LOAD BALANCER

Working cluster in mixed mode (mostly)
etcdetcd etcd
mastermaster master

Node
node

AZ 1 AZ 2 AZ 3
node

How to upgrade cluster without
downtime?

HA Applications
● Replicas
● Anti-affinity
● Readiness & liveness probes
● Graceful shutdown
● Pre & post stop hooks (ie https://github.com/kubernetes/ingress-nginx/issues/322)
● PodDisruptionBudget

kubectl drain ${node_name} --force --ignore-daemonsets
Drain node
node
node
AZ 1
node

Drain node
node
node
AZ 1
node

Wait for disks to be detached
node
node
AZ 1
node

Node is clean
node
node
AZ 1
node

kubectl delete node "${node_name}" --ignore-not-found
Delete the node
node
node
AZ 1
node

etcdetcd etcd
mastermaster master

Plan
1. Upgrade etcd
2. Upgrade master
3. Upgrade worker
4. Check cluster health
0. Backup
-1. Check cluster health

“If it hurts, do it more often.”

How to upgrade cluster without
downtime continuously?

● Test that everything can be deployed on new version
Test deployment

✓ All basic Kubernetes resources must survive upgrades
✓ CRDs that you use must survive as well
✓ Write sample app to measure downtime
✓ Check that new applications can be deployed on the cluster
✓ Check that settings haven’t changed
Test upgrade

Recap
How to upgrade
1. Check the cluster health
2. Backup
3. Upgrade etcd
4. Upgrade master
5. Upgrade worker
6. Check the cluster health
Keep the applications
running
● Make applications HA
● Cordon and drain nodes
● It takes time
Prepare to the upgrade
● Test deployability of a new
cluster
● Test upgrades

● Automate upgrades
● Do maintenance during working hours
● Don’t write your own installer
Bonus

Upgrade Kubernetes the boring way

More Related Content

What's hot

Similar to Upgrade Kubernetes the boring way

Recently uploaded

Upgrade Kubernetes the boring way