|NO.Z.00097|——————————|^^ 升级 ^^|——|KuberNetes&二进制升级.V08|——|kubernetes组件|coredns.v.1.7.0——>v.1.8.4|
一、升级kubernetes.coredns
### --- coredns官方coredns官方GitHub:源码地址
~~~ https://github.com/coredns/coredns.git
### --- 下载coredns的版本包
~~~ git clone https://github.com/coredns/deployment.git
### --- coredns升级说明
~~~ 若是集群中使用的是kube-dns插件,直接使用 ./deploy.sh | kubeclt apply -f -
~~~ 然后再把kube-dns的deployment删除掉即可:kubectl delete --namespace=kube-system deployment kube-dns
~~~ coredns做了一个脚本,直接替换kube-dns服务
~~~ 若是没有使用kube-dns;此环境使用的就是coredns;直接使用-s参数;直接跳过从kube-dns转化coredns的配置二、备份coredns;升级coredns:v1.7.0——>v1.8.4
### --- 获取coredns:1.8.4的版本包
~~~ 获取coredns版本包
[root@k8s-master01 coredns]# pwd
/root/upgrade/coredns
[root@k8s-master01 coredns]# git clone https://github.com/coredns/coredns.git### --- 备份coredns配置资源
~~~ # 查看coredns的配置资源
[root@k8s-master01 ~]# kubectl get configmap -n kube-system -owide
NAME DATA AGE
configmap/coredns 1 54d
[root@k8s-master01 ~]# kubectl get deployment -n kube-system -owide
NAME READY UP-TO-DATE AVAILABLE AGE CONTAINERS IMAGES SELECTOR
deployment.apps/coredns 1/1 1 1 54d coredns registry.cn-beijing.aliyuncs.com/dotbalo/coredns:1.7.0 k8s-app=kube-dns~~~ # 备份coredns配置文件
[root@k8s-master01 ~]# mkdir upgrade/coredns.bak
[root@k8s-master01 ~]# kubectl get configmap coredns -n kube-system -oyaml > upgrade/coredns.bak/coredns-cm.yaml
[root@k8s-master01 ~]# kubectl get deployment coredns -n kube-system -oyaml > upgrade/coredns.bak/coredns-dp.yaml~~~ # 查看coredns的ClusterRole 和clusterrolebinding
[root@k8s-master01 ~]# kubectl get clusterrole system:coredns
NAME CREATED AT
system:coredns 2021-05-10T12:37:55Z
[root@k8s-master01 ~]# kubectl get clusterrolebinding system:coredns
NAME ROLE AGE
system:coredns ClusterRole/system:coredns 54d~~~ # 备份coredns的ClusterRole和ClusterRoleBinding
[root@k8s-master01 ~]# kubectl get clusterrole system:coredns -oyaml > upgrade/coredns.bak/cr.yaml
[root@k8s-master01 ~]# kubectl get clusterrolebinding system:coredns -oyaml > upgrade/coredns.bak/crb.yaml三、升级coredns版本
### --- 查看coredns的版本
[root@k8s-master01 ~]# kubectl get po -n kube-system -owide
NAME READY STATUS RESTARTS AGE IP NODE NOMINATED NODE READINESS GATES
coredns-867d46bfc6-r9g28 1/1 Running 2 53d 172.18.195.37 k8s-master03 <none> <none>
[root@k8s-master01 ~]# kubectl get po -n kube-system coredns-867d46bfc6-r9g28 -oyaml | grep image
image: registry.cn-beijing.aliyuncs.com/dotbalo/coredns:1.7.0### --- 升级coredns
[root@k8s-master01 kubernetes]# pwd
/root/upgrade/coredns/deployment/kubernetes~~~ # 查看coredns.deploy的配置文件
[root@k8s-master01 kubernetes]# ./deploy.sh -s
~~~ # 升级coredns
[root@k8s-master01 kubernetes]# ./deploy.sh -s | kubectl apply -f -
[root@k8s-master01 ~]# kubectl get po -n kube-system -owide
NAME READY STATUS RESTARTS AGE IP NODE NOMINATED NODE READINESS GATES
coredns-746fcb4bc5-p9r7r 0/1 ContainerCreating 0 15s <none> k8s-master02 <none> <none>### --- 查看coredns更新后版本
[root@k8s-master01 ~]# kubectl get po coredns-746fcb4bc5-p9r7r -n kube-system -oyaml | grep image
image: coredns/coredns:1.8.4四、验证coredns是否升级成功
### --- 验证一:coredns通过pod验证是否正常解析
~~~ # 验证一:通过容器访问测试是否正常解析
[root@k8s-master01 ~]# kubectl get po -owide
NAME READY STATUS RESTARTS AGE IP NODE NOMINATED NODE READINESS GATES
demo-nginx-6bdcdcc585-rzdwf 2/2 Running 0 33m 172.16.122.129 k8s-master02 <none> <none>~~~ # 注:443端口是通的,说明是可以正常解析的
[root@k8s-master01 ~]# kubectl exec -ti demo-nginx-6bdcdcc585-rzdwf -- bash
root@demo-nginx-6bdcdcc585-rzdwf:/# curl kubernetes:443
Client sent an HTTP request to an HTTPS server.### --- 验证二:使用宿主机测试是否正常解析
~~~ # 进入容器查看resolv.conf文件的配置信息
[root@k8s-master01 ~]# kubectl get po -owide
NAME READY STATUS RESTARTS AGE IP NODE NOMINATED NODE READINESS GATES
demo-nginx-6bdcdcc585-rzdwf 2/2 Running 0 33m 172.16.122.129 k8s-master02 <none> <none>
[root@k8s-master01 ~]# kubectl exec -ti demo-nginx-6bdcdcc585-rzdwf -- bash~~~ # 查看添加的resolve.conf配置文件信息
~~~ 注:每个添加的pod会自动添加一个resolv.conf文件
~~~ 注:把resolv.conf配置到宿主机上,宿主机就可以解析到kubernetes中的service
root@demo-nginx-6bdcdcc585-rzdwf:/# cat /etc/resolv.conf
nameserver 10.96.0.10
search default.svc.cluster.local svc.cluster.local cluster.local
options ndots:5~~~ # 在宿主机上配置kubernetes容器的resolve.conf文件
~~~ 注:其它的配置注释掉
[root@k8s-master01 ~]# vim /etc/resolv.conf
nameserver 10.96.0.10
search default.svc.cluster.local svc.cluster.local cluster.local
options ndots:5~~~ # 查看service信息并解析
~~~ 注:telnet正常解析,说明coredns升级完成后是可用的。
[root@k8s-master01 ~]# kubectl get svc --all-namespaces
NAMESPACE NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE
kube-system kube-dns ClusterIP 10.96.0.10 <none> 53/UDP,53/TCP,9153/TCP 53d
[root@k8s-master01 ~]# telnet kube-dns.kube-system 53
Trying 10.96.0.10...
Connected to kube-dns.kube-system.
Escape character is '^]'.Walter Savage Landor:strove with none,for none was worth my strife.Nature I loved and, next to Nature, Art:I warm'd both hands before the fire of life.It sinks, and I am ready to depart
——W.S.Landor
浙公网安备 33010602011771号
