Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Upgrade docs for v1.12 #10344

Merged
merged 1 commit into from
Sep 26, 2018

Conversation

liztio
Copy link
Contributor

@liztio liztio commented Sep 19, 2018

This is the best-effort upgrade doc for kubeadm clusters currently on v1.11.

Some commands (like everything related to apt-get or rpm) are not testable until the final release comes out.

This should be part of the v1.12.0 documentation, I couldn't tell whether to address this PR to master or release-v1.12.

@k8s-ci-robot k8s-ci-robot added cncf-cla: yes Indicates the PR's author has signed the CNCF CLA. size/L Denotes a PR that changes 100-499 lines, ignoring generated files. labels Sep 19, 2018
@liztio
Copy link
Contributor Author

liztio commented Sep 19, 2018

/cc @Bradamant3

@liztio
Copy link
Contributor Author

liztio commented Sep 19, 2018

/hold
/assign @Bradamant3

@k8sio-netlify-preview-bot
Copy link
Collaborator

Deploy preview for kubernetes-io-master-staging ready!

Built with commit b1b272f

https://deploy-preview-10344--kubernetes-io-master-staging.netlify.com

@k8s-ci-robot k8s-ci-robot added the do-not-merge/hold Indicates that a PR should not merge because someone has issued a /hold command. label Sep 19, 2018
@liztio
Copy link
Contributor Author

liztio commented Sep 19, 2018

This should go out with the initial v1.12 release.

@k8sio-netlify-preview-bot
Copy link
Collaborator

k8sio-netlify-preview-bot commented Sep 19, 2018

Deploy preview for kubernetes-io-master-staging failed.

Built with commit c25acda

https://app.netlify.com/sites/kubernetes-io-master-staging/deploys/5baa440cc965926b6fb95b01

@liztio liztio force-pushed the kubeadm-upgrade-1-11 branch from b1b272f to cca7741 Compare September 19, 2018 20:55
@neolit123
Copy link
Member

new functionality normally goes against the release-xx branches.
the branch can be changed as outlined here, if needed:
https://blog.github.com/2016-08-15-change-the-base-branch-of-a-pull-request/

Copy link
Member

@neolit123 neolit123 left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM, thanks.
found only one typo.

### Additional information

- All containers are restarted after upgrade, because the container spec hash value is changed.
- You can upgrade only froom one minor version to the next minor version. That is, you cannot skip versions when you upgrade. For example, you can upgrade only from 1.10 to 1.11, not from 1.9 to 1.11.
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

froom -> from

@neolit123
Copy link
Member

@kubernetes/sig-cluster-lifecycle-pr-reviews

@k8s-ci-robot k8s-ci-robot added the sig/cluster-lifecycle Categorizes an issue or PR as relevant to SIG Cluster Lifecycle. label Sep 19, 2018
@Bradamant3
Copy link
Contributor

Bradamant3 commented Sep 20, 2018

To other reviewers: I suggested that Liz push this PR against master and we'll merge immediately after the 1.12 release. It occurs to me that we'll need to rebase at that point anyway, but the timing will be fine (hence this particular hold label).

Copy link
Contributor

@xiangpengzhao xiangpengzhao left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

some inline comments.


{{% capture prerequisites %}}

- You need to have a `kubeadm` Kubernetes cluster running version 1.11.0 or later. Swap must be disabled. The cluster should use a static control plane and etcd pods.
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Swap must be disabled

Reference some place (if existing) in other docs where shows how to disable the swap ?

Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Anyway, it's okay as-is.

{{% capture prerequisites %}}

- You need to have a `kubeadm` Kubernetes cluster running version 1.11.0 or later. Swap must be disabled. The cluster should use a static control plane and etcd pods.
- Make sure you read the [release notes](https://github.com/kubernetes/kubernetes/blob/master/CHANGELOG-1.12.md) carefully.
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

s/1.12 release notes/release notes would be better?

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This upgrade doc might be used after 1.13 comes out, so I think this makes sense.

Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I was thinking of that since the link is for 1.12 so it'd be good to show the version in the text. It's okay as-is, anyway :)


1. On your master node, run the following (as root):

export VERSION=$(curl -sSL https://dl.k8s.io/release/stable.txt) # or manually specify a released Kubernetes version
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Format the commands with "```shell" ?


Your Container Network Interface (CNI) provider may have its own upgrade instructions to follow.
Check the [addons](/docs/concepts/cluster-administration/addons/) page to
find your CNI provider and see whther additional upgrade steps are required.
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

s/whther/whether


## Upgrade master and node packages

1. Prepare each host for maintenance, marking it unschedulable and evicting the workload:
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

s/workload/workloads ?

sudo kubeadm upgrade node config --kubelet-version $(kubelet --version | cut -d ' ' -f 2)
```

1. Restart the kubectl process:
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

s/kubectl/kubelet

kubectl uncordon $HOST
```

1. After the kubelet is upgraded on all hosts, verify that all nodes are available again by running the following command from anywhere -- for example, from outside the cluster:
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I think it should be from anywhere the kubectl can access the cluster.

kubectl get nodes
```

The `STATUS` column should show `Ready` for all your hosts, and the version number should be updated.
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I'm not sure whether we want to use hosts or nodes here and some of the other places in this doc, but I think nodes might be more exact in some places.

`kubeadm upgrade apply` does the following:

- Checks that your cluster is in an upgradeable state:
- The API server is reachable,
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

an extra "," ?

@liztio liztio force-pushed the kubeadm-upgrade-1-11 branch from cca7741 to 46164d8 Compare September 20, 2018 13:58
Copy link
Member

@timothysc timothysc left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Could you also delete the following docs in this PR:

Upgrading kubeadm clusters from 1.7 to 1.8
Upgrading kubeadm HA clusters from 1.9.x to 1.9.y
Upgrading/downgrading kubeadm clusters between v1.8 to v1.9

Copy link
Member

@timothysc timothysc left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

minor cleanup then lgtm from me.

That is, you cannot skip versions when you upgrade.
For example, you can upgrade only from 1.10 to 1.11, not from 1.9 to 1.11.
- The default DNS provider in version 1.12 is [CoreDNS](https://coredns.io/) rather than [kube-dns](https://github.com/kubernetes/dns).
To keep `kube-dns`, pass `--feature-gates=CoreDNS=false` to `kubeadm upgrade apply`.
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Please remove this line, we are planning to remove and don't want to support this.

[upgrade/config] FYI: You can look at this config file with 'kubectl -n kube-system get cm kubeadm-config -oyaml'
[upgrade] Fetching available versions to upgrade to
[upgrade/versions] Cluster version: v1.11.3
[upgrade/versions] kubeadm version: v1.12.0-rc.1
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

could you just nix all the -rc.1 bits, b/c the users will never see that on releases.

kubeadm upgrade apply v1.11.0
```

If you currently use `kube-dns` and wish to continue doing so, add `--feature-gates=CoreDNS=false`.
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Again nix this line.

1. Choose a version to upgrade to, and run the appropriate command. For example:

```shell
kubeadm upgrade apply v1.11.0
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

shouldn't this be v1.12.0?

[upgrade/apply] Respecting the --cri-socket flag that is set with higher priority than the config file.
[upgrade/version] You have chosen to change the cluster version to "v1.12.0-rc.1"
[upgrade/versions] Cluster version: v1.11.3
[upgrade/versions] kubeadm version: v1.12.0-rc.1
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

same comment re -rc.1

@liztio liztio force-pushed the kubeadm-upgrade-1-11 branch from 46164d8 to e45d627 Compare September 20, 2018 16:04
@k8s-ci-robot k8s-ci-robot added size/XL Denotes a PR that changes 500-999 lines, ignoring generated files. and removed size/L Denotes a PR that changes 100-499 lines, ignoring generated files. labels Sep 20, 2018
Copy link
Member

@timothysc timothysc left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

/lgtm
/approve

Thx @liztio
@kubernetes/sig-docs-pr-reviews this one is ready to merge!

@k8s-ci-robot k8s-ci-robot added sig/docs Categorizes an issue or PR as relevant to SIG Docs. lgtm "Looks good to me", indicates that a PR is ready to be merged. labels Sep 20, 2018
@timothysc
Copy link
Member

/hold cancel

@k8s-ci-robot k8s-ci-robot removed the do-not-merge/hold Indicates that a PR should not merge because someone has issued a /hold command. label Sep 21, 2018
@Bradamant3
Copy link
Contributor

/hold

This PR is against master. See comment ^^. We can't merge yet.

@k8s-ci-robot k8s-ci-robot added the do-not-merge/hold Indicates that a PR should not merge because someone has issued a /hold command. label Sep 21, 2018
@timothysc
Copy link
Member

@Bradamant3 - at this stage I'm totally ok if it merged. I'd rather be early than late.

@mdlinville
Copy link
Contributor

Why not just rebase it on release-1.12 and it will get into master with 1.12? cc @zparnold

@liztio liztio force-pushed the kubeadm-upgrade-1-11 branch from e45d627 to c25acda Compare September 25, 2018 14:19
@k8s-ci-robot k8s-ci-robot added size/XXL Denotes a PR that changes 1000+ lines, ignoring generated files. and removed lgtm "Looks good to me", indicates that a PR is ready to be merged. size/XL Denotes a PR that changes 500-999 lines, ignoring generated files. labels Sep 25, 2018
@liztio liztio changed the base branch from master to release-1.12 September 25, 2018 14:20
@liztio liztio force-pushed the kubeadm-upgrade-1-11 branch from c25acda to bd4ed78 Compare September 25, 2018 14:22
@k8sio-netlify-preview-bot
Copy link
Collaborator

Deploy preview for kubernetes-io-vnext-staging processing.

Built with commit bd4ed78

https://app.netlify.com/sites/kubernetes-io-vnext-staging/deploys/5baa448d1f12b77804237fd1

@k8s-ci-robot k8s-ci-robot added size/XL Denotes a PR that changes 500-999 lines, ignoring generated files. and removed size/XXL Denotes a PR that changes 1000+ lines, ignoring generated files. labels Sep 25, 2018
@k8sio-netlify-preview-bot
Copy link
Collaborator

Deploy preview for kubernetes-io-vnext-staging processing.

Built with commit bd4ed78

https://app.netlify.com/sites/kubernetes-io-vnext-staging/deploys/5baa448e73f2cf4850ebcce5

@liztio
Copy link
Contributor Author

liztio commented Sep 25, 2018

@MistyHacks done 👍

@Bradamant3
Copy link
Contributor

/lgtm
/approve

@k8s-ci-robot k8s-ci-robot added the lgtm "Looks good to me", indicates that a PR is ready to be merged. label Sep 25, 2018
@k8s-ci-robot
Copy link
Contributor

[APPROVALNOTIFIER] This PR is APPROVED

This pull-request has been approved by: Bradamant3, timothysc

The full list of commands accepted by this bot can be found here.

The pull request process is described here

Needs approval from an approver in each of these files:

Approvers can indicate their approval by writing /approve in a comment
Approvers can cancel approval by writing /approve cancel in a comment

@k8s-ci-robot k8s-ci-robot added the approved Indicates a PR has been approved by an approver from all required OWNERS files. label Sep 25, 2018
@timothysc
Copy link
Member

/hold cancel

@k8s-ci-robot k8s-ci-robot removed the do-not-merge/hold Indicates that a PR should not merge because someone has issued a /hold command. label Sep 26, 2018
@k8s-ci-robot k8s-ci-robot merged commit c1f4b25 into kubernetes:release-1.12 Sep 26, 2018
k8s-ci-robot pushed a commit that referenced this pull request Sep 27, 2018
* Update docs for fields allowed at root of CRD schema (#9973)

* add plugin docs and examples (#10053)

* docs update to promote TaintNodesByCondition to beta (#9626)

* HPA Specificity Improvements (#8757)

Updated the HPA docs to reference the `autoscaling/v2beta2` API version,
and added documentation about the new fields.

* adjust docs for pod ready++ (#10049)

* Remove --cadvisor-port - has been deprecated since v1.10 (#10023)

Change-Id: Id2a685473a243aef492a98ff450759f39e362557

* Add Documentation for Snapshot Feature (#9948)

* Add documentation for snapshot feature

* Update volume-snapshots.md

* Add dry-run to api-concepts (#10033)

* kubeadm-init: Update the offline support section (#10062)

The update includes the following things (in mind with Kubernetes 1.12):

- Remove the 1.8 image versions
- Add the 1.10 image versions that were missing until now
- Include a comment for the missing arch suffixes in 1.12

Signed-off-by: Rostislav M. Georgiev <rostislavg@vmware.com>

* Say bye to `DynamicProvisioningScheduling` (#10157)

The mentioned feature gate is now collapsed into `VolumeScheduling`.

xref: kubernetes/kubernetes#67432

* Update ResourceQuota per PriorityClass state for 1.12 (#10229)

* TokenRequest and TokenRequestProjection now beta (#10161)

xref: kubernetes/kubernetes#67349

* Change feature state for kms provider to beta. (#10230)

KMS Provider will be graduating to beta in v1.12, reflecting this change on the website.

* coredns default (#10200)

* Promote ShareProcessNamespace to beta in docs (#9996)

* Add CoreDNS details to DNS Debug docs (#10201)

* add coredns details

* address nits, add query logging section

* Update docs with topology aware dynamic provisioning (#9939)

* Document topology aware volume binding feature

* update for readability

* Update storage-classes.md

* comma splice

* don't abbreviate

* HPA Algorithm Information Improvements (#9780)

* Update HPA docs with more algorithm details

The HPA docs pointed to an out-of-date document for information on the
algorithm details, which users were finding confusing.  This sticks a
section on the algorithm in the HPA docs instead, documenting both
general behavior and corner cases.

* Add glossary info, HPA docs on quantities

People often ask about the quantity notation when working with the
metrics APIs, so this adds a glossary entry on quantities (since they're
used elsewhere in the system), and a short explantation in the HPA walkthough.

* Information about HPA readiness and stabilization

This adds information about the new changes to HPA readiness and
stabilization from kubernetes/enhancements#591, and other minor changes that
landed in Kubernetes 1.12.

* Update horizontal-pod-autoscale.md

* Audit 1.12 doc (#9953)

* audit 1.12 document

* remove legacy audit feature

kubernetes/kubernetes#65862

* update feature gate doc

* MountPropagation is now GA (#10090)

* RuntimeClass documentation (#10102)

* RuntimeClass documentation

* Update runtime-class.md

* Add documentation for Scheduler performance tuning (#10048)

* Add documentation for Scheduler performance tuning

* Update scheduler-perf-tuning.md

* TTL controller for cleaning up finished resources (#10064)

* TTL controller for cleaning up finished resources

* Address comments

* Update ttlafterfinished.md

* Bump quota configuration api version (#10217)

* Incremental update from master (#10278)

* fix invalid href of cloud controller manager (#10240)

* fix invalid yaml format (#10238)

* update storage-limits doc with Azure disk part (#10224)

update storage-limits doc with Azure disk part

fix comments

* Update kubelet-config-file.md (#10222)

Update link to KubeletConfiguration struct.

* fix a trivial misspelling (#10244)

* Fix cassandra-statefulset.yaml indent level (#10243)

* Mention minimum etcd versions (#10208)

Source: https://groups.google.com/d/msg/kubernetes-dev/jMPA4JzKiY4/HIx2ugvLBAAJ

* fix 404 error (#10250)

* Small verb tweak (#10190)

Present participle, ftw.

* Add AnchorJS logic for header links (#10155)

* Add AnchorJS JavaScript

* Remove existing inpage_heading logic

* Remove underline from anchor tags

* Use single icon and add touch visibility

* Use paragraph link icon for AnchorJS

* Update Sass to use code formatting in docsContent headers

* Update header size coverage to H3-H6

* fix broken link in kubefed.md (#10254)

* Update the version numbers for the X-Remote-Extra- and Impersonate-Extra- key fixes (#9827)

The fix was cherry picked into 1.11.3, 1.10.7, and 1.9.11:

kubernetes/kubernetes#67162
kubernetes/kubernetes#67163
kubernetes/kubernetes#67164

* fix typo (#10168)

* fix typo

* addressing comments.

* Update setup-ha-etcd-with-kubeadm.md

* fix typos (#10252)

* fix description of contribute guide (#10253)

* describe truncate feature about advanced audit (#10236)

* describe truncate feature about advanced audit

* Update audit.md

* docs update to promote ScheduleDaemonSetPods to beta (#9923)

* Dynamic volume limit updates for 1.12 (#10211)

* add a placeholder commit

* Update docs for csi volume limits

* Update storage-limits.md

* Add "MayRunAs" value among other GroupStrategies (#9888)

* Add CoreDNS details to the customize DNS doc (#10228)

* Add CoreDNS details to the customize DNS doc

Rewrite the document to include more details about CoreDNS, since it's now the default from v1.12

* Address comments

* Improve doc wording

* Fix link

* Update dns-custom-nameservers.md

* Update dns-custom-nameservers.md

* Fix secrets docs in 1.12 branch (#10056)

* Fix secrets docs

* Update secret.md

* Revert CoreDNS Docs (#10319)

* Revert "Add CoreDNS details to DNS Debug docs (#10201)"

This reverts commit 462817a.

* Revert "Add CoreDNS details to the customize DNS doc (#10228)"

This reverts commit e7319ee.

* Revert "coredns default (#10200)"

This reverts commit 698e93b.

* Add CRI installation instructions page

Added cri-installation page with CRI installation instructions
Referenced it from kubeadm-init and install-kubeadm pages.

* kubeadm: update API types documentation for 1.12 (#10283)

v1alpha2 -> v1alpha3
MasterConfiguration -> [new-api-types]

* TokenRequest feature documentation (#10295)

* AdvancedAuditing is now GA (#10156)

xref: kubernetes/kubernetes#65862

`AdvancedAuditing` feature is GA in 1.12. This PR adjusts the related
docs.

* update runtime-class.md (#10332)

* update runtime-class.md

* Update runtime-class.md

* Document cross-authorizer permissions for creating RBAC roles (#10015)

* Document cross-authorizer permissions for creating RBAC roles

* Update rbac.md

* kubeadm: update authored content for 1.12 (reference docs and cluster creation) (#10348)

* kubeadm: update authored content in reference docs for 1.12

* kubeadm: add time frame in create-cluster-kubeadm for 1.12

* add AllowedProcMountTypes and ProcMountType to docs (#9911)

Signed-off-by: Jess Frazelle <acidburn@microsoft.com>

* kubeadm: add new command line reference (#10306)

Add:
- placeholder files
- include place holder files
- include "renew" sub command
- add missing tabs for "alpha phase kubelet"

* Documenting SCTP support in Kubernetes (#10279)

* Documenting SCTP support in Kubernetes Service, Endpoint, NetworkPolicy and Pod

* Updates based on comments on the PR

* kubectl expose update with SCTP support

* Updated according to comments in the PR

* Revert "kubectl expose update with SCTP support"

This reverts commit 0d5a1e6.

* TLS Bootstrap and Server Cert Rotation feature documentation (#10232)

* TokenRequest feature documentation

* line wrapping to make review not insane

* update content for GA without major refactor

* Update kubelet-tls-bootstrapping.md

* Add clarifications for volume snapshots (#10296)

* Update kubadm ha installation for 1.12 (#10264)

* Update kubadm ha installation for 1.12

Signed-off-by: Chuck Ha <ha.chuck@gmail.com>

* update stable version

Signed-off-by: Chuck Ha <ha.chuck@gmail.com>

* Update stacked control plane for v1.12 (#2)

* use v1alpha3

Signed-off-by: Chuck Ha <ha.chuck@gmail.com>

* more v1alpha3 (#4)

* updates

Signed-off-by: Chuck Ha <ha.chuck@gmail.com>

* Document how to run in-tree cloud providers with kubeadm (#10357)

Change-Id: Iab6b996a830503d74a6eb0c507c5f8ca7a39235b

* kubeadm reference doc for release 1.12 (#10359)

* Revert "Revert "Add CoreDNS details to DNS Debug docs (#10201)""

This reverts commit bb30f4d.

* Revert "Revert "Add CoreDNS details to the customize DNS doc (#10228)""

This reverts commit bc23d45.

* Revert "Revert "coredns default (#10200)""

This reverts commit 7f4350d.

* add missing instruction for ha guide (#10374)

Signed-off-by: Chuck Ha <ha.chuck@gmail.com>

* kubeadm - Ha upgrade updates (#10340)

* Update HA upgrade docs

* Adds external etcd HA upgrade guide

Signed-off-by: Chuck Ha <ha.chuck@gmail.com>

* copyedit

* more edits

* add runasgroup in psp (#10076)

* update KubeletPluginsWatcher feature gate (#10205)

* generated 1.12 docs

* Building Multi-arch images with Manifests (#10379)

In 1.12, a variety of images used in a typical kubernetes installation
have started to using manifests to better support environments with arm
or ppc64le architectures. For example all images used with kubeadm by
default have manifests, another would be all the tests in the
conformance test suite. Here we capture the best practices for everyone
to start using manifests in their own workflows.

Change-Id: I5ba4c5fe55ffc9486a8251760f3352be4f2e1494

* Upgrade docs for v1.12 (#10344)

* generated assets and docs

* remove 1.7

* update 1.12

* update plugin documentation under docs>tasks>extend-kubectl (#10259)

* update plugin documentation under docs>tasks>extend-kubectl

* Update kubectl-plugins.md
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
approved Indicates a PR has been approved by an approver from all required OWNERS files. cncf-cla: yes Indicates the PR's author has signed the CNCF CLA. lgtm "Looks good to me", indicates that a PR is ready to be merged. sig/cluster-lifecycle Categorizes an issue or PR as relevant to SIG Cluster Lifecycle. sig/docs Categorizes an issue or PR as relevant to SIG Docs. size/XL Denotes a PR that changes 500-999 lines, ignoring generated files.
Projects
None yet
Development

Successfully merging this pull request may close these issues.

8 participants