KubeZero/admin/upgrade_cluster.sh

185 lines
5.0 KiB
Bash
Raw Normal View History

2022-04-13 16:02:14 +00:00
#!/bin/bash -e
#VERSION="latest"
2023-04-12 11:14:31 +00:00
VERSION="v1.25"
ARGO_APP=${1:-/tmp/new-kubezero-argoapp.yaml}
2022-09-15 09:37:21 +00:00
SCRIPT_DIR=$( cd -- "$( dirname -- "${BASH_SOURCE[0]}" )" &> /dev/null && pwd )
2022-11-09 16:08:22 +00:00
# shellcheck disable=SC1091
. "$SCRIPT_DIR"/libhelm.sh
[ -n "$DEBUG" ] && set -x
2022-04-13 16:02:14 +00:00
all_nodes_upgrade() {
CMD="$1"
2022-09-15 09:37:21 +00:00
echo "Deploy all node upgrade daemonSet(busybox)"
2022-08-24 15:13:39 +00:00
cat <<EOF | kubectl apply -f -
apiVersion: apps/v1
kind: DaemonSet
metadata:
2022-09-15 09:37:21 +00:00
name: kubezero-all-nodes-upgrade
namespace: kube-system
labels:
app: kubezero-upgrade
spec:
selector:
matchLabels:
2022-09-15 09:37:21 +00:00
name: kubezero-all-nodes-upgrade
template:
metadata:
labels:
2022-09-15 09:37:21 +00:00
name: kubezero-all-nodes-upgrade
spec:
hostNetwork: true
hostIPC: true
hostPID: true
tolerations:
- key: node-role.kubernetes.io/master
operator: Exists
effect: NoSchedule
2022-11-09 16:08:22 +00:00
- key: node-role.kubernetes.io/control-plane
operator: Exists
effect: NoSchedule
initContainers:
2022-09-15 09:37:21 +00:00
- name: node-upgrade
image: busybox
command: ["/bin/sh"]
args: ["-x", "-c", "$CMD" ]
volumeMounts:
- name: host
mountPath: /host
- name: hostproc
mountPath: /hostproc
securityContext:
privileged: true
capabilities:
add: ["SYS_ADMIN"]
containers:
2022-09-15 09:37:21 +00:00
- name: node-upgrade-wait
image: busybox
command: ["sleep", "3600"]
volumes:
- name: host
hostPath:
path: /
type: Directory
- name: hostproc
hostPath:
path: /proc
type: Directory
EOF
2022-09-15 09:37:21 +00:00
kubectl rollout status daemonset -n kube-system kubezero-all-nodes-upgrade --timeout 300s
kubectl delete ds kubezero-all-nodes-upgrade -n kube-system
2022-08-24 15:13:39 +00:00
}
2022-04-13 16:02:14 +00:00
control_plane_upgrade() {
TASKS="$1"
2022-11-09 16:08:22 +00:00
echo "Deploy cluster admin task: $TASKS"
cat <<EOF | kubectl apply -f -
2022-04-13 16:02:14 +00:00
apiVersion: v1
kind: Pod
metadata:
2022-09-15 09:37:21 +00:00
name: kubezero-upgrade
2022-04-13 16:02:14 +00:00
namespace: kube-system
labels:
app: kubezero-upgrade
spec:
hostNetwork: true
hostIPC: true
hostPID: true
containers:
- name: kubezero-admin
image: public.ecr.aws/zero-downtime/kubezero-admin:${VERSION}
2022-04-13 16:02:14 +00:00
imagePullPolicy: Always
command: ["kubezero.sh"]
args: [$TASKS]
2022-04-13 16:02:14 +00:00
env:
- name: DEBUG
value: "$DEBUG"
- name: NODE_NAME
valueFrom:
fieldRef:
fieldPath: spec.nodeName
volumeMounts:
- name: host
mountPath: /host
- name: workdir
mountPath: /tmp
securityContext:
capabilities:
add: ["SYS_CHROOT"]
volumes:
- name: host
hostPath:
path: /
type: Directory
- name: workdir
emptyDir: {}
nodeSelector:
node-role.kubernetes.io/control-plane: ""
tolerations:
- key: node-role.kubernetes.io/master
operator: Exists
effect: NoSchedule
- key: node-role.kubernetes.io/control-plane
operator: Exists
2022-04-13 16:02:14 +00:00
effect: NoSchedule
restartPolicy: Never
EOF
2022-09-15 09:37:21 +00:00
kubectl wait pod kubezero-upgrade -n kube-system --timeout 120s --for=condition=initialized 2>/dev/null
while true; do
2022-09-15 09:37:21 +00:00
kubectl logs kubezero-upgrade -n kube-system -f 2>/dev/null && break
sleep 3
done
2022-09-15 09:37:21 +00:00
kubectl delete pod kubezero-upgrade -n kube-system
}
echo "Checking that all pods in kube-system are running ..."
waitSystemPodsRunning
argo_used && disable_argo
#all_nodes_upgrade ""
2023-04-12 11:14:31 +00:00
# Cleanup
# Remove calico CRDs
2023-04-12 16:13:01 +00:00
kubectl delete -f https://git.zero-downtime.net/ZeroDownTime/kubezero/raw/tag/v1.23.11/charts/kubezero-network/charts/calico/crds/crds.yaml 2>/dev/null || true
2023-04-25 10:13:11 +00:00
kubectl delete servicemonitor calico-node -n kube-system || true
2023-04-12 11:14:31 +00:00
# delete old kubelet configs
for cm in $(kubectl get cm -n kube-system --no-headers | awk '{if ($1 ~ "kubelet-config-1*") print $1}'); do kubectl delete cm $cm -n kube-system; done
for rb in $(kubectl get rolebindings -n kube-system --no-headers | awk '{if ($1 ~ "kubelet-config-1*") print $1}'); do kubectl delete rolebindings $rb -n kube-system; done
2022-09-15 09:37:21 +00:00
control_plane_upgrade kubeadm_upgrade
2022-11-09 16:08:22 +00:00
echo "Adjust kubezero values as needed:"
# shellcheck disable=SC2015
argo_used && kubectl edit app kubezero -n argocd || kubectl edit cm kubezero-values -n kube-system
control_plane_upgrade "apply_network, apply_addons, apply_storage"
echo "Checking that all pods in kube-system are running ..."
waitSystemPodsRunning
echo "Applying remaining KubeZero modules..."
2022-09-28 15:41:30 +00:00
control_plane_upgrade "apply_cert-manager, apply_istio, apply_istio-ingress, apply_istio-private-ingress, apply_logging, apply_metrics, apply_argocd"
2022-09-15 11:05:38 +00:00
# Final step is to commit the new argocd kubezero app
kubectl get app kubezero -n argocd -o yaml | yq 'del(.status) | del(.metadata) | del(.operation) | .metadata.name="kubezero" | .metadata.namespace="argocd"' | yq 'sort_keys(..) | .spec.source.helm.values |= (from_yaml | to_yaml)' > $ARGO_APP
2022-09-15 11:05:38 +00:00
echo "Please commit $ARGO_APP as the updated kubezero/application.yaml for your cluster."
2022-09-15 11:05:38 +00:00
echo "Then head over to ArgoCD for this cluster and sync all KubeZero modules to apply remaining upgrades."
echo "<Return> to continue and re-enable ArgoCD:"
2022-11-09 16:08:22 +00:00
read -r
argo_used && enable_argo