Openshift集群3.9升级到3.10
2018-08-29 本文已影响171人
潘晓华Michael
Openshift 升级中......
更新方法与策略:自动升级方法
下载openshift-ansible的脚本代码
git clone https://github.com/openshift/openshift-ansible.git
git checkout -b v3.10.0
将master上的/etc/origin/master/htpasswd备份到/root/htpasswd
scp master1:/etc/origin/master/htpasswd /root/htpasswd
openshift_master_identity_providers中的filename去掉
# /etc/ansible/hosts
openshift_master_identity_providers=[{'name': 'htpasswd_auth', 'login':'true','challenge': 'true', 'kind': 'HTPasswdPasswordIdentityProvider'}]
openshift_master_htpasswd_file=/root/htpasswd
屏蔽掉引入[gluster]导致的一个升级错误
在playbooks/common/openshift-cluster/upgrades/v3_10/upgrade_control_plane.yml中会去做对glusterfs与glusterfs_registry的比较,3.9之前未必需这些host group所以需要在ansible/hosts中需要添加该host group
#/etc/ansible/host
[glusterfs]
在ansible/hosts中的nodes列表中添加openshift_node_group_name
......
master openshift_node_group_name='node-config-master'
node openshift_node_group_name='node-config-compute'
infra openshift_node_group_name='node-config-infra'
升级默认的node group configmap
# ansible-playbook -i </path/to/inventory/file> playbooks/openshift-master/openshift_node_group.yml
检测Python OpenSSL版本
python -c 'import OpenSSL.crypto'
# 如果报错则需要升级Python OpenSSL
yum install python2-pip
pip install -U pyopenssl -i https://pypi.douban.com/simple
关闭etcd目录的selinux检查
关闭任务Check selinux label of '{{ etcd_data_dir }}'与Make sure the '{{ etcd_data_dir }}' has the proper label
# roles/etcd/tasks/backup/backup.yml
...
- name: Detecting Atomic Host Operating System
stat:
path: /run/ostree-booted
register: l_ostree_booted
#- name: Check selinux label of '{{ etcd_data_dir }}'
# command: >
# stat -c '%C' {{ etcd_data_dir }}
# register: l_etcd_selinux_labels
#
#- debug:
# msg: "{{ l_etcd_selinux_labels }}"
#
#- name: Make sure the '{{ etcd_data_dir }}' has the proper label
# command: >
# chcon -t svirt_sandbox_file_t "{{ etcd_data_dir }}"
# when:
# - l_etcd_selinux_labels.rc == 0
# - "'svirt_sandbox_file_t' not in l_etcd_selinux_labels.stdout"
- name: Generate etcd backup
command: >
{{ r_etcd_common_etcdctl_command }} backup --data-dir={{ l_etcd_incontainer_data_dir }}
--backup-dir={{ l_etcd_incontainer_backup_dir }}
...
升级集群
# ansible-playbook -i </path/to/inventory/file> playbooks/byo/openshift-cluster/upgrades/v3_10/upgrade.yml
