Les étapes suivantes décrivent la mise à jour du cluster K8S de Marvinpac. Cette procédure peut être utilisée également pour ajouter des noeuds au cluster, ou changer sa configuration.
Warning
Adapter la branche à la dernière release stable de Kubespray.
cd /tmp
git clone --single-branch --depth=1 --branch v2.26.0 git@github.com:kubernetes-sigs/kubespray.git
cd kubespray/inventory/
git clone --depth 1 git@github.com:marvinpac-it/mvp-cluster.git
cd ..# Si python 3 et venv ne sont pas encore installés
sudo apt install python3.10-venv
python3 -m venv venv
source venv/bin/activate
pip install -U -r requirements.txtNote
S'assurer d'avoir la clé privée flatcar_ssh.pem (Vaultwarden) au bon endroit.
Warning
Adapter kube_version à la dernière version supportée par Kubespray. La version supportée peut être trouvée dans le README.md en version stable de Kubernetes. Attention à ne pas prendre le README.md de la branche master mais de bien afficher la release en question. https://github.com/kubernetes-sigs/kubespray/tree/release-2.25?tab=readme-ov-file#supported-components
ansible-playbook -i inventory/mvp-cluster/hosts.yaml -u core --key-file ~/.ssh/flatcar_ssh.pem -b upgrade-cluster.ymlKubespray 1.26.0 fails on Flatcar OS. I created an issue and PR, as the PR is not yet merged, a workaround is the following command for installation:
ansible-playbook -i inventory/mvp-cluster/hosts.yaml -u core --key-file ~/.ssh/flatcar_ssh.pem -b -e '{"ansible_interpreter_python_fallback":['/opt/bin/python']}' upgrade-cluster.ymlOnce this first bug resolved, a second one appears which is fixed by applying the following patch: kubernetes-sigs/kubespray#11224
curl -LO "https://dl.k8s.io/release/v1.30.4/bin/linux/amd64/kubectl"
chmod +x kubectl
./kubectl version
sudo mv kubectl /usr/local/bin/kubectl
sudo chown root:root /usr/local/bin/kubectlkubectl version
Client Version: v1.30.4
Kustomize Version: v5.0.4-0.20230601165947-6ce0bf390ce3
Server Version: v1.30.4ssh -i ~/.ssh/flatcar_ssh.pem core@flatcar01 "sudo cat /etc/kubernetes/admin.conf | sed 's/127\.0\.0\.1/flatcar01/g'" > ~/.kube/configDe temps en temps il peut être bon de revoir la partie inventaire en la comparant à celle qui est fournie comme example.
Un diff entre inventory/sample et inventory/mvp-cluster (ce repo) permet de revoir ce qui a été ajouté dans l'exemple
depuis que ce repo a été créé. S'il y a des sections nouvelles on peut les incorporer.
diff -r inventory/sample/ inventory/mvp-cluster/Output:
diff -r inventory/sample/group_vars/all/all.yml inventory/mvp-cluster/group_vars/all/all.yml
3c3
< bin_dir: /usr/local/bin
---
> bin_dir: /opt/bin
diff -r inventory/sample/group_vars/k8s_cluster/addons.yml inventory/mvp-cluster/group_vars/k8s_cluster/addons.yml
100,101c100,101
< ingress_nginx_enabled: false
< # ingress_nginx_host_network: false
---
> ingress_nginx_enabled: true
> ingress_nginx_host_network: false
105a106,109
> # - key: "node-role.kubernetes.io/master"
> # operator: "Equal"
> # value: ""
> # effect: "NoSchedule"
110,112c114,116
< # ingress_nginx_namespace: "ingress-nginx"
< # ingress_nginx_insecure_port: 80
< # ingress_nginx_secure_port: 443
---
> ingress_nginx_namespace: "ingress-nginx"
> ingress_nginx_insecure_port: 80
> ingress_nginx_secure_port: 443
120,121c124,129
< # ingress_nginx_extra_args:
< # - --default-ssl-certificate=default/foo-tls
---
> ingress_nginx_extra_args:
> - --default-ssl-certificate=ingress-nginx/star-marvinpac-com
> - --publish-status-address=192.168.77.149
> - --update-status=true
> - --controller-class=k8s.io/ingress-nginx
> - --watch-ingress-without-class=true
123,124c131,132
< # ingress_nginx_class: nginx
< # ingress_nginx_without_class: true
---
> ingress_nginx_class: nginx
> ingress_nginx_without_class: true
138a147,148
> # - key: node-role.kubernetes.io/master
> # effect: NoSchedule