1.预备知识
滚动升级(rolling update)是每一次只更新一小部分的副本,成功后再继续更新更多的副本,最终把所有副本更新。
好处:不用停机,实现平滑的升级。
2.Deployment的滚动升级
2.1 Deployment与Replica Set与Pod的关系
如下图所示(网上找的),
一个Deployment管理多个Replica Set,一个Replica Set 管理多个Pod
正因为这样,Deployment能够实现回滚,每一次部署新的Deployment时,都会生成一个新的Replica Set,并且会保留下来,所以以后想回退版本的话,就能直接利用旧的Replica Set回滚回到先前版本。
2.2 开始动手
- 部署一个需要3个Pod的Deployment,镜像为httpd:2.2.31,yam文件如下
apiVersion: apps/v1beta1
kind: Deployment
metadata:
name: httpd
spec:
replicas: 3
minReadySeconds: 5
strategy:
type: RollingUpdate
rollingUpdate:
maxSurge: 1
maxUnavailable: 1
template:
metadate:
labels:
run: httpd
spec:
containers:
- name: httpd
image: httpd:2.2.31
ports:
- containerPort: 80
2.执行部署并查看
[root@ceph1 sector7]# kubectl get deployment -o wide
NAME DESIRED CURRENT UP-TO-DATE AVAILABLE AGE CONTAINERS IMAGES SELECTOR
httpd 3 3 3 1 13s httpd httpd:2.2.31 run=httpd
[root@ceph1 sector7]# kubectl get deployment -o wide
NAME DESIRED CURRENT UP-TO-DATE AVAILABLE AGE CONTAINERS IMAGES SELECTOR
httpd 3 3 3 3 1m httpd httpd:2.2.31 run=httpd
[root@ceph1 sector7]# kubectl get pods -o wide
NAME READY STATUS RESTARTS AGE IP NODE
httpd-9658687dd-7q7fw 1/1 Running 0 1m 10.244.0.36 ceph1
httpd-9658687dd-f9r9t 1/1 Running 0 1m 10.244.2.11 localhost.localdomain
httpd-9658687dd-ql46w 1/1 Running 0 1m 10.244.1.36 ceph3
[root@ceph1 sector7]# kubectl get rs
NAME DESIRED CURRENT READY AGE
httpd-9658687dd 3 3 3 2m
通过Deployment,Replica Set,Pod的名字也可以看出彼此的等级关系:(最后的是随机字符串)
Deployment:httpd
Replica Set:httpd-9658687dd
Pod:httpd-9658687dd-7q7fw
注意当前httpd的版本为:2.2.31,下面开始升级
- 升级
将httpd.yaml文件中的image修改为:httpd:2.2.32
再执行一次部署kubectl apply -f httpd.yaml
再次查看:
[root@ceph1 sector7]# kubectl get deployment -o wide
NAME DESIRED CURRENT UP-TO-DATE AVAILABLE AGE CONTAINERS IMAGES SELECTOR
httpd 3 4 2 2 13m httpd httpd:2.2.32 run=httpd
[root@ceph1 sector7]# kubectl get rs
NAME DESIRED CURRENT READY AGE
httpd-76c8bd9f65 2 2 0 9s
httpd-9658687dd 2 2 2 13m
[root@ceph1 sector7]# kubectl get pods -o wide
NAME READY STATUS RESTARTS AGE IP NODE
httpd-76c8bd9f65-kvzdh 0/1 ContainerCreating 0 2s <none> ceph1
httpd-76c8bd9f65-vfblg 1/1 Running 0 14s 10.244.1.37 ceph3
httpd-76c8bd9f65-wfqkg 1/1 Running 0 15s 10.244.2.12 localhost.localdomain
httpd-9658687dd-f9r9t 0/1 Terminating 0 13m 10.244.2.11 localhost.localdomain
[root@ceph1 sector7]# kubectl get pods -o wide
NAME READY STATUS RESTARTS AGE IP NODE
httpd-76c8bd9f65-kvzdh 1/1 Running 0 16s 10.244.0.37 ceph1
httpd-76c8bd9f65-vfblg 1/1 Running 0 28s 10.244.1.37 ceph3
httpd-76c8bd9f65-wfqkg 1/1 Running 0 29s 10.244.2.12 localhost.localdomain
[root@ceph1 sector7]# kubectl get deployment -o wide
NAME DESIRED CURRENT UP-TO-DATE AVAILABLE AGE CONTAINERS IMAGES SELECTOR
httpd 3 3 3 3 13m httpd httpd:2.2.32 run=httpd
[root@ceph1 sector7]# kubectl get rs
NAME DESIRED CURRENT READY AGE
httpd-76c8bd9f65 3 3 3 4m
httpd-9658687dd 0 0 0 17m
更新完成后,httpd的镜像变为了httpd:2.2.32了。
- 滚动升级过程
通过查看log,kubectl describe deployment httpd
Events:
Type Reason Age From Message
---- ------ ---- ---- -------
Normal ScalingReplicaSet 21m deployment-controller Scaled up replica set httpd-9658687dd to 3
Normal ScalingReplicaSet 8m deployment-controller Scaled up replica set httpd-76c8bd9f65 to 1
Normal ScalingReplicaSet 8m deployment-controller Scaled down replica set httpd-9658687dd to 2
Normal ScalingReplicaSet 8m deployment-controller Scaled up replica set httpd-76c8bd9f65 to 2
Normal ScalingReplicaSet 8m deployment-controller Scaled down replica set httpd-9658687dd to 1
Normal ScalingReplicaSet 8m deployment-controller Scaled up replica set httpd-76c8bd9f65 to 3
Normal ScalingReplicaSet 8m deployment-controller Scaled down replica set httpd-9658687dd to 0
从Message中可以看出,两个Replica Set是逐步更新Pod的,
httpd-9658687dd是最开始的,有3个Pod,httpd-76c8bd9f65是新生成,有0个Pod,依次
httpd-76c8bd9f65 up 为1,httpd-9658687dd down 为2
httpd-76c8bd9f65 up 为2,httpd-9658687dd down 为1
httpd-76c8bd9f65 up 为3,httpd-9658687dd down 为0
当然,滚动升级每次更新的Pod数量是可以指定的,通过两个参数maxSurge和maxUnavailable控制。
- maxSurge
升级过程中,最多可以比原先设定所多出的Pod数量,可以是具体的数值,也可以是百分比(百分比的话向上取整,默认为25%,比如10个,那就是10*25%=2.5,向上取整为3) - maxUnavailable
最多有多少个Pod处于不可用的状态,可以是具体的数值,也可以是百分比(百分比是向下取整,默认为25%)
所以,maxSurge的值越大,初始创建的Pod就越多,maxUnavailable的值越大,初始销毁的旧Pod就越多
- 升级相关的命令操作
- 查询升级状态
kubectl rollout status deployment <deployment_name> - 暂停滚动升级
kubectl rollout pause deployment <deployment_name> - 恢复滚动升级
kubectl rollout resume deployment <deployment_name>
3.回退版本
kubectl apply在每次更新应用的时候,都会记录下当前的配置,保存为一个版本revision,默认情况kubernetes只会保留最近的几个revision,但可以在Deployment的配置文件中指定保存的revision的数量,通过revisionHistoryLimit属性设置。
3.1 验证
将上面的httpd.yaml文件复制三份,分别命名为httpd1.yaml,httpd2.yaml,httpd3.yaml,对应镜像修改为httpd:2.4.16,httpd:2.4.17,httpd:2.4.18.
- 执行部署
[root@ceph1 sector7]# kubectl apply -f httpd1.yaml --record
deployment.apps "httpd" created
[root@ceph1 sector7]# kubectl get deployment -o wide
NAME DESIRED CURRENT UP-TO-DATE AVAILABLE AGE CONTAINERS IMAGES SELECTOR
httpd 3 3 3 3 29s httpd httpd:2.4.16 run=httpd
[root@ceph1 sector7]# kubectl apply -f httpd2.yaml --record
deployment.apps "httpd" configured
[root@ceph1 sector7]# kubectl get deployment -o wide
NAME DESIRED CURRENT UP-TO-DATE AVAILABLE AGE CONTAINERS IMAGES SELECTOR
httpd 3 3 3 3 1m httpd httpd:2.4.17 run=httpd
[root@ceph1 sector7]# kubectl apply -f httpd3.yaml
deployment.apps "httpd" configured
[root@ceph1 sector7]# kubectl get deployment -o wide
NAME DESIRED CURRENT UP-TO-DATE AVAILABLE AGE CONTAINERS IMAGES SELECTOR
httpd 3 3 3 3 5m httpd httpd:2.4.18 run=httpd
由上面信息可知,这一次版本从2.4.16升级到2.4.17再升级到2.4.18,总共有三次操作,而且这一次执行kubectl apply时候加上了--record.
--record的作用是将当前命令记录到revision记录中,如果没加上(比如上面更新为httpd3,.yaml时)在revision记录中会显示为<none>,这样子就无法看出更新的信息。
查看历史版本
[root@ceph1 sector7]# kubectl rollout history deployment httpd
deployments "httpd"
REVISION CHANGE-CAUSE
1 kubectl apply --filename=httpd1.yaml --record=true
2 kubectl apply --filename=httpd2.yaml --record=true
3 <none>
这里的CHANGE_CAUSE就是加上了--record的结果。REVISION就是版本,如果想回退到revision=1,可以执行命令:
kubectl rollout undo deployment httpd --to-revision=1
如果是想回退到上一个版本,则可以不用指定--to-revision
- 总结
所以在执行apply时候需要加上--record对于以后回退版本会比较清晰。
