Shulou(Shulou.com)06/02 Report--

Before Rancher 2.3, new versions of Rancher were always released with new versions of Kubernetes. If you want to use the latest version of Kubernetes, you need to upgrade Rancher before you can use it. Rancher 2.3 changed this model-- metadata stores can now be updated for available Kubernetes versions, decoupling the Rancher server upgrade process from the Kubernetes cluster upgrade process.

Kubernetes version control

Version control of the release is described in detail in the Kubernetes documentation, and it is worth mentioning that each version of Kubernetes follows the X.Y.Z format:

X = major version

Y = minor version

Z = fixed version (patch version)

The Kubernetes community releases a minor version (1.14-> 1.15) roughly every three months, and these releases update many of the required features and improvements. Although marked as "minor versions", these versions are still very important!

Updates to patch versions (1.15.1-> 1.15.2) will be more frequent and important because they contain extremely important security and bug fixes for the latest minor versions. They solve the problem:

Security loophole

Fix problems that affect most users that cannot be solved

Customer and product interception based on Kubernetes

Kubernetes officials want the cluster to be "reasonably" updated to the production environment and "roughly" running the latest patch version. They can release three minor versions at the same time. All this means that if your Kubernetes version has some patches after the latest version, and if you want to know "when is the best time to upgrade the cluster", the answer may be to upgrade as soon as possible to ensure that the cluster is secure and reliable. If there are several minor versions behind your version of Kubernetes, the answer is to upgrade now before the upgrade path becomes difficult.

Rancher strives to make the process simple and manageable by implementing "one-click upgrades". Prior to Rancher 2.3, the new version of Rancher always adapted to the latest patch version of Kubernetes. Important security fixes have been migrated to the newly released version, so the new patch version of Kubernetes can be used after the Rancher upgrade.

Decoupling of K8s version and Rancher version

In versions prior to Rancher 2.3, upgrading a Rancher-started cluster to the latest version of Kubernetes required two steps:

1. Upgrade Rancher server

2. Upgrade the Kubernetes version in the downstream cluster

Now, everything is different. In Rancher 2.3, you can upgrade your Kubernetes cluster directly to the latest version without upgrading Rancher. Because Kubernetes metadata in Rancher is decoupled in Rancher 2.3.

The cluster deployed by Rancher runs RKE, an open source Kubernetes distribution of Rancher that allows you to run Docker anywhere. Prior to Rancher 2.3, the information for launching different Kubernetes versions was stored in different places. This data is close to the data in the code base, so updating any value requires a new version of Rancher. There is no place for the system to access the values that need to be passed to the cluster. Rancher 2.3 refactored the entire approach to meet the following requirements:

Continuous delivery of Kubernetes metadata to compatible Rancher server

Clearly map all metadata components to the Kubernetes version

Easy access to all content from Rancher API

Availability and support paths for offline settings

Make it easy to configure to enable or disable the upgrade program and to set the values used in the upgrade

Please note that Kubernetes API changes between two minor versions, so upgrading a minor version may not be successful. For example, API has changed significantly in Kubernetes 1.15, and the maximum version supported in your Rancher server is Kubernetes 1.14. If you want to upgrade Kubernetes to version 1.15 at this time, you need to upgrade Rancher to support Kubernetes 1.15.

Rancher metadata

Rancher periodically synchronizes and downloads metadata, which is not available directly from UI, but users can view it in API.

The RKE metadata configuration determines how often Rancher synchronizes the metadata and where the data is downloaded. You can find it under [Settings] in UI, or you can get it through the / v3/settings/rke-metadata-config path of API. It includes the following options:

Of course, you can also choose to update manually, and the operation address is in the upper right corner: Tools > Drivers > Refresh Kubernetes Metadata. For offline settings, you can choose to copy the URL configuration to the default Rancher metadata repository. You can also download the file containing the desired system image, just click on the Rancher version in the lower left corner of Rancher UI.

The operation is as follows:

The following Kubernetes versions are selected by default at the beginning of Rancher v2.3.0:

Kubernetes released version 1.15.5, which fixes an important CVE, while our current version 1.15.4 is affected by security vulnerabilities.

The Rancher test team tests the new version so that it can be used in Rancher. Users can update the metadata simply by selecting Tools > Drivers > Refresh Kubernetes Metadata.

The latest Kubernetes versions (1.14.8, 1.15.5, and 1.16.2) are now available in the same Rancher version (v2.3.0).

With this change, you can keep the cluster up-to-date as planned, regardless of when Rancher releases the new version of Rancher server.

Rancher is committed to making all aspects of Kubernetes simple, and we will continue to add more features and optimizations, and we look forward to hearing from you!

Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.