This topic describes how to use the VMware Tanzu Kubernetes Grid Integrated Edition Command Line Interface (TKGI CLI) to upgrade TKGI-provisioned Kubernetes clusters.
For information about how to upgrade TKGI-provisioned clusters through the Tanzu Kubernetes Grid Integrated Edition tile, see Verify Errand Configuration in one of the following topics:
For conceptual information about Tanzu Kubernetes Grid Integrated Edition upgrades, see About Tanzu Kubernetes Grid Integrated Edition Upgrades.
Upgrading a TKGI-provisioned Kubernetes cluster updates the Tanzu Kubernetes Grid Integrated Edition version and the Kubernetes version of the cluster.
TKGI-provisioned Kubernetes clusters upgrade when:
tkgi upgrade-cluster
or tkgi upgrade-clusters
as described in Upgrade Clusters below.For example, running tkgi upgrade-cluster
upgrades the cluster you specify to your current version of Tanzu Kubernetes Grid Integrated Edition and to the version of Kubernetes that is included with your current version of Tanzu Kubernetes Grid Integrated Edition.
WARNING: Do not change the number of control plane/etcd nodes for any plan that was used to create currently-running clusters. Tanzu Kubernetes Grid Integrated Edition does not support changing the number of control plane/etcd nodes for plans with existing clusters.
Before upgrading TKGI-provisioned Kubernetes clusters:
tkgi login
. For more information, see Logging in to Tanzu Kubernetes Grid Integrated Edition.
You can upgrade a cluster’s TKGI version to the TKGI version currently running on the TKGI control plane.
To upgrade a cluster’s TKGI version:
Use the TKGI CLI to upgrade the TKGI version on individual or multiple clusters:
To monitor or stop a cluster upgrade, follow the procedures in Manage Your Kubernetes Cluster Upgrade Job below.
Complete the steps in After Upgrading Clusters below.
The Tanzu Kubernetes Grid Integrated Edition CLI provides upgrade-cluster
for upgrading an individual Tanzu Kubernetes Grid Integrated Edition-provisioned Kubernetes cluster.
To upgrade an individual Kubernetes cluster:
Run the following command:
tkgi upgrade-cluster CLUSTER-NAME --pre-check --nodes-parallel PARALLEL-COUNT
Where:
CLUSTER-NAME
is the name of the Kubernetes cluster you want to upgrade.--pre-check
to initially perform an automated cluster pre-check. upgrade-cluster
will validate the cluster and display a status report after performing the pre-check. You must verify that you want the upgrade to proceed after the pre-check completes. For more information, see Upgrade Cluster Validation below.--nodes-parallel
to specify PARALLEL-COUNT
, the number of worker nodes to upgrade in parallel. For more information, see Upgrade Cluster Worker Nodes in Parallel below.For more information about the tkgi upgrade-cluster
command, see tkgi upgrade-cluster in the TKGI CLI documentation.
To upgrade multiple clusters, see Upgrade Multiple Kubernetes Clusters below.
You can request for upgrade-cluster
to validate the cluster before upgrading.
When you request pre-upgrade cluster validation, upgrade-cluster
validates the cluster first and displays a report when validation completes:
If the cluster fails the validation, upgrade-cluster
ends after displaying the validation report.
If the cluster passes the validation, the pre-check prompts you for permission to start the cluster upgrade. You must respond if you want the upgrade-cluster
to proceed.
A cluster fails validation if any of the following conditions are found:
Cluster validation also checks and reports if any cluster certificates will expire within the next 180 days, but this condition does not cause the pre-check to fail.
To upgrade a cluster with pre-upgrade validation:
Run the following command:
tkgi upgrade-cluster CLUSTER-NAME --pre-check
Where CLUSTER-NAME
is the name of the Kubernetes cluster you want to upgrade.
For example:
tkgi upgrade-cluster api-cluster-v3.5 --pre-check
Validating cluster VM storage.
Error: Storage on the following VMs is full. Use the BOSH CLI to investigate.
master/c3de3f6a-e422-5a14-faf6-3ddd22ae52ac
Error: upgrade pre-check failure: VM storage status
You can request for upgrade-cluster
to upgrade multiple cluster worker nodes in parallel.
Three or more worker nodes are required for the parallel upgrade feature to activate:
To upgrade worker nodes in parallel:
Run the following command:
tkgi upgrade-cluster CLUSTER-NAME --nodes-parallel PARALLEL-COUNT
Where PARALLEL-COUNT
is the number of worker nodes to upgrade in parallel. Accepts 1
or 2
. When configured as 1
, the default, parallel upgrading is deactivated.
For example:
tkgi upgrade-cluster example-cluster --nodes-parallel 2
The Tanzu Kubernetes Grid Integrated Edition CLI provides upgrade-clusters
for upgrading multiple Tanzu Kubernetes Grid Integrated Edition-provisioned Kubernetes clusters. You can upgrade clusters serially, serially with some clusters designated as canary clusters, or entirely in parallel.
To upgrade multiple Kubernetes clusters:
Run the following command:
tkgi upgrade-clusters CLUSTER-NAMES
Where CLUSTER-NAMES
is a list of names of the Kubernetes clusters that you want to upgrade.
Note: When using tkgi upgrade-clusters
, the worker nodes within an upgrading cluster are upgraded serially.
For more information about the tkgi upgrade-clusters
command, see tkgi upgrade-clusters in the TKGI CLI documentation.
To upgrade a single cluster, see Upgrade a Single Kubernetes Cluster above.
To upgrade multiple Kubernetes clusters:
Run the following command:
tkgi upgrade-clusters --clusters CLUSTER-NAMES --max-in-flight CLUSTER-COUNT --wait
Where:
CLUSTER-NAMES
is a comma-delimited list of the names of the Kubernetes clusters you want to upgrade.
CLUSTER-COUNT
is the maximum number of clusters to upgrade in parallel within an AZ. The CLUSTER-COUNT
must be less than your TKGI tile > TKGI API Service > Worker VM Max in Flight value. For example, if your TKGI tile Worker VM Max in Flight value remains the default of 4
, run upgrade-clusters
with a –max-in-flight
argument value less than 4
.
Considerations when running tkgi upgrade-clusters
:
--clusters
list fails, the tkgi upgrade-clusters
job continues to a subsequent cluster in the list.--max-in-flight
is not set.--clusters
list is more than the --max-in-flight
value, the first set of clusters are upgraded in parallel and subsequent clusters are queued. As the initial cluster upgrades complete, the remaining clusters are pulled from the queue and upgraded in parallel.--wait
argument.Note: tkgi upgrade-clusters
supports upgrading clusters in parallel. When using tkgi upgrade-clusters
, the worker nodes within an upgrading cluster are upgraded serially.
For example:
$ tkgi upgrade-clusters --clusters k8-cluster-000,k8-cluster-001,k8-cluster-002 --max-in-flight 2 --wait
You are about to upgrade k8-cluster-000, k8-cluster-001 and k8-cluster-002.
Warning: This operation might be long running and might block further operations on the cluster(s) until complete
Continue? (y/n):y
Your taskID for the upgrade task is: d772aba0-2670-4fba-b26c-044b19d6ab60
Started upgrading cluster: k8-cluster-000
Started upgrading cluster: k8-cluster-001
Finished upgrading cluster: k8-cluster-000
Started upgrading cluster: k8-cluster-002
Finished upgrading cluster: k8-cluster-001
Finished upgrading cluster: k8-cluster-002
Upgrade task d772aba0-2670-4fba-b26c-044b19d6ab60 is done.
To upgrade multiple clusters and automatically stop upgrading clusters if a cluster upgrade fails, specify your cluster list as canary clusters. You can specify one or more clusters as canary clusters.
To upgrade multiple clusters with one or more canary clusters:
Run the following command:
tkgi upgrade-clusters --canaries CANARY-CLUSTER-NAMES --clusters CLUSTER-NAMES --wait
Where:
CANARY-CLUSTER-NAMES
is a comma-delimited list of the names of the Kubernetes clusters you want to upgrade as canary clusters.
CLUSTER-NAMES
is a comma-delimited list of Kubernetes clusters to upgrade if all canary clusters successfully upgrade.
Note: The –clusters
argument is required.
Considerations when running tkgi upgrade-clusters
with a --canaries
list:
--canaries
list are upgraded prior to upgrading the clusters in your --clusters
list.tkgi upgrade-clusters
job stops.--clusters
list cluster upgrade fails, the tkgi upgrade-clusters
job continues to a subsequent cluster in the list.tkgi upgrade-clusters
to stop for any cluster upgrade failure, specify only one cluster in your –clusters
list and the remaining clusters in your –canaries
list.--clusters
list in parallel, see Upgrade Clusters in Parallel above.--wait
argument.For example:
$ tkgi upgrade-clusters --canaries k8-cluster-dev,k8-cluster-000,k8-cluster-001 --clusters k8-cluster-002 --wait
You are about to upgrade k8-cluster-dev k8-cluster-000, k8-cluster-001 and k8-cluster-002.
Warning: This operation might be long running and might block further operations on the cluster(s) until complete
Continue? (y/n):y
Your taskID for the upgrade task is: ce31a1bb-380a-453f-afa0-835ffa1ce6ac
Started upgrading cluster: k8-cluster-000
Upgrading cluster succeeded: k8-cluster-000
Started upgrading cluster: k8-cluster-001
Upgrading cluster succeeded: k8-cluster-001
Started upgrading cluster: k8-cluster-dev
Upgrading cluster failed: k8-cluster-dev
Upgrade task ce31a1bb-380a-453f-afa0-835ffa1ce6ac is done.
You can use the TKGI CLI to monitor and manage your Tanzu Kubernetes Grid Integrated Edition-provisioned Kubernetes cluster upgrade jobs:
To review the status of the actions being performed on your clusters, run the following command:
tkgi clusters
For example:
$ tkgi clusters
Upgrade is available to TKGI Version: 1.17.5-build.9
TKGI Version Name k8s Version Plan Name UUID Status Action
1.16.8-build.4 k8-cluster-000 1.25.16 small 9527ebaa-e2fa-422f-a52b-de3c3f0e39a4 succeeded UPGRADE
1.16.8-build.4 k8-cluster-001 1.25.16 small 9527ebaa-e2fa-422f-a52b-de3c3f0e39a4 failed UPGRADE
1.16.8-build.4 k8-cluster-002 1.25.16 small 9527ebaa-e2fa-422f-a52b-de3c3f0e39a4 in progress UPGRADE
1.16.8-build.4 k8-cluster-003 1.25.16 small 9527ebaa-e2fa-422f-a52b-de3c3f0e39a4 queued UPGRADE
To review the status of your upgrade-clusters
job, run the following command:
tkgi task TASKID
Where TASKID
is the ID of the task that was returned when you ran tkgi upgrade-clusters
.
For example:
$ tkgi task ce31a1bb-380a-453f-afa0-835ffa1ce6ac
Your upgrade task is: done
Name Status Start time End time isCanary
k8-cluster-000 succeeded Mon, 14 Oct 2019 12:00:00 PDT Mon, 14 Oct 2019 12:19:54 PDT true
k8-cluster-001 failed Mon, 14 Oct 2019 12:20:00 PDT --- true
To cancel a running upgrade-clusters
job, run the following TKGI CLI command:
tkgi cancel-task TASKID
Where TASKID
is the ID of the task that was returned when you ran tkgi upgrade-clusters
.
Warning: tkgi cancel-task
does not cancel cluster upgrades currently in progress. This command only cancels a job’s pending cluster upgrades.
Complete the following optional procedures after you have upgraded your cluster:
TKGI v1.17 uses Velero v1.10.3. You must upgrade Velero to v1.10.3 on all of your existing clusters.
To upgrade Velero:
Warning: Ensure you have updated the Velero custom resource definitions on your clusters as described in Instructions in Upgrading to Velero 1.10 in the Velero documentation.
If you scaled your cluster up for the upgrade and you prefer to restore your cluster to its original sizing, you can now scale the cluster back down to its previous configuration. VMware recommends that you not scale down your clusters and continue to run them with recommended configurations, reducing the chance of a future outage.