Pre-upgrade Check
The system performs a comprehensive pre-upgrade check before the cluster upgrade. If the cluster does not meet the pre-upgrade check conditions, the upgrade cannot continue. To prevent upgrade risks, you can perform pre-upgrade check according to the check items provided by this section.
No. |
Check Item |
Description |
---|---|---|
1 |
|
|
2 |
Check whether the current user is in the upgrade blocklist. |
|
3 |
|
|
4 |
Check whether the current HelmRelease record contains discarded Kubernetes APIs that are not supported by the target cluster version. If yes, the Helm chart may be unavailable after the upgrade. |
|
5 |
Check whether CCE can connect to your master nodes. |
|
6 |
Check the node pool status. |
|
7 |
Check whether the security group allows the master node to access nodes using ICMP. |
|
8 |
|
|
9 |
Check whether the node needs to be migrated. |
|
10 |
Check whether there are discarded resources in the clusters. |
|
11 |
Read the version compatibility differences and ensure that they are not affected. The patch upgrade does not involve version compatibility differences. |
|
12 |
Check whether cce-agent on the current node is of the latest version. |
|
13 |
Check whether the CPU usage of the node exceeds 90%. |
|
14 |
|
|
15 |
|
|
16 |
|
|
17 |
Check whether the key directory /var/paas on the nodes contain files with abnormal owners or owner groups. |
|
18 |
Check whether the kubelet on the node is running properly. |
|
19 |
Check whether the memory usage of the node exceeds 90%. |
|
20 |
Check whether the clock synchronization server ntpd or chronyd of the node is running properly. |
|
21 |
Check whether the OS kernel version of the node is supported by CCE. |
|
22 |
Check whether the number of CPUs on the master node is greater than 2. |
|
23 |
Check whether the Python commands are available on a node. |
|
24 |
|
|
25 |
Check whether the nodes in the cluster are ready. |
|
26 |
Check whether journald of a node is normal. |
|
27 |
Check whether the containerd.sock file exists on the node. This file affects the startup of container runtime in the Euler OS. |
|
28 |
Before the upgrade, check whether an internal error occurs. |
|
29 |
Check whether inaccessible mount points exist on the node. |
|
30 |
Check whether the taint needed for cluster upgrade exists on the node. |
|
31 |
Check whether there are any compatibility restrictions on the current everest add-on. |
|
32 |
Check whether the current cce-controller-hpa add-on has compatibility restrictions. |
|
33 |
Check whether the current cluster version and the target version support enhanced CPU policy. |
|
34 |
Check whether the container runtime and network components on the worker nodes are healthy. |
|
35 |
Check whether the Kubernetes, container runtime, and network components of the master nodes are healthy. |
|
36 |
Check whether the resources of Kubernetes components, such as etcd and kube-controller-manager, exceed the upper limit. |
|
37 |
The system scans the audit logs of the past day to check whether the user calls the deprecated APIs of the target Kubernetes version.
NOTE:
Due to the limited time range of audit logs, this check item is only an auxiliary method. APIs to be deprecated may have been used in the cluster, but their usage is not included in the audit logs of the past day. Check the API usage carefully. |
|
38 |
If IPv6 is enabled for a CCE Turbo cluster, check whether the target cluster version supports IPv6. |
|
39 |
Check whether NetworkManager of a node is normal. |
|
40 |
Check the ID file format. |
|
41 |
When you upgrade a CCE cluster to v1.19 or later, the system checks whether the following configuration files have been modified in the background. |
|
42 |
Check whether the configuration files of key components exist on the node. |
|
43 |
Check whether the current CoreDNS key configuration Corefile is different from the Helm release record. The difference may be overwritten during the add-on upgrade, affecting domain name resolution in the cluster. |
|
44 |
Check whether the sudo commands and sudo-related files of the node are working. |
|
45 |
Check whether some key commands that the node upgrade depends on are working. |
|
46 |
The docker/containerd.sock file on the node is mounted to the pod through a hostPath. During the upgrade, Docker/containerd restarts, but the sock file in the container does not change. As a result, an error may occur in your services. |
|
47 |
Check whether the certificate used by an HTTPS load balancer has been modified on ELB. |
|
48 |
Check whether the default mount directory and soft link on the node have been manually mounted or modified. |
|
49 |
Check whether user paas is allowed to log in to a node. |
|
50 |
Check whether the load balancer associated with a Service is allocated with a private IPv4 address. |
|
51 |
Check whether the source version of the cluster is earlier than v1.11 and the target version is later than v1.23. |
|
52 |
Check whether the CIDR block of the cluster management plane is the same as that configured on the backbone network. |
|
53 |
The GPU add-on is involved in the upgrade, which may affect the GPU driver installation during the creation of a GPU node. |
|
54 |
Check whether the default system parameter settings on your nodes are modified. |
|
55 |
Check whether there are residual package versions in the current cluster. |
|
56 |
Check whether the commands required for the upgrade are available on the node. |
|
57 |
Check whether swap has been enabled on cluster nodes. |
|
58 |
Check whether there are compatibility issues that may occur during nginx-ingress upgrade. |
Feedback
Was this page helpful?
Provide feedbackThank you very much for your feedback. We will continue working to improve the documentation.See the reply and handling status in My Cloud VOC.
For any further questions, feel free to contact us through the chatbot.
Chatbot