Of course we cannot always share details about our work with customers, but nevertheless it is nice to show our technical achievements and share some of our implemented solutions.
Important note: This article was written in 2019 for Rancher 2.0. On more recent Rancher versions, make sure you are using helm3. See this blog article how to upgrade Rancher using helm3.
Until recently, RKE (Rancher Kubernetes Engine) had to be used to upgrade Rancher to a newer version.
Since 2.0.8 it is possible to use helm for this. helm can be compared to the "apt" package manager for Debian based systems, just for Kubernetes nodes. It manages "repositories" and Rancher does offer such a helm repository.
You can initiate the upgrade from any machine you like, as long as you can access the Rancher 2 management URL and you have kubectl and helm installed locally. Read this article to learn how to install kubectl and how to connect to a Rancher 2 cluster. And read the helm installation instructions from Rancher.
Once you have kubectl and helm installed, you can now configure kubectl to connect to your Rancher 2 management cluster.
For this I have prepared a kube config yaml file:
$ export KUBECONFIG=~/.kube/local-teststage.yaml
Verify that you are able to connect to the Kubernetes cluster:
$ kubectl get nodes
NAME STATUS AGE VERSION
192.168.253.15 Ready 98d v1.11.3
192.168.253.16 Ready 98d v1.11.3
192.168.253.17 Ready 98d v1.11.3
Yep, these are the internal IP's of the Rancher 2 cluster "local". I can also verify this in the Rancher 2 UI:
Make sure your local helm version is up to date:
$ helm init --upgrade --service-account tiller
$HELM_HOME has been configured at /srv/ansible/.helm.
Tiller (the Helm server-side component) has been upgraded to the current version.
Happy Helming!
$ helm version
Client: &version.Version{SemVer:"v2.11.0", GitCommit:"2e55dbe1fdb5fdb96b75ff144a339489417b146b", GitTreeState:"clean"}
Server: &version.Version{SemVer:"v2.11.0", GitCommit:"2e55dbe1fdb5fdb96b75ff144a339489417b146b", GitTreeState:"clean"}
As I mentioned before, helm is a package manager using repos. Let's make sure the rancher repository is active:
$ helm repo list
NAME URL
stable https://kubernetes-charts.storage.googleapis.com
local http://127.0.0.1:8879/charts
rancher-stable https://releases.rancher.com/server-charts/stable
Let's get the latest updates from all the listed repos (comparable to apt-get update):
$ helm repo update
Hang tight while we grab the latest from your chart repositories...
...Skip local chart repository
...Successfully got an update from the "rancher-stable" chart repository
...Successfully got an update from the "stable" chart repository
Update Complete. ? Happy Helming!?
Before you upgrade Rancher, check for specific package values (we need them in the upgrade command):
$ helm get values rancher
hostname: rancher2.example.com
ingress:
tls:
source: secret
So here we got two keys/values back:
With this information we can now launch the upgrade:
$ helm upgrade rancher rancher-stable/rancher --set hostname=rancher.example.com --set ingress.tls.source=secret
Release "rancher" has been upgraded. Happy Helming!
LAST DEPLOYED: Thu Feb 14 09:53:04 2019
NAMESPACE: cattle-system
STATUS: DEPLOYED
RESOURCES:
==> v1/Deployment
NAME AGE
rancher 98d
==> v1beta1/Ingress
rancher 98d
==> v1/Pod(related)
NAME READY STATUS RESTARTS AGE
rancher-5dc9f9b886-jhrrm 0/1 Pending 0 0s
rancher-6dc68bb996-j66lw 1/1 Running 1 72d
rancher-6dc68bb996-jrl7k 1/1 Running 0 72d
rancher-6dc68bb996-mjg8t 1/1 Running 0 72d
==> v1/ServiceAccount
NAME AGE
rancher 98d
==> v1/ClusterRoleBinding
rancher 98d
==> v1/Service
rancher 98d
NOTES:
Rancher Server has been installed.
NOTE: Rancher may take several minutes to fully initialize. Please standby while Certificates are being issued and Ingress comes up.
Check out our docs at https://rancher.com/docs/rancher/v2.x/en/
Browse to https://rancher.example.com
Happy Containering!
In the Rancher UI it took a couple of seconds and then the version at the lower left corner changed from 1.2.1 to 1.2.6. The UI also stated that the cluster API is currently unavailable. This took around 5 minutes until it was up again.