Upgrade Notes of Knative (from v1.13 to v1.14)
2024年06月16日
Knative supports upgrading by a single minor version number. For example, if you have v1.13.1 installed, you must upgrade to v1.14.1 before attempting to upgrade to v1.15.1.
To upgrade, apply the YAML files for the subsequent minor versions of all your installed Knative components and features, remembering to only upgrade by one minor version at a time.
If you get below error message, double check the network access rules to allow communications could be established and initiated from the machine that execute the commands used in this document to the K8s API server.
The target port is TCP:443.
Install the Knative Serving component
Install the required custom resources
% kubectl apply -f https://github.com/knative/serving/releases/download/knative-v1.14.1/serving-crds.yaml
Install the core components of Knative Serving
% kubectl apply -f https://github.com/knative/serving/releases/download/knative-v1.14.1/serving-core.yaml
Install a networking layer
The following procedure shows instructions for installing a networking layer.
Install Istio and enable its Knative integration.
Install a properly configured Istio
% kubectl apply -l knative.dev/crd-install=true -f \
https://github.com/knative/net-istio/releases/download/knative-v1.10.0/istio.yaml
kubectl apply -l knative.dev/crd-install=true -f \
https://github.com/knative/net-istio/releases/download/knative-v1.10.1/istio.yaml
% kubectl apply -f \
https://github.com/knative/net-istio/releases/download/knative-v1.10.0/istio.yaml
kubectl apply -f \
https://github.com/knative/net-istio/releases/download/knative-v1.10.1/istio.yaml
kubectl apply -l knative.dev/crd-install=true -f https://github.com/knative/net-istio/releases/download/knative-v1.14.1/istio.yaml
kubectl apply -f https://github.com/knative/net-istio/releases/download/knative-v1.14.1/istio.yaml
Install the Knative Istio controller
% kubectl apply -f \
https://github.com/knative/net-istio/releases/download/knative-v1.14.1/net-istio.yaml
% kubectl get namespace knative-serving -o 'go-template={{index .metadata.labels "app.kubernetes.io/version"}}'
istio.yaml
Upgrade Knative from 1.13.1 to 1.14.1
Check the current Knative version.
If Knative wa installed with YAML, to verify the version of the Knative component that you have running on your cluster, query for the app.kubernetes.io/version label in corresponding component namespace.
% kubectl get namespace knative-serving -o 'go-template={{index .metadata.labels "app.kubernetes.io/version"}}'
1.13.1%
Knative supports upgrading by a single minor version number. For example, if you have v1.13.1 installed, you must upgrade to v1.14.1 before attempting to upgrade to v1.15.1.
To upgrade, apply the YAML files for the subsequent minor versions of all your installed Knative components and features, remembering to only upgrade by one minor version at a time.
If you get below error message, double check the network access rules to allow communications could be established and initiated from the machine that execute the commands used in this document to the K8s API server.
... Error from server (InternalError): error when creating "https://github.com/knative/serving/releases/download/knative-v1.14.1/serving-core.yaml": Internal error occurred: failed calling webhook "webhook.serving.knative.dev": failed to call webhook: Post "https://webhook.knative-serving.svc:443/defaulting?timeout=10s": context deadline exceeded ...Check the webhook service.
... knative-serving webhook ClusterIP 172.20.63.79 <none> 9090/TCP,8008/TCP,443/TCP 674d ...
The target port is TCP:443.
...
- name: https-webhook
port: 443
protocol: TCP
targetPort: 8443
...
Install the Knative Serving component
Install the required custom resources
% kubectl apply -f https://github.com/knative/serving/releases/download/knative-v1.14.1/serving-crds.yaml
customresourcedefinition.apiextensions.k8s.io/certificates.networking.internal.knative.dev configured customresourcedefinition.apiextensions.k8s.io/configurations.serving.knative.dev configured customresourcedefinition.apiextensions.k8s.io/clusterdomainclaims.networking.internal.knative.dev configured customresourcedefinition.apiextensions.k8s.io/domainmappings.serving.knative.dev configured customresourcedefinition.apiextensions.k8s.io/ingresses.networking.internal.knative.dev configured customresourcedefinition.apiextensions.k8s.io/metrics.autoscaling.internal.knative.dev configured customresourcedefinition.apiextensions.k8s.io/podautoscalers.autoscaling.internal.knative.dev configured customresourcedefinition.apiextensions.k8s.io/revisions.serving.knative.dev configured customresourcedefinition.apiextensions.k8s.io/routes.serving.knative.dev configured customresourcedefinition.apiextensions.k8s.io/serverlessservices.networking.internal.knative.dev configured customresourcedefinition.apiextensions.k8s.io/services.serving.knative.dev configured customresourcedefinition.apiextensions.k8s.io/images.caching.internal.knative.dev configured
Install the core components of Knative Serving
% kubectl apply -f https://github.com/knative/serving/releases/download/knative-v1.14.1/serving-core.yaml
namespace/knative-serving configured role.rbac.authorization.k8s.io/knative-serving-activator configured clusterrole.rbac.authorization.k8s.io/knative-serving-activator-cluster configured clusterrole.rbac.authorization.k8s.io/knative-serving-aggregated-addressable-resolver configured clusterrole.rbac.authorization.k8s.io/knative-serving-addressable-resolver configured clusterrole.rbac.authorization.k8s.io/knative-serving-namespaced-admin configured clusterrole.rbac.authorization.k8s.io/knative-serving-namespaced-edit configured clusterrole.rbac.authorization.k8s.io/knative-serving-namespaced-view configured clusterrole.rbac.authorization.k8s.io/knative-serving-core configured clusterrole.rbac.authorization.k8s.io/knative-serving-podspecable-binding configured serviceaccount/controller configured clusterrole.rbac.authorization.k8s.io/knative-serving-admin configured clusterrolebinding.rbac.authorization.k8s.io/knative-serving-controller-admin configured clusterrolebinding.rbac.authorization.k8s.io/knative-serving-controller-addressable-resolver configured serviceaccount/activator configured rolebinding.rbac.authorization.k8s.io/knative-serving-activator configured clusterrolebinding.rbac.authorization.k8s.io/knative-serving-activator-cluster configured customresourcedefinition.apiextensions.k8s.io/images.caching.internal.knative.dev configured certificate.networking.internal.knative.dev/routing-serving-certs unchanged customresourcedefinition.apiextensions.k8s.io/certificates.networking.internal.knative.dev configured customresourcedefinition.apiextensions.k8s.io/configurations.serving.knative.dev configured customresourcedefinition.apiextensions.k8s.io/clusterdomainclaims.networking.internal.knative.dev configured customresourcedefinition.apiextensions.k8s.io/domainmappings.serving.knative.dev configured customresourcedefinition.apiextensions.k8s.io/ingresses.networking.internal.knative.dev configured customresourcedefinition.apiextensions.k8s.io/metrics.autoscaling.internal.knative.dev configured customresourcedefinition.apiextensions.k8s.io/podautoscalers.autoscaling.internal.knative.dev configured customresourcedefinition.apiextensions.k8s.io/revisions.serving.knative.dev configured customresourcedefinition.apiextensions.k8s.io/routes.serving.knative.dev configured customresourcedefinition.apiextensions.k8s.io/serverlessservices.networking.internal.knative.dev configured customresourcedefinition.apiextensions.k8s.io/services.serving.knative.dev configured image.caching.internal.knative.dev/queue-proxy configured configmap/config-autoscaler configured configmap/config-defaults configured configmap/config-deployment configured configmap/config-domain configured configmap/config-features configured configmap/config-gc configured configmap/config-leader-election configured configmap/config-logging configured configmap/config-network configured configmap/config-observability configured configmap/config-tracing configured horizontalpodautoscaler.autoscaling/activator configured poddisruptionbudget.policy/activator-pdb configured deployment.apps/activator configured service/activator-service configured deployment.apps/autoscaler configured service/autoscaler configured deployment.apps/controller configured service/controller configured horizontalpodautoscaler.autoscaling/webhook configured poddisruptionbudget.policy/webhook-pdb configured deployment.apps/webhook configured service/webhook configured validatingwebhookconfiguration.admissionregistration.k8s.io/config.webhook.serving.knative.dev configured mutatingwebhookconfiguration.admissionregistration.k8s.io/webhook.serving.knative.dev configured validatingwebhookconfiguration.admissionregistration.k8s.io/validation.webhook.serving.knative.dev configured secret/webhook-certs configured
Install a networking layer
The following procedure shows instructions for installing a networking layer.
Install Istio and enable its Knative integration.
Install a properly configured Istio
% kubectl apply -l knative.dev/crd-install=true -f \
https://github.com/knative/net-istio/releases/download/knative-v1.10.0/istio.yaml
kubectl apply -l knative.dev/crd-install=true -f \
https://github.com/knative/net-istio/releases/download/knative-v1.10.1/istio.yaml
% kubectl apply -f \
https://github.com/knative/net-istio/releases/download/knative-v1.10.0/istio.yaml
kubectl apply -f \
https://github.com/knative/net-istio/releases/download/knative-v1.10.1/istio.yaml
kubectl apply -l knative.dev/crd-install=true -f https://github.com/knative/net-istio/releases/download/knative-v1.14.1/istio.yaml
kubectl apply -f https://github.com/knative/net-istio/releases/download/knative-v1.14.1/istio.yaml
Install the Knative Istio controller
% kubectl apply -f \
https://github.com/knative/net-istio/releases/download/knative-v1.14.1/net-istio.yaml
clusterrole.rbac.authorization.k8s.io/knative-serving-istio configured gateway.networking.istio.io/knative-ingress-gateway configured gateway.networking.istio.io/knative-local-gateway configured service/knative-local-gateway configured configmap/config-istio configured peerauthentication.security.istio.io/webhook configured peerauthentication.security.istio.io/net-istio-webhook configured deployment.apps/net-istio-controller configured deployment.apps/net-istio-webhook configured secret/net-istio-webhook-certs configured service/net-istio-webhook configured mutatingwebhookconfiguration.admissionregistration.k8s.io/webhook.istio.networking.internal.knative.dev configured validatingwebhookconfiguration.admissionregistration.k8s.io/config.webhook.istio.networking.internal.knative.dev configured certificate.networking.internal.knative.dev/routing-serving-certs configured
% kubectl get namespace knative-serving -o 'go-template={{index .metadata.labels "app.kubernetes.io/version"}}'
1.14.1
Archived
Check Istio version.client version: 1.15.0 control plane version: 1.17.1 data plane version: 1.17.1 (3 proxies), 1.16.3 (4 proxies)
istio.yaml
...
~#line 10014:
apiVersion: apps/v1
kind: Deployment
metadata:
labels:
app: istio-ingressgateway
...
image: docker.io/istio/proxyv2:1.21.1
...
~#line 10236:
apiVersion: apps/v1
kind: Deployment
metadata:
labels:
app: istiod
...
image: docker.io/istio/pilot:1.21.1
...