How To Disable Kernel Update For Kubernetes Nodes

Image : www.oemoffhighway.com

As nosotros know OpenShift clusters are bundled with multiple compute nodes, master nodes, infra nodes etc, it'due south not a big deal to manage node maintenance for OS patching kind of activities. Only nosotros need to ensure we have plenty capacity on other nodes to residuum the workload.

When there is a maintenance work – eg: Kernel patching – we need to exercise this without impacting those pods and awarding running on cluster.

Pace 1 : Disable Scheduling on the node

This is to ensure no more pods can exist scheduled for placement on the node.

Check node status – eg: compute-102

[[e-mail protected] ~]# oc get nodes |grep compute-102
compute-102       Ready                      1y        v1.6.one+5115d708d7

Update to SchedulingDisabled

[[email protected] ~]# oadm manage-node compute-102 --schedulable=imitation
NAME                      STATUS                     Historic period       VERSION
compute-102               Ready,SchedulingDisabled   1y        v1.vi.ane+5115d708d7        

Stride 2 :  Drain or Evacuate pods from the node

Y'all tin only run below command to for this task.

# oc adm drain compute-102        

But about of the fourth dimension information technology will not work as there will be pods with local information or some pods with daemons running. So we need to add additional options such as –ignore-daemonsets, –delete-local-data etc.

[[electronic mail protected] ~]# oc adm drain compute-102 --delete-local-data --ignore-daemonsets  --force
node "compute-102" already cordoned
WARNING: Ignoring DaemonSet-managed pods: logging-fluentd-1gttp; Deleting pods with local storage: myapp-i-1kr16, uysed-25-m7qk4, postgresql-1-xt7bm

And so you can see the warning messages and pods are evacuating from the node compute-102.

• –force  – forcefulness deletion of bare pods
• –delete-local-information – delete even if there are pods using emptyDir (local data that will exist deleted when the node is drained)
• –ignore-daemonsets – ignore daemonset-managed pods

Wait for all pods to remove and something like below.

node "compute-102" drained

Step 3 :  Do your patching or kernel update

And so your node is free now to do whatever kind of activeness since we have disabled scheduling and evacuated all pods.

Allow's verify no pods are running on the node

[[email protected] ~]# oadm manage-node compute-102 --list-pods
Listing matched pods on node: compute-102
Proper name                    READY     Condition    RESTARTS   AGE
logging-fluentd-1gttp   1/1       Running   1          1d

Once you finished your task – eg: patching and rebooting – look for server/node to back online. Yeah, maybe y'all don't need to reboot; it might be a change in configuration.

Footstep 4 : Verify required services are running

On node, make sure openvswitch, docker and atomic-openshift-node.service services are upward and running.

Step 5 : Enable Scheduling

[[e-mail protected] ~]# oadm manage-node compute-102 --schedulable=truthful
Name                      STATUS    Age       VERSION
compute-102               Ready     1y        v1.vi.1+5115d708d7
        

Wait for nodes getting pods and do some bank check.

That's it

Source: https://www.techbeatly.com/openshift-cluster-how-to-drain-or-evacuate-a-node-for-maintenance/

Posted by: joneshishismand.blogspot.com

Share this post