Kubernetes 滚动升级

Kubernetes Rolling Upgrade 背景

Kubernetes 是一个很好的容器应用集群管理工具，尤其是采用ReplicaSet这种自动维护应用生命周期事件的对象后，将容器应用管理的技巧发挥得淋漓尽致。在容器应用管理的诸多特性中，有一个特性是最能体现Kubernetes强大的集群应用管理能力的，那就是滚动升级。

滚动升级的精髓在于升级过程中依然能够保持服务的连续性，使外界对于升级的过程是无感知的。整个过程中会有三个状态，全部旧实例，新旧实例皆有，全部新实例。旧实例个数逐渐减少，新实例个数逐渐增加，最终达到旧实例个数为0，新实例个数达到理想的目标值。

kubernetes 滚动升级

Kubernetes 中采用ReplicaSet（简称RS）来管理Pod实例。如果当前集群中的Pod实例数少于目标值，RS 会拉起新的Pod，反之，则根据策略删除多余的Pod。Deployment正是利用了这样的特性，通过控制两个RS里面的Pod，从而实现升级。
滚动升级是一种平滑过渡式的升级，在升级过程中，服务仍然可用。这是kubernetes作为应用服务化管理的关键一步。服务无处不在，并且按需使用。这是云计算的初衷，对于PaaS平台来说，应用抽象成服务，遍布整个集群，为应用提供随时随地可用的服务是PaaS的终极使命。
1.ReplicaSet
关于RS的概念大家都很清楚了，我们来看看在k8s源码中的RS。

type ReplicaSetController struct { kubeClient clientset.Interface podControl controller.PodControlInterface // internalPodInformer is used to hold a personal informer. If we're using // a normal shared informer, then the informer will be started for us. If // we have a personal informer, we must start it ourselves. If you start // the controller using NewReplicationManager(passing SharedInformer), this // will be null internalPodInformer framework.SharedIndexInformer // A ReplicaSet is temporarily suspended after creating/deleting these many replicas. // It resumes normal action after observing the watch events for them. burstReplicas int // To allow injection of syncReplicaSet for testing. syncHandler func(rsKey string) error // A TTLCache of pod creates/deletes each rc expects to see. expectations *controller.UIDTrackingControllerExpectations // A store of ReplicaSets, populated by the rsController rsStore cache.StoreToReplicaSetLister // Watches changes to all ReplicaSets rsController *framework.Controller // A store of pods, populated by the podController podStore cache.StoreToPodLister // Watches changes to all pods podController framework.ControllerInterface // podStoreSynced returns true if the pod store has been synced at least once. // Added as a member to the struct to allow injection for testing. podStoreSynced func() bool lookupCache *controller.MatchingCache // Controllers that need to be synced queue *workqueue.Type // garbageCollectorEnabled denotes if the garbage collector is enabled. RC // manager behaves differently if GC is enabled. garbageCollectorEnabled bool }

这个结构体位于pkg/controllers/replicaset,这里我们可以看出，RS最主要的几个对象，一个是针对Pod的操作对象-podControl.看到这个名字就知道，这个对象是控制RS下面的Pod的生命周期的，我们看看这个PodControl所包含的方法。

// PodControlInterface is an interface that knows how to add or delete pods // created as an interface to allow testing. type PodControlInterface interface { // CreatePods creates new pods according to the spec. CreatePods(namespace string, template *api.PodTemplateSpec, object runtime.Object) error // CreatePodsOnNode creates a new pod accorting to the spec on the specified node. CreatePodsOnNode(nodeName, namespace string, template *api.PodTemplateSpec, object runtime.Object) error // CreatePodsWithControllerRef creates new pods according to the spec, and sets object as the pod's controller. CreatePodsWithControllerRef(namespace string, template *api.PodTemplateSpec, object runtime.Object, controllerRef *api.OwnerReference) error // DeletePod deletes the pod identified by podID. DeletePod(namespace string, podID string, object runtime.Object) error // PatchPod patches the pod. PatchPod(namespace, name string, data []byte) error }