Updating a Managed Service for Kubernetes cluster
To access a Kubernetes cluster, use its name or unique ID that you can get by using this command:
yc managed-kubernetes cluster list
Result:
+----------------------+----------+---------------------+---------+---------+-------------------------+-----------------------+
| ID | NAME | CREATED AT | HEALTH | STATUS | EXTERNAL ENDPOINT | INTERNAL ENDPOINT |
+----------------------+----------+---------------------+---------+---------+-------------------------+-----------------------+
| cati493bu7ia******** | k8s-demo | 2019-11-20 11:26:36 | HEALTHY | RUNNING | https://84.201.174.147/ | https://192.168.0.27/ |
+----------------------+----------+---------------------+---------+---------+-------------------------+-----------------------+
Updating a Managed Service for Kubernetes cluster
Warning
You can only assign a public IP address when creating a Managed Service for Kubernetes cluster. You cannot assign a public IP address to an existing cluster.
You can change the following parameters of a Managed Service for Kubernetes cluster:
-
Name.
-
Description.
-
Resource configuration for the master.
-
Updates policy.
-
List of security groups.
-
Settings for sending logs to Yandex Cloud Logging.
Alert
Do not delete security groups associated with a running Managed Service for Kubernetes cluster as this may disrupt its operation and result in data loss.
-
Subnet mask of the Managed Service for Kubernetes nodes.
Warning
- If you change the subnet mask for a running Managed Service for Kubernetes cluster, it may run out of CIDR blocks. In this case, you will not be able to deploy pods on new node groups.
- After changing the subnet mask, you must recreate the cluster node groups.
Learn how to change a cluster availability zone in Migrating Kubernetes resources to a different availability zone.
To update a Managed Service for Kubernetes cluster:
- Open Managed Service for Kubernetes in the folder where you want to update the Managed Service for Kubernetes cluster.
- Click the name of the Managed Service for Kubernetes cluster.
- Click Edit in the top-right corner.
- Change the parameters in the window that opens.
- Click Save.
If you do not have the Yandex Cloud CLI installed yet, install and initialize it.
By default, the CLI uses the folder specified when creating the profile. To change the default folder, use the yc config set folder-id <folder_ID> command. You can also set a different folder for any specific command using the --folder-name or --folder-id parameter.
To update a Managed Service for Kubernetes cluster:
-
View the description of the CLI command for updating a Managed Service for Kubernetes cluster:
yc managed-kubernetes cluster update --help -
Run the following command providing a list of settings you want to change (not all settings are listed in the example below):
yc managed-kubernetes cluster update <Managed_Service_for_Kubernetes_cluster_name> \ --new-name <new_name_for_Managed_Service_for_Kubernetes_cluster> \ --description <Managed_Service_for_Kubernetes_cluster_description> \ --service-account-id <ID_of_service_account_for_resources> \ --service-account-name <name_of_service_account_for_resources> \ --node-service-account-id <ID_of_service_account_for_Kubernetes_nodes> \ --security-group-ids <list_of_security_group_IDs> \ --master-logging enabled=<send_logs>,` `log-group-id=<log_group_ID>,` `folder-id=<folder_ID>,` `kube-apiserver-enabled=<send_kube-apiserver_logs>,` `cluster-autoscaler-enabled=<send_cluster-autoscaler_logs>,` `events-enabled=<send_Kubernetes_events>` `audit-enabled=<send_audit_events>Where:
-
--new-name: Managed Service for Kubernetes cluster name. -
--description: Managed Service for Kubernetes cluster description. -
--service-account-id,--service-account-name: Service account for managing the Managed Service for Kubernetes cluster. -
--node-service-account-id,--node-service-account-name: Service account for managing the Managed Service for Kubernetes nodes. -
--security-group-ids: Managed Service for Kubernetes cluster security groups.Warning
The configuration of security groups determines performance and availability of the cluster and services running in it.
-
--master-logging: Sending logs to Cloud Logging:enabled: Flag that enables sending logs,trueorfalse.log-group-id: ID of the log group to send logs to.folder-id: ID of the folder to send logs to. Logs will be sent to the log group of the default folder.kube-apiserver-enabled: Flag that enables sending kube-apiserver logs,trueorfalse.cluster-autoscaler-enabled: Flag that enables sendingcluster-autoscalerlogs,trueorfalse.events-enabled: Flag that enables sending Kubernetes events,trueorfalse.audit-enabled: Flag that enables sending audit events,trueorfalse.
If log sending is enabled but neither
log-group-idnorfolder-idis specified, logs will be sent to the default log group in the Managed Service for Kubernetes cluster folder. You cannot specify bothlog-group-idandfolder-idat the same time. -
--version: Kubernetes version. -
--latest-revision: Get all available updates for the current Managed Service for Kubernetes master version. -
--auto-upgrade: Manage automatic Managed Service for Kubernetes cluster updates. -
Managing the maintenance window:
--anytime-maintenance-window: Update at any time.--daily-maintenance-window: Update daily at the selected time.--weekly-maintenance-window: Update on selected days.
-
To update a Managed Service for Kubernetes cluster:
-
Open the current configuration file with the Managed Service for Kubernetes cluster description.
For more information about creating this file, see Creating a Managed Service for Kubernetes cluster.
-
Edit the required parameters in the Managed Service for Kubernetes cluster description.
To edit the settings for sending logs to Cloud Logging, update the
master_loggingsection parameters. If there is no such section, create one.resource "yandex_kubernetes_cluster" "<cluster_name>" { ... master { ... master_logging { enabled = <send_logs> log_group_id = "<log_group_ID>" folder_id = "<folder_ID>" kube_apiserver_enabled = <send_kube-apiserver_logs> cluster_autoscaler_enabled = <send_cluster-autoscaler_logs> events_enabled = <send_Kubernetes_events> audit_enabled = <send_audit_events> } } }Where:
enabled: Flag that enables sending logs,trueorfalse.log_group_id: ID of the log group to send logs to.folder_id: ID of the folder to send logs to. Logs will be sent to the log group of the default folder.kube_apiserver_enabled: Flag that enables sending kube-apiserver logs,trueorfalse.cluster_autoscaler_enabled: Flag that enables sendingcluster-autoscalerlogs,trueorfalse.events_enabled: Flag that enables sending Kubernetes events,trueorfalse.audit_enabled: Flag that enables sending audit events,trueorfalse.
If log sending is enabled but neither
log_group_idnorfolder_idis specified, logs will be sent to the default log group in the Managed Service for Kubernetes cluster folder. You cannot specify bothlog_group_idandfolder_idat the same time. -
Make sure the configuration files are correct.
-
In the command line, navigate to the directory that contains the current Terraform configuration files defining the infrastructure.
-
Run this command:
terraform validateTerraform will show any errors found in your configuration files.
-
-
Confirm updating the resources.
-
Run this command to view the planned changes:
terraform planIf you described the configuration correctly, the terminal will display a list of the resources to update and their parameters. This is a verification step that does not apply changes to your resources.
-
If everything looks correct, apply the changes:
-
Run this command:
terraform apply -
Confirm updating the resources.
-
Wait for the operation to complete.
-
Timeouts
The Terraform provider limits the time for creating and updating a Managed Service for Kubernetes cluster to 30 minutes.
Operations in excess of this time will be interrupted.
How do I modify these limits?
Add a
timeoutsblock to the cluster description, e.g.:resource "yandex_kubernetes_cluster" "<cluster_name>" { ... timeouts { create = "60m" update = "60m" } }For more information, see this Terraform provider guide.
-
Managing Managed Service for Kubernetes cluster cloud labels
You can perform the following actions with Managed Service for Kubernetes cluster cloud labels:
Adding a cloud label
- Open Managed Service for Kubernetes in the folder containing the Managed Service for Kubernetes cluster.
- Click the name of the Managed Service for Kubernetes cluster.
- Click Edit in the top-right corner.
- In the Labels field, click Add label.
- Enter the key and value, and press Enter.
- Click Save.
Run this command:
yc managed-kubernetes cluster add-labels k8s-demo --labels new_label=test_label
Result:
done (1s)
id: abcd123ef4gh********
folder_id: l1m01nopqr1s********
...
description: My test Kubernetes cluster
labels:
new_label: test_label
...
Updating a cloud label
To update a cloud label, you will need to remove and recreate it:
- Open Managed Service for Kubernetes in the folder containing the Managed Service for Kubernetes cluster.
- Click the name of the Managed Service for Kubernetes cluster.
- Click Edit in the top-right corner.
- In the Labels field, click the cross next to the label to remove it.
- Click Add label and enter a key and/or value for the new label.
- Press Enter and click Save.
Run this command:
yc managed-kubernetes cluster update k8s-demo --labels test_label=my_k8s_label
Warning
The existing labels (labels) will be completely overwritten by the ones you provide in your request.
Result:
done (1s)
id: abcd123ef4gh********
folder_id: l1m01nopqr1s********
...
description: My test Kubernetes cluster
labels:
test_label: my_k8s_label
...
Removing a cloud label
- Open Managed Service for Kubernetes in the folder containing the Managed Service for Kubernetes cluster.
- Click the name of the Managed Service for Kubernetes cluster.
- Click Edit in the top-right corner.
- In the Labels field, click the cross next to the label.
- Click Save.
Run this command:
yc managed-kubernetes cluster remove-labels k8s-demo --labels test_label
Result:
done (1s)
id: cati493bu7ia********
folder_id: b1g88tflru0e********
created_at: "2019-11-20T11:26:36Z"
name: k8s-demo
...
Updating the master resource configuration
Note
The feature of selecting and updating a master configuration is at the Preview stage.
-
Open Managed Service for Kubernetes in the folder where you want to update the Managed Service for Kubernetes cluster.
-
Click the name of the Managed Service for Kubernetes cluster.
-
Click Edit in the top-right corner.
-
Under Master configuration, expand the Compute resources section and select a resource configuration for the master.
The selected configuration allocates minimum resources to the master. Depending on the load, the amount of RAM and number of vCPUs will increase automatically.
By default, the following resources are provided for the operation of one master host:
- Platform: Intel Cascade Lake
- Guaranteed vCPU share: 100%
- vCPU: 2
- RAM: 8 GB
-
Click Save.
If you do not have the Yandex Cloud CLI installed yet, install and initialize it.
By default, the CLI uses the folder specified when creating the profile. To change the default folder, use the yc config set folder-id <folder_ID> command. You can also set a different folder for any specific command using the --folder-name or --folder-id parameter.
Specify the required master resource configuration in the cluster modification command:
yc managed-kubernetes cluster update <Managed_Service_for_Kubernetes_cluster_name> \
--master-scale-policy policy=auto,min-resource-preset-id=<master_host_class>
The selected configuration allocates minimum resources to the master. Depending on the load, the amount of RAM and number of vCPUs will increase automatically.
Result:
done (1s)
id: abcd123ef4gh********
folder_id: l1m01nopqr1s********
...
description: My test Kubernetes cluster
master:
scale_policy:
auto_scale:
min_resource_preset_id: <master_host_class>
...
-
Open the current configuration file with the Managed Service for Kubernetes cluster description.
For more information about creating this file, see Creating a Managed Service for Kubernetes cluster.
-
Add or update the master computing resource configuration in the Managed Service for Kubernetes cluster description in the
scale_policysection:resource "yandex_kubernetes_cluster" "<cluster_name>" { ... master { ... scale_policy { auto_scale { min_resource_preset_id = "<master_host_class>" } } } }The selected configuration allocates minimum resources to the master. Depending on the load, the amount of RAM and number of vCPUs will increase automatically.
-
Make sure the configuration files are correct.
-
In the command line, navigate to the directory that contains the current Terraform configuration files defining the infrastructure.
-
Run this command:
terraform validateTerraform will show any errors found in your configuration files.
-
-
Confirm updating the resources.
-
Run this command to view the planned changes:
terraform planIf you described the configuration correctly, the terminal will display a list of the resources to update and their parameters. This is a verification step that does not apply changes to your resources.
-
If everything looks correct, apply the changes:
-
Run this command:
terraform apply -
Confirm updating the resources.
-
Wait for the operation to complete.
-
Timeouts
The Terraform provider limits the time for creating and updating a Managed Service for Kubernetes cluster to 30 minutes.
Operations in excess of this time will be interrupted.
How do I modify these limits?
Add a
timeoutsblock to the cluster description, e.g.:resource "yandex_kubernetes_cluster" "<cluster_name>" { ... timeouts { create = "60m" update = "60m" } }For more information, see this Terraform provider guide.
-
To update the master resource configuration, use the Update method for the Cluster resource and provide the masterSpec.scalePolicy.autoScale.minResourcePresetId parameter in the request.
The selected configuration allocates minimum resources to the master. Depending on the load, the amount of RAM and number of vCPUs will increase automatically.