卸载 Knative serving GKE 插件

从集群中卸载 Knative serving“GKE 插件”,包括相关资源和标签。

在此任务中,迁移脚本用于从集群中仅移除“GKE 插件”,所有现有 Knative serving 资源都会保留在集群中并继续传送流量。

准备工作

概览

卸载 GKE 插件包括:

  1. 确认节点池满足升级要求。
  2. 应用迁移标签并创建准入 webhook ValidatingWebhookConfiguration,以防止在以下命名空间中删除 Knative Serving 资源:
    • knative-serving
    • cloud-run-system
    • gke-system
  3. 卸载“GKE 插件”,包括从 Knative serving 资源中移除相关的管理器标签。

    请注意,此过程可能运行 10 分钟以上。

  4. 添加 appdevexperience-operator 注解。

  5. 移除不适用于舰队的过时 cloudrun.operator.run.cloud.google.com 资源。

卸载 Knative serving GKE 插件

在本部分中,迁移脚本用于卸载“GKE 插件”。

  1. 运行以下命令以启动迁移脚本:

    ./migration-addon.sh --command uninstall-cloudrun-addon
    
  2. 在终端中,迁移脚本会提示您进行确认,以执行每项操作。输入 y 以开始此过程,并在每次提示时输入以继续。

    卸载“GKE 插件”期间的提示类似于以下内容:

    In this process, the script performs the following:
    1. Validating the node pool to make sure it meets the requirements for
       upgrading. Confirming node pool requirements for
       my-gcp-project/us-central1-c/my-gke-cluster...
    2. Applying the required migration labels
       namespace/knative-serving labeled
    3. Create a ValidatingWebhookConfiguration admission webhook to prevent
       the deletion of resources under the following namespaces:
       knative-serving, cloud-run-system, and gke-system
    Continue? [Y/n] y
    
    validatingwebhookconfiguration.admissionregistration.k8s.io/prevent-deletion-cloud-run-resources created
    ValidatingWebhookConfiguration prevent-deletion-cloud-run-resources for preventing deleting Knative serving resources is effective.
    
    4. Uninstall the Knative serving GKE add-on? Your
    Knative serving resources remain in your cluster.
    Continue? [Y/n] y
    
    Updating my-gke-cluster...
    
    5. Removing the add-on manager labels and adding the Operator related
      annotations. This step will take about 10 minutes.
    
    customresourcedefinition.apiextensions.k8s.io/certificates.networking.internal.knative.dev annotated
    
    6. Clean up unused stale Knative serving operator.
    
    cloudrun.operator.run.cloud.google.com "cloud-run" deleted
    No resources found
    
    Knative serving GKE add-on is successfully uninstalled.
    
  3. 运行以下命令,验证“GKE 插件”为 disabled 状态:

    gcloud container clusters describe ${CLUSTER_NAME} --region ${CLUSTER_LOCATION} --project ${PROJECT_ID} --format='get(addonsConfig.cloudRunConfig.disabled)'
    

    如果“GKE 插件”从集群中成功移除,则返回 True

后续步骤

迁移到 Cloud Service Mesh

回滚

如果您需要回滚通过上述步骤所做的更改,则可以使用迁移脚本执行以下操作:

  • 重新启用 Knative serving“GKE 插件”。
  • 移除 ValidatingWebhookConfiguration 准入网络钩子。

如需开始回滚过程,请执行以下操作:

  1. 运行以下命令以启动迁移脚本:

    ./migration-addon.sh --command rollback-uninstall-cloudrun-addon
    
  2. 在终端中,迁移脚本会提示您进行确认,以执行每项操作。在每次提示时输入 y 以继续。

    重新启用“GKE 插件”期间的提示类似于以下内容:

    In this step, the script performs the following:
      1. Enable Knative serving GKE add-on
      2. Remove the ValidatingWebhookConfiguration added for uninstalling addon
    Continue? [Y/n] Y
    
    1. Enable Knative serving GKE add-on?
    Continue? [Y/n] Y
    
    Updating my-gke-cluster...done.
    Knative serving GKE add-on is enabled
    
    2. Remove the ValidatingWebhookConfiguration added for uninstalling addon?
    Continue? [Y/n] Y
    
    Removing the ValidatingWebhookConfiguration used to prevent deletion
    
  3. 验证 Knative serving“GKE 插件”已重新启用:

    gcloud container clusters describe ${CLUSTER_NAME} --region ${CLUSTER_LOCATION} --project ${PROJECT_ID} --format='get(addonsConfig.cloudRunConfig)'
    

    如果该插件在集群中运行,则返回插件的配置详细信息。示例:

    loadBalancerType=LOAD_BALANCER_TYPE_EXTERNAL