The most obvious reason for a Kubernetes cluster upgrade is the software aging. We must upgrade the cluster on a regular basis to stay up with the newest security features and bug patches, as well as to take advantage of new features that are published on a regular basis. This is particularly crucial if we have installed a very old version or if we want to automate the procedure so that we are constantly up to date with the newest supported version.
In this blog, we will cover How to Upgrade the Kubernetes Cluster. We have a set of Hands-on Labs that you must perform in order to learn Docker & Kubernetesand clear the CKA certification exam. Cluster Architecture, Installation & Configuration which includes Version Upgrade On a Kubernetes Cluster Using kubeadm, have a total weightage of 25% in the Exam.
The Upgrade Workflow
When you are upgrading the Kubernetes cluster created with kubeadm, the flow should be from version 1.22.x to version 1.23.x, and from version 1.23.x to 1.23.y (where y > x). Skipping MINOR versions when upgrading is unsupported.
The upgrade workflow at a high level is the following:
- Upgrade the primary control plane node.
- Upgrade additional control plane nodes.
- Upgrade worker nodes.
Prerequisites
1) Make sure you have a K8s cluster deployed already.
Learn How To Setup A Three Node Kubernetes Cluster For CKA
2) Make sure you read the release notes carefully.
3) Make sure to back up any important components.
Learn more about Etcd Backup And Restore In Kubernetes
Upgrade master node
Upgrading the control plane consist of the following steps:
- Upgrade kubeadm on the Control Plane node
- Drain the Control Plane node
- Plan the upgrade (kubeadm upgrade plan)
- Apply the upgrade (kubeadm upgrade apply)
- Upgrade kubelet & kubectl on the control Plane node
- Uncordon the Control Plane node
1) Determine which version to upgrade to
$ apt update
$ apt-cache madison kubeadm
2) On the control plane node, run:
$ kubeadm upgrade plan
3) Upgrading kubeadm tool
$ apt-mark unhold kubeadm && \
apt-get update && apt-get install -y kubeadm=1.18.8-00 && \
apt-mark hold kubeadm
4) Verify that the download works and has the expected version:
$ kubeadm version
5) Drain the control plane node:
# replace <cp-node-name> with the name of your control plane node
$ kubectl drain master --ignore-daemonsets --delete-local-data
6) On the control plane node, run:
$ kubeadm upgrade plan
7) On the control plane node, run:
$ kubeadm upgrade apply v1.18.8
8) Uncordon the control plane node:
$ kubectl uncordon <node name>
$ kubectl uncordon master
9) Upgrade kubelet and kubectl
$ apt-mark unhold kubelet kubectl && \
apt-get update && apt-get install -y kubelet=1.18.8-00 kubectl=1.18.8-00 && \
apt-mark hold kubelet kubectl
10) Restart the kubelet
$ systemctl daemon-reload
$ systemctl restart kubelet11) Check Version
$ kubectl get nodes
12) Now again verify the upgrade
$ kubeadm upgrade plan
Congratulations! Your master node is upgraded. Half the way is done.
Upgrade worker nodes
The upgrade procedure on worker nodes should be executed one node at a time or few nodes at a time, without compromising the minimum required capacity for running your workloads.
Upgrading the worker nodes consist of the following steps:
- Drain the node
- Upgrade kubeadm on the node
- Upgrade the kubelet configuration (kubeadm upgrade node)
- Upgrade kubelet & kubectl
- Uncordon the node
1) Check the Version of the worker node From master machine
$ Kubectl get nodes
2) Upgrade kubeadm perform this on Worker Machine
$ apt-mark unhold kubeadm && \
apt-get update && apt-get install -y kubeadm=1.18.8-00 && \
apt-mark hold kubeadm
3) Drain the Worker Node (perform this on master Machine)
$ kubectl drain <node-to-drain> --ignore-daemonsets
$ kubectl drain worker-02 --ignore-daemonsets
4) Upgrade kubelet config on worker node (perform this on Worker Machine)
$ kubeadm upgrade node
5) Upgrade kubelet and kubectl (perform this on Worker Machine)
$ apt-mark unhold kubelet kubectl && \
apt-get update && apt-get install -y kubelet=1.18.8-00 kubectl=1.18.8-00 && \
apt-mark hold kubelet kubectl
6) Restart the kubelet
$ systemctl daemon-reload
$ systemctl restart kubelet7) Uncordon the node (perform this on master Machine)
$ kubectl uncordon worker-02
8) Verify the status of the cluster
$ kubectl get nodes
Hurrah! You are all done with the cluster upgrade.
Conclusion
Keeping up with new versions is a key element of your infrastructure security strategy since it allows apps to immediately benefit from new features.