Here are the steps to upgrade a Kubernetes Cluster:
1 => Upgrade All of the Kubernetes Components on the Control Plane Node
# create a couple of aliases:
alias k=kubectl
alias cl=clear
# Verify OS:
cat /etc/*release
# Ubuntu
# run as root (or sudo user):
# drain maim/controlplane node:
k drain controlplane --ignore-daemonsets --force
# In this case I am upgrading to v 1.24.x, so I need to check if this version is available:
apt update
apt-cache madison kubeadm | grep 1.24
# Update kubeadm:
apt-get update
apt-get install -y --allow-change-held-packages kubeadm=1.24.0-00
# Double check for availability:
kubeadm upgrade plan v1.24.0
# Apply:
kubeadm upgrade apply v1.24.0
# Next, we need to update the kubelet and kubectl:
apt-get update
apt-get install -y --allow-change-held-packages kubelet=1.24.0-00 kubectl=1.24.0-00
systemctl daemon-reload
# Restart the kubelet:
systemctl restart kubelet
# ..and finally, uncordon the main/controlplane node:
k uncordon controlplane
2 => Upgrade All of the Kubernetes Components on the Worker Node(s)
# Note: You must ssh into each worker node, but BEFORE SSHing into ech worker node, you must first drain each worker node
# EX:
k drain worker-node1 --ignore-daemonsets --force
# Then:
ssh worker-node1
apt-get update
apt-get install -y --allow-change-held-packages kubeadm=1.24.0-00
kubeadm upgrade node
apt-get install -y --allow-change-held-packages kubelet=1.24.0-00 kubectl=1.24.0-00
systemctl daemon-reload
systemctl restart kubelet
# exit out of the node:
exit
# Uncordon the worker-node1 node
k uncordon worker-node1
# Repeat steps above for any additional nodes
A quick note on the --allow-change-held-packages
flag that I have appended to the commands to upgrade kubeadm
, kubelet
, and kubectl
:
# without adding the --allow-change-held-packages flag above, I was not able to successfully upgrade my cluster from v1.23 t0 v1.24, I recieved this output to stdout:
1 upgraded, 0 newly installed, 0 to remove a│dnqwm
nd 51 not upgraded. │pod/coredns-64897985d-vsk7d evicted
E: Held packages were changed and -y was use│pod/coredns-64897985d-dnqwm evicted
d without --allow-change-held-packages.
Adding the --allow-change-held-packages
flag remedied the issue.
Cheers and happy coding/troubleshooting!
Comments