Hello learners, in today's blog, we will be learning about upgrading k8s clusters.
๐ The most obvious reason for a Kubernetes cluster upgrade is software ageing. We must upgrade the cluster regularly to stay up with the newest security features
๐ Keeping up with new versions is a key element of your infrastructure security strategy since it allows apps to immediately benefit from new features.
๐ If there are multiple master nodes, in that case, we need to update all the master and worker nodes and their components.
Now let us start with upgrading the master node.
To do that, first, we should drain the node meaning remove all the pods in that node and schedule it to any other node in the controller and make sure that no new pods are scheduled in it. However such evictions (taint based) do not work on static pods and daemon sets
Upgrading master node
Upgrading kubeadm
Now let us start with upgrading the kubeadm, followed by kubectl and kubelet
We upgrade the kubeadm utility using apt/yum
Let us check which version we are currently in using kubeadm version command.
We are currently in v1.21.14
Now using
apt-cache madison kubeadm
command, we can find the latest versions and decide to which version the upgrade can be done.As I am currently in v1.21.14 and we cannot skip the upgrades, we shall upgrade from version to v1.21.14 to v1.22.7 since that is the next stable version
Now, we unhold the kubeadm tool using
apt-mark unhold kubeadm
command meaning kubeadm will now be ready for any new upgrades. In most cases, kubeadm will be on hold after installation to make sure there are no automatic upgrades until and unless intended.Next, we shall download the latest version of kubeadm tool and put it on hold once upgraded
Let's check if the download works and has the expected version:
Now, we shall use the
kubeadm upgrade plan
command which gives us a plan on how the upgrade can be done to the next stable version
Following the note, we shall upgrade the cluster to v1.22.17 using the command kubeadm upgrade apply v1.22.17
since that is the stable version.
Upgrading kubelet and kubectl
We can see that kubeadm upgrade is successful and we can now continue to upgrade kubelet and kubectl
Once the upgrade is done, we shall perform a system restart and check if the master node is upgraded
We have successfully upgraded the maser node to v1.22.17!
In real life scenarios before performing any maintenance activities such as upgrade or backup on the k8s cluster we should make sure that none of the pods running on that cluster is affected by this. To do that we must drain and cordon the nodes on which we wish to perform upgrade
Upgrading worker node
Let's start upgrading the worker node.
Drain and Cordon
We shall cordon the node meaning we can mark the node unschedulable informing the controller to not schedule any new pods in it and drain it meaning empty all the pods from the current node and push it to any other node using respective commands
We shall drain the node using --ignore-daemonsets flag since we know that it is not possible to evict daemon sets
Upgrading kubeadm
Now, we shall start upgrading the worker node just like the master node
Ugrading kubelet and kubectl
We can see that both master and worker nodes are upgraded to v1.22.17
Uncordon the node
Since the upgrade the now complete, we shall uncordon the worker node
Summary
In summary, we upgraded master and worker nodes. For wroker node, we made sure that all the nodes are cordoned and drained before the upgrade