Kubeadm Upgrade

A few posts back, I revisited setting up a Kubernetes cluster from scratch with Kubeadm. In this post, I’m going to cover upgrading a Kubeadm deployed cluster.

The Kubernetes version I deployed previously is v1.26.1 and now 1.26.2 is available. So lets go through the process of upgrading to 1.26.2. The first thing you should do (not covered here) is to backup your Kubernetes cluster. In the event you encounter an issue that Kubeadm cannot recover from, the backup is your next recourse. At a minimum, make a backup of the etcd database.

To find the latest release of K8s, we can look at https://github.com/kubernetes/kubernetes/releases. Here we see a 1.27.0 alpha pre-release is posted, and the latest is 1.26.2. (Steps also available in this repo)

Kubeadm will upgrade our control plane from one minor version up to the next minor version. So if we’re on 1.26.x, we can upgrade up to 1.27.x. If you are more than one minor version behind your goal, you’ll need to upgrade in interations.

Beginning on a control plane node, sudo kubeadm upgrade plan <k8s version> will provide us with a synopsis of our current and target versions, along with any manual upgrade requirements.  The first thing we see of importance is `Note: Before you can perform this upgrade, you have to update kubeadm to v1.26.2.`. If you recall from the previous post on installing with Kubeadm, we installed kubeadm, kubelet, and kubectl on each node. We also used the apt package manager to mark those packages with a hold (To prevent them from accidentally being upgraded to mismatching versions). So we’ll remove the hold (or override it) and upgrade those components per node beginning with the control plane.

The first step will be to locate the kubeadm, kubectl, and kubelet apt package versions. On ubuntu, you can use apt-cache policy kubeadm | grep v1.26. In this case, it will return 1.26.2-00. This is the version we will supply to apt-get. This should be performed on the first control plane node we’re upgrading. We will eventually repeat this on other control plane and all worker nodes.

sudo apt-get update && sudo apt-get -y –allow-change-held-packages install kubelet=1.26.2-00 kubeadm=1.26.2-00 kubectl=1.26.2-00

After performing the step above, we have upgraded our required bin components on the node. The next step (If our control plane is configured to have pods scheduled to it) is to cordon the node and drain it.

kubectl cordon <cp-node-name>

kubectl drain <cp-node-name> --ignore-daemonsets

sudo kubeadm upgrade apply v1.26.2

kubectl uncordon <cp-node-name>

After the above steps are completed, you should have an upgraded control plane and node. For other control plane nodes, repeat the steps, but use sudo kubeadm upgrade node instead of upgrade apply.

Finally, update kubelet, kubeadm, and kubectl on all worker nodes. That’s all there is to it. Upgrading your CSI and CNI plugins is a separate task. Refer to your CSI and CNI plugin documentation. Updating your container runtime is a separate task, refer to your container runtime documentation.