@@ -38,17 +38,17 @@ The upgrade workflow at high level is the following:
3838### Additional information
3939
4040- The instructions below outline when to drain each node during the upgrade process.
41- If you are performing a ** minor** version upgrade for any kubelet, you ** must**
42- first drain the node (or nodes) that you are upgrading. In the case of control plane nodes,
43- they could be running CoreDNS Pods or other critical workloads. For more information see
44- [ Draining nodes] ( /docs/tasks/administer-cluster/safely-drain-node/ ) .
41+ If you are performing a ** minor** version upgrade for any kubelet, you ** must**
42+ first drain the node (or nodes) that you are upgrading. In the case of control plane nodes,
43+ they could be running CoreDNS Pods or other critical workloads. For more information see
44+ [ Draining nodes] ( /docs/tasks/administer-cluster/safely-drain-node/ ) .
4545- All containers are restarted after upgrade, because the container spec hash value is changed.
4646- To verify that the kubelet service has successfully restarted after the kubelet has been upgraded,
47- you can execute ` systemctl status kubelet ` or view the service logs with ` journalctl -xeu kubelet ` .
47+ you can execute ` systemctl status kubelet ` or view the service logs with ` journalctl -xeu kubelet ` .
4848- Usage of the ` --config ` flag of ` kubeadm upgrade ` with
49- [ kubeadm configuration API types] ( /docs/reference/config-api/kubeadm-config.v1beta3 )
50- with the purpose of reconfiguring the cluster is not recommended and can have unexpected results. Follow the steps in
51- [ Reconfiguring a kubeadm cluster] ( /docs/tasks/administer-cluster/kubeadm/kubeadm-reconfigure ) instead.
49+ [ kubeadm configuration API types] ( /docs/reference/config-api/kubeadm-config.v1beta3 )
50+ with the purpose of reconfiguring the cluster is not recommended and can have unexpected results. Follow the steps in
51+ [ Reconfiguring a kubeadm cluster] ( /docs/tasks/administer-cluster/kubeadm/kubeadm-reconfigure ) instead.
5252
5353<!-- steps -->
5454
@@ -58,15 +58,23 @@ Find the latest patch release for Kubernetes {{< skew currentVersion >}} using t
5858
5959{{< tabs name="k8s_install_versions" >}}
6060{{% tab name="Ubuntu, Debian or HypriotOS" %}}
61- apt update
62- apt-cache madison kubeadm
63- # find the latest {{< skew currentVersion >}} version in the list
64- # it should look like {{< skew currentVersion >}}.x-00, where x is the latest patch
61+
62+ ``` shell
63+ # Find the latest {{< skew currentVersion >}} version in the list.
64+ # It should look like {{< skew currentVersion >}}.x-00, where x is the latest patch.
65+ apt update
66+ apt-cache madison kubeadm
67+ ```
68+
6569{{% /tab %}}
6670{{% tab name="CentOS, RHEL or Fedora" %}}
67- yum list --showduplicates kubeadm --disableexcludes=kubernetes
68- # find the latest {{< skew currentVersion >}} version in the list
69- # it should look like {{< skew currentVersion >}}.x-0, where x is the latest patch
71+
72+ ``` shell
73+ # Find the latest {{< skew currentVersion >}} version in the list.
74+ # It should look like {{< skew currentVersion >}}.x-0, where x is the latest patch.
75+ yum list --showduplicates kubeadm --disableexcludes=kubernetes
76+ ```
77+
7078{{% /tab %}}
7179{{< /tabs >}}
7280
@@ -79,75 +87,78 @@ Pick a control plane node that you wish to upgrade first. It must have the `/etc
7987
8088** For the first control plane node**
8189
82- - Upgrade kubeadm:
90+ 1 . Upgrade kubeadm:
91+
92+ {{< tabs name="k8s_install_kubeadm_first_cp" >}}
93+ {{% tab name="Ubuntu, Debian or HypriotOS" %}}
8394
84- {{< tabs name="k8s_install_kubeadm_first_cp" >}}
85- {{% tab name="Ubuntu, Debian or HypriotOS" %}}
86- ``` shell
95+ ``` shell
8796 # replace x in {{< skew currentVersion >}}.x-00 with the latest patch version
8897 apt-mark unhold kubeadm && \
8998 apt-get update && apt-get install -y kubeadm={{< skew currentVersion > }}.x-00 && \
9099 apt-mark hold kubeadm
91100 ```
92- {{% /tab %}}
93- {{% tab name="CentOS, RHEL or Fedora" %}}
94- ``` shell
95- # replace x in {{< skew currentVersion >}}.x-0 with the latest patch version
96- yum install -y kubeadm-{{< skew currentVersion > }}.x-0 --disableexcludes=kubernetes
97- ```
98- {{% /tab %}}
99- {{< /tabs >}}
100- <br />
101101
102- - Verify that the download works and has the expected version:
102+ {{% /tab %}}
103+ {{% tab name="CentOS, RHEL or Fedora" %}}
103104
104- ``` shell
105- kubeadm version
106- ```
105+ ``` shell
106+ # replace x in {{< skew currentVersion >}}.x-0 with the latest patch version
107+ yum install -y kubeadm-{{< skew currentVersion > }}.x-0 --disableexcludes=kubernetes
108+ ```
107109
108- - Verify the upgrade plan:
110+ {{% /tab %}}
111+ {{< /tabs >}}
109112
110- ``` shell
111- kubeadm upgrade plan
112- ```
113+ 1 . Verify that the download works and has the expected version:
113114
114- This command checks that your cluster can be upgraded, and fetches the versions you can upgrade to.
115- It also shows a table with the component config version states.
115+ ``` shell
116+ kubeadm version
117+ ```
116118
117- {{< note >}}
118- ` kubeadm upgrade ` also automatically renews the certificates that it manages on this node.
119- To opt-out of certificate renewal the flag ` --certificate-renewal=false ` can be used.
120- For more information see the [ certificate management guide] ( /docs/tasks/administer-cluster/kubeadm/kubeadm-certs ) .
121- {{</ note >}}
122-
123- {{< note >}}
124- If ` kubeadm upgrade plan ` shows any component configs that require manual upgrade, users must provide
125- a config file with replacement configs to ` kubeadm upgrade apply ` via the ` --config ` command line flag.
126- Failing to do so will cause ` kubeadm upgrade apply ` to exit with an error and not perform an upgrade.
127- {{</ note >}}
119+ 1 . Verify the upgrade plan:
128120
129- - Choose a version to upgrade to, and run the appropriate command. For example:
121+ ``` shell
122+ kubeadm upgrade plan
123+ ```
130124
131- ``` shell
132- # replace x with the patch version you picked for this upgrade
133- sudo kubeadm upgrade apply v{{< skew currentVersion > }}.x
134- ```
125+ This command checks that your cluster can be upgraded, and fetches the versions you can upgrade to.
126+ It also shows a table with the component config version states.
135127
136- Once the command finishes you should see:
128+ {{< note >}}
129+ ` kubeadm upgrade ` also automatically renews the certificates that it manages on this node.
130+ To opt-out of certificate renewal the flag ` --certificate-renewal=false ` can be used.
131+ For more information see the [ certificate management guide] ( /docs/tasks/administer-cluster/kubeadm/kubeadm-certs ) .
132+ {{</ note >}}
137133
138- ```
139- [upgrade/successful] SUCCESS! Your cluster was upgraded to "v{{< skew currentVersion >}}.x". Enjoy!
134+ {{< note >}}
135+ If ` kubeadm upgrade plan ` shows any component configs that require manual upgrade, users must provide
136+ a config file with replacement configs to ` kubeadm upgrade apply ` via the ` --config ` command line flag.
137+ Failing to do so will cause ` kubeadm upgrade apply ` to exit with an error and not perform an upgrade.
138+ {{</ note >}}
140139
141- [upgrade/kubelet] Now that your control plane is upgraded, please proceed with upgrading your kubelets if you haven't already done so.
142- ```
140+ 1 . Choose a version to upgrade to, and run the appropriate command. For example:
141+
142+ ``` shell
143+ # replace x with the patch version you picked for this upgrade
144+ sudo kubeadm upgrade apply v{{< skew currentVersion > }}.x
145+ ```
143146
144- - Manually upgrade your CNI provider plugin.
147+ Once the command finishes you should see:
148+
149+ ```
150+ [upgrade/successful] SUCCESS! Your cluster was upgraded to "v{{< skew currentVersion >}}.x". Enjoy!
151+
152+ [upgrade/kubelet] Now that your control plane is upgraded, please proceed with upgrading your kubelets if you haven't already done so.
153+ ```
145154
146- Your Container Network Interface (CNI) provider may have its own upgrade instructions to follow.
147- Check the [ addons] ( /docs/concepts/cluster-administration/addons/ ) page to
148- find your CNI provider and see whether additional upgrade steps are required.
155+ 1 . Manually upgrade your CNI provider plugin.
149156
150- This step is not required on additional control plane nodes if the CNI provider runs as a DaemonSet.
157+ Your Container Network Interface (CNI) provider may have its own upgrade instructions to follow.
158+ Check the [ addons] ( /docs/concepts/cluster-administration/addons/ ) page to
159+ find your CNI provider and see whether additional upgrade steps are required.
160+
161+ This step is not required on additional control plane nodes if the CNI provider runs as a DaemonSet.
151162
152163** For the other control plane nodes**
153164
@@ -167,60 +178,63 @@ Also calling `kubeadm upgrade plan` and upgrading the CNI provider plugin is no
167178
168179### Drain the node
169180
170- - Prepare the node for maintenance by marking it unschedulable and evicting the workloads:
181+ Prepare the node for maintenance by marking it unschedulable and evicting the workloads:
171182
172- ``` shell
173- # replace <node-to-drain> with the name of your node you are draining
174- kubectl drain < node-to-drain> --ignore-daemonsets
175- ```
183+ ``` shell
184+ # replace <node-to-drain> with the name of your node you are draining
185+ kubectl drain < node-to-drain> --ignore-daemonsets
186+ ```
176187
177188### Upgrade kubelet and kubectl
178189
179- - Upgrade the kubelet and kubectl:
180-
181- {{< tabs name="k8s_install_kubelet" >}}
182- {{% tab name="Ubuntu, Debian or HypriotOS" %}}
183- ``` shell
184- # replace x in {{< skew currentVersion >}}.x-00 with the latest patch version
185- apt-mark unhold kubelet kubectl && \
186- apt-get update && apt-get install -y kubelet={{< skew currentVersion > }}.x-00 kubectl={{< skew currentVersion > }}.x-00 && \
187- apt-mark hold kubelet kubectl
188- ```
189- {{% /tab %}}
190- {{% tab name="CentOS, RHEL or Fedora" %}}
191- ``` shell
192- # replace x in {{< skew currentVersion >}}.x-0 with the latest patch version
193- yum install -y kubelet-{{< skew currentVersion > }}.x-0 kubectl-{{< skew currentVersion > }}.x-0 --disableexcludes=kubernetes
194- ```
195- {{% /tab %}}
196- {{< /tabs >}}
197- <br />
198-
199- - Restart the kubelet:
200-
201- ``` shell
202- sudo systemctl daemon-reload
203- sudo systemctl restart kubelet
204- ```
190+ 1 . Upgrade the kubelet and kubectl:
191+
192+ {{< tabs name="k8s_install_kubelet" >}}
193+ {{% tab name="Ubuntu, Debian or HypriotOS" %}}
194+
195+ ``` shell
196+ # replace x in {{< skew currentVersion >}}.x-00 with the latest patch version
197+ apt-mark unhold kubelet kubectl && \
198+ apt-get update && apt-get install -y kubelet={{< skew currentVersion > }}.x-00 kubectl={{< skew currentVersion > }}.x-00 && \
199+ apt-mark hold kubelet kubectl
200+ ```
201+
202+ {{% /tab %}}
203+ {{% tab name="CentOS, RHEL or Fedora" %}}
204+
205+ ``` shell
206+ # replace x in {{< skew currentVersion >}}.x-0 with the latest patch version
207+ yum install -y kubelet-{{< skew currentVersion > }}.x-0 kubectl-{{< skew currentVersion > }}.x-0 --disableexcludes=kubernetes
208+ ```
209+
210+ {{% /tab %}}
211+ {{< /tabs >}}
212+
213+ 1 . Restart the kubelet:
214+
215+ ``` shell
216+ sudo systemctl daemon-reload
217+ sudo systemctl restart kubelet
218+ ```
205219
206220### Uncordon the node
207221
208- - Bring the node back online by marking it schedulable:
222+ Bring the node back online by marking it schedulable:
209223
210- ``` shell
211- # replace <node-to-uncordon> with the name of your node
212- kubectl uncordon < node-to-uncordon>
213- ```
224+ ``` shell
225+ # replace <node-to-uncordon> with the name of your node
226+ kubectl uncordon < node-to-uncordon>
227+ ```
214228
215229## Upgrade worker nodes
216230
217231The upgrade procedure on worker nodes should be executed one node at a time or few nodes at a time,
218232without compromising the minimum required capacity for running your workloads.
219233
220- The following pages show how to Upgrade Linux and Windows worker nodes:
234+ The following pages show how to upgrade Linux and Windows worker nodes:
221235
222- * [ Upgrade Linux nodes] ( /docs/tasks/administer-cluster/kubeadm/upgrading-linux-nodes/ )
223- * [ Upgrade Windows nodes] ( /docs/tasks/administer-cluster/kubeadm/upgrading-windows-nodes/ )
236+ * [ Upgrade Linux nodes] ( /docs/tasks/administer-cluster/kubeadm/upgrading-linux-nodes/ )
237+ * [ Upgrade Windows nodes] ( /docs/tasks/administer-cluster/kubeadm/upgrading-windows-nodes/ )
224238
225239## Verify the status of the cluster
226240
@@ -280,4 +294,3 @@ and post-upgrade manifest file for a certain component, a backup file for it wil
280294
281295- Fetches the kubeadm ` ClusterConfiguration ` from the cluster.
282296- Upgrades the kubelet configuration for this node.
283-
0 commit comments