Last active
August 20, 2025 20:46
-
-
Save dejanu/89ec2565d3a923a368f5dc046259e2b9 to your computer and use it in GitHub Desktop.
Revisions
-
dejanu revised this gist
Aug 20, 2025 . 1 changed file with 4 additions and 1 deletion.There are no files selected for viewing
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters. Learn more about bidirectional Unicode charactersOriginal file line number Diff line number Diff line change @@ -43,7 +43,9 @@ kubectl annotate no NODE kubeadm.alpha.kubernetes.io/cri-socket="unix:///var/run sudo kubeadm upgrade plan 1.30.2 # apply the upgrade: # the upgrade command is idempotent: it updates crontrol-plane components (API server, controller manager, scheduler) and includes an etcd upgrade (if necessary) # do not apply the cluster-wide upgrade, they just upgrade themselves to match the first node. sudo kubeadm upgrade apply 1.30.2 ... [upgrade/staticpods] This can take up to 5m0s @@ -57,6 +59,7 @@ sudo kubeadm upgrade apply 1.30.2 kubectl uncordon $control_plane # for the other control plane nodes # do not apply the cluster-wide upgrade, they just upgrade themselves to match the first node. sudo kubeadm upgrade node ``` -
Oct 1, 2024 . 1 changed file with 14 additions and 10 deletions.There are no files selected for viewing
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters. Learn more about bidirectional Unicode charactersOriginal file line number Diff line number Diff line change @@ -14,23 +14,24 @@ kubectl get no -owide ```bash # drain to prepare kubelet upgrade # --disable-eviction bypass checking PodDisruptionBudgets # --delete-emptydir-data allow delete Pods with local storage kubectl drain $control_plane --ignore-daemonsets --delete-emptydir-data --disable-eviction # $control_plane node should have SchedulingDisabled kubectl get no -owide # ssh to control plane node ssh $control_plane -oStrictHostKeyChecking=no # update the package index sudo apt-get update -y # find the latest patch release version for Kubernetes using OS package manager e.g: 1.30.2 sudo apt-cache madison kubeadm | grep 1.30.2 # same as apt list -a <package name> v=1.30.2-1.1 # skip unhold upgrade kubeadm kubectl kubelet sudo apt-get install -y --allow-change-held-packages kubeadm=$v kubectl=$v kubelet=$v # The cri-socket annotation is used by kubeadm to find the container runtime socket perform the control plane upgrade. @@ -41,40 +42,43 @@ kubectl annotate no NODE kubeadm.alpha.kubernetes.io/cri-socket="unix:///var/run # generate plan: pre-flight checks and validate if the cluster is upgreadable, and fetches the versions you can upgrade to sudo kubeadm upgrade plan 1.30.2 # apply the upgrade: # the upgrade command is idempotent: it updates crontrol-plane components (API server, controller manager, scheduler) and includes an etcd upgrade (if necessary) sudo kubeadm upgrade apply 1.30.2 ... [upgrade/staticpods] This can take up to 5m0s [upgrade/staticpods] Preparing for "kube-apiserver" upgrade [upgrade/staticpods] Renewing apiserver certificate [upgrade/staticpods] Renewing apiserver-kubelet-client certificate [upgrade/staticpods] Renewing front-proxy-client certificate [upgrade/staticpods] Renewing apiserver-etcd-client certificate ..... kubectl uncordon $control_plane # for the other control plane nodes sudo kubeadm upgrade node ``` * For each Worker node: ```bash # drain node, necessary for kubelet upgrade # --disable-eviction bypass checking PodDisruptionBudgets # --delete-emptydir-data allow delete Pods with local storage kubectl drain $worker --ignore-daemonsets --delete-emptydir-data --disable-eviction ssh $worker -oStrictHostKeyChecking=no # update the package index sudo apt-get update -y # find the latest patch release version for Kubernetes using OS package manager e.g: 1.30.2 sudo apt-cache madison kubeadm | grep 1.30.2 # the same as apt list -a <package name> # set desire version v=1.30.2-1.1 # upgrade packages sudo apt-get install -y --allow-change-held-packages kubeadm=$v kubectl=$v kubelet=$v # if needed reload the systemd manager configuration and restart kubelet.service -
Oct 1, 2024 . 1 changed file with 3 additions and 3 deletions.There are no files selected for viewing
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters. Learn more about bidirectional Unicode charactersOriginal file line number Diff line number Diff line change @@ -1,9 +1,9 @@ The upgrade process ([docs](https://kubernetes.io/docs/tasks/administer-cluster/kubeadm/kubeadm-upgrade/)) follows the general procedure of: - Upgrading the Kubernetes control plane with kubeadm (Kubernetes components and add-ons excluding the CNI) - If applicable upgrading the CNI network plugin - Upgrading the Kubernetes packages (kubelet, kubeadm, kubectl) on the control plane and worker nodes - Upgrading the kubelet config on worker nodes with kubeadm ```bash # check cluster nodes and version -
Oct 1, 2024 . 1 changed file with 4 additions and 4 deletions.There are no files selected for viewing
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters. Learn more about bidirectional Unicode charactersOriginal file line number Diff line number Diff line change @@ -1,9 +1,9 @@ The upgrade process ([docs](https://kubernetes.io/docs/tasks/administer-cluster/kubeadm/kubeadm-upgrade/)) follows the general procedure of: - Upgrading the Kubernetes control plane with `kubeadm` (Kubernetes components and add-ons excluding the CNI) - If applicable upgrading the CNI network plugin - Upgrading the Kubernetes packages (`kubelet, kubeadm, kubectl`) on the control plane and worker nodes - Upgrading the `kubelet` config on worker nodes with `kubeadm` ```bash # check cluster nodes and version -
Oct 1, 2024 . 1 changed file with 0 additions and 0 deletions.There are no files selected for viewing
File renamed without changes. -
Oct 1, 2024 .There are no files selected for viewing
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters. Learn more about bidirectional Unicode charactersOriginal file line number Diff line number Diff line change @@ -0,0 +1,85 @@ The upgrade process ([docs](https://kubernetes.io/docs/tasks/administer-cluster/kubeadm/kubeadm-upgrade/)) follows the general procedure of: - Upgrading the Kubernetes control plane with kubeadm (Kubernetes components and add-ons excluding the CNI) - if applicable upgrading the CNI network plugin - Upgrading the Kubernetes packages (kubelet, kubeadm, kubectl) on the control plane and worker nodes - Upgrading the kubelet config on worker nodes with kubeadm ```bash # check cluster nodes and version kubectl get no -owide ``` * Control-plane node: ```bash # drain to prepare kubelet upgrade kubectl drain $control_plane --ignore-daemonsets --delete-emptydir-data --disable-eviction # --disable-eviction bypass checking PodDisruptionBudgets # --delete-emptydir-data allow delete Pods with local storage # $control_plane node should have SchedulingDisabled kubectl get no -owide ssh $control_plane -oStrictHostKeyChecking=no # Update the package index sudo apt-get update -y # find the latest patch release version for Kubernetes using OS package manager e.g: 1.30.2 sudo apt-cache madison kubeadm | grep 1.30.2 # the same as apt list -a <package name> v=1.30.2-1.1 # skip unhold upgrade kubeadm kubectl kubelet sudo apt-get install -y --allow-change-held-packages kubeadm=$v kubectl=$v kubelet=$v # The cri-socket annotation is used by kubeadm to find the container runtime socket perform the control plane upgrade. # ensure the node is annotated with cri-socket otherwise annotate the node kubectl get no NODE -oyaml | grep -A8 annotations kubectl annotate no NODE kubeadm.alpha.kubernetes.io/cri-socket="unix:///var/run/containerd/containerd.sock" # generate plan: pre-flight checks and validate if the cluster is upgreadable, and fetches the versions you can upgrade to sudo kubeadm upgrade plan 1.30.2 # apply the upgrade: The upgrade command is idempotent sudo kubeadm upgrade apply 1.30.2 ... [upgrade/staticpods] Preparing for "kube-apiserver" upgrade [upgrade/staticpods] Renewing apiserver certificate [upgrade/staticpods] Renewing apiserver-kubelet-client certificate [upgrade/staticpods] Renewing front-proxy-client certificate [upgrade/staticpods] Renewing apiserver-etcd-client certificate ..... kubectl uncordon $control_plane # For the other control plane nodes sudo kubeadm upgrade node ``` * For each Worker node: ```bash # drain node, necessar for kubelet upgrade kubectl drain $worker --ignore-daemonsets --delete-emptydir-data --disable-eviction # --disable-eviction bypass checking PodDisruptionBudgets # --delete-emptydir-data allow delete Pods with local storage ssh $worker -oStrictHostKeyChecking=no # Update the package index sudo apt-get update -y # find the latest patch release version for Kubernetes using OS package manager e.g: 1.30.2 sudo apt-cache madison kubeadm | grep 1.30.2 # the same as apt list -a <package name> # set desire version v=1.30.2-1.1 sudo apt-get install -y --allow-change-held-packages kubeadm=$v kubectl=$v kubelet=$v # if needed reload the systemd manager configuration and restart kubelet.service sudo systemctl daemon-reload sudo systemctl restart kubelet kubectl uncordon $worker1 ```