Govur University Logo
--> --> --> -->
Govur University Logo
Sign In
...
Home All Courses Engineering and Technology Courses Certified Kubernetes Administrator (CKA) Flashcard

Detail the process of upgrading a Kubernetes cluster using kubeadm, including pre-upgrade checks and post-upgrade verification.



Upgrading a Kubernetes cluster using kubeadm is a multi-step process that requires careful planning and execution to minimize downtime and ensure a smooth transition. The process involves upgrading the control plane nodes first, followed by the worker nodes. Here's a detailed outline of the upgrade process, including pre-upgrade checks and post-upgrade verification:

I. Pre-Upgrade Checks:

Before initiating the upgrade, it's crucial to perform several checks to ensure that the cluster is in a healthy state and that the upgrade process is likely to succeed.

1. Backup etcd: As emphasized before, etcd is the heart of the Kubernetes cluster. Backing it up before any major operation is essential.

```bash
ETCDCTL_API=3 etcdctl --endpoints=https://[127.0.0.1]:2379 \
--cacert=/etc/kubernetes/pki/etcd/ca.crt \
--cert=/etc/kubernetes/pki/etcd/server.crt \
--key=/etc/kubernetes/pki/etcd/server.key \
snapshot save snapshot.db
```

Store this snapshot in a secure location.

2. Check Node Status: Verify that all nodes in the cluster are in a `Ready` state.

```bash
kubectl get nodes
```

Ensure that all nodes have a `Status` of `Ready`. If any nodes are not ready, investigate and resolve the issue before proceeding with the upgrade.

3. Drain the Control Plane Node: You cannot drain the node at this point, but ensure you know how to drain a node, as it will be needed during the upgrade process. Draining safely evicts all Pods from the node.

```bash
kubectl drain <control-plane-node-name> --ignore-daemonsets --delete-emptydir-data --force
```

4. Check Kubeadm Upgrade Plan: Use `kubeadm upgrade plan` to view the available upgrade versions and to check for any potential issues.

```bash
kubeadm upgrade plan
```

This command will show you the current Kubernetes version and the available upgrade versions. It will also highlight any compatibility issues or deprecated features that may need to be addressed before upgrading.

5. Check Component Versions: Verify that the versions of critical components, such as kubelet and kubectl, are compatible with the target Kubernetes version.

```bash
kubelet --version
kubectl version
```

Ensure that the kubelet version on each node is close to the current Kubernetes version. You may need to upgrade kubelet separately if it is significantly outdated.

6. Check for Deprecated APIs: Kubernetes periodically deprecates APIs, and using deprecated APIs can cause issues after upgrading. Use tools like `kubectl api-resources --verbs=list --api-versions` to check for deprecated APIs.

7. Check Cluster Addons: Ensure that any cluster addons, such as the networking plugin (e.g., Calico, Cilium, Weave Net) and the DNS service (e.g., CoreDNS), are compatible with the target Kubernetes version. Consult the documentation for each addon to determine the required versions.

8. Verify Storage Class Compatibility: If using dynamic provisioning, ensure the storage classes and associated provisioners are compatible with the target Kubernetes version.

II. Upgrading the Control Plane Node:

Once you have completed the pre-upgrade checks, you can proceed with upgrading the control plane node.

1. Upgrade Kubeadm: Upgrade the kubeadm tool on the control plane node to the target Kubernetes version.

```bash
apt update && apt install -y kubeadm=<target-version>-00
```

Replace `<target-version>` with the desired Kubernetes version (e.g., `1.28.0`).

2. Perform the Upgrade: Use the `kubeadm upgrade apply` command to perform the actual upgrade.

```bash
kubeadm upgrade apply v<target-version>
```

Replace `<target-version>` with the desired Kubernetes version (e.g., `1.28.0`). This command will upgrade the control plane components, including the kube-apiserver, kube-controller-manager, and kube-scheduler. It will also update the static Pod manifests in `/etc/kubernetes/manifests`.

3. Uncordon the Control Plane Node: After the upgrade is complete, uncordon the control plane node to allow Pods to be scheduled on it again.

```bash
kubectl uncordon <control-plane-node-name>
```

4. Upgrade Kubelet and Kubectl: Upgrade the kubelet and kubectl tools on the control plane node to the target Kubernetes version.

```bash
apt update && apt install -y kubelet=<target-version>-00 kubectl=<target-version>-00
systemctl restart kubelet
```

5. Update Kube-Proxy: Update the kube-proxy component using the following command:

```bash
kubectl apply -f https://raw.githubusercontent.com/kubernetes/kubernetes/v<target-version>/cluster/addons/proxy/kube-proxy.yaml
```

Replace `<target-version>` with the desired Kubernetes version (e.g., `1.28.0`).

III. Upgrading Worker Nodes:

After upgrading the control plane node, you can proceed with upgrading the worker nodes.

1. Drain the Worker Node: Before upgrading a worker node, drain it to safely evict all Pods from the node.

```bash
kubectl drain <worker-node-name> --ignore-daemonsets --delete-emptydir-data --force
```

2. Upgrade Kubeadm: Upgrade the kubeadm tool on the worker node to the target Kubernetes version.

```bash
apt update && apt install -y kubeadm=<target-version>-00
```

Replace `<target-version>` with the desired Kubernetes version.

3. Upgrade the Node: Use the `kubeadm upgrade node` command to upgrade the node.

```bash
kubeadm upgrade node
```

This command will update the kubelet configuration and perform any necessary node-specific upgrades.

4. Upgrade Kubelet: Upgrade the kubelet tool on the worker node to the target Kubernetes version.

```bash
apt update && apt install -y kubelet=<target-version>-00
systemctl restart kubelet
```

5. Uncordon the Worker Node: After the upgrade is complete, uncordon the worker node to allow Pods to be scheduled on it again.

```bash
kubectl uncordon <worker-node-name>
```

IV. Post-Upgrade Verification:

After upgrading all nodes, it's essential to verify that the cluster is functioning correctly.

1. Check Node Status: Verify that all nodes in the cluster are in a `Ready` state and are running the correct Kubernetes version.

```bash
kubectl get nodes
```

2. Check Pod Status: Verify that all Pods in the cluster are running and healthy.

```bash
kubectl get pods --all-namespaces
```

Look for any Pods that are in a `Pending`, `Error`, or `CrashLoopBackOff` state. Investigate and resolve any issues.

3. Check Service Status: Verify that all Services in the cluster are functioning correctly.

```bash
kubectl get services --all-namespaces
```

Ensure that all Services have the correct endpoints and that traffic is being routed correctly.

4. Run End-to-End Tests: Run a set of end-to-end tests to verify that the cluster is functioning as expected. These tests should cover a variety of scenarios, such as deploying applications, scaling deployments, and accessing services.

5. Monitor Cluster Health: Monitor the cluster's health and performance over time to identify any potential issues. Use monitoring tools such as Prometheus and Grafana to track key metrics such as CPU utilization, memory usage, and network traffic.

6. Verify DNS Resolution: Check that DNS resolution is working correctly within the cluster. Pods should be able to resolve the names of other Services and external resources.

7. Check Storage Functionality: If using persistent volumes, verify that they are being provisioned and mounted correctly. Write and read data to the volumes to ensure that they are functioning as expected.

8. Test Network Policies: If using network policies, verify that they are being enforced correctly. Create Pods in different namespaces and attempt to communicate between them to ensure that the policies are blocking or allowing traffic as intended.

Key Considerations:

Rolling Upgrades: Perform rolling upgrades to minimize downtime. Upgrade one node at a time, allowing the cluster to remain operational while the upgrade is in progress.
Test Environment: Always test the upgrade process in a non-production environment before upgrading your production cluster. This will help you identify any potential issues and ensure a smooth upgrade.
Documentation: Carefully review the Kubernetes documentation for the specific version you are upgrading to. Pay attention to any breaking changes or deprecated features.
Communication: Communicate the upgrade schedule to all stakeholders and provide regular updates on the progress of the upgrade.
Rollback Plan: Have a rollback plan in place in case the upgrade fails. This should include steps for reverting to the previous Kubernetes version.

By following these steps, you can upgrade your Kubernetes cluster using kubeadm safely and effectively, minimizing downtime and ensuring a smooth transition.