Search
๐Ÿ“

Test - Cluster Upgrade Process

Date
2025/01/07
Category
Devops
Tag
Kubernetes
CKA
Lab

Q1

This lab tests your skills onย upgrading a kubernetes cluster. We have a production cluster with applications running on it. Let us explore the setup first. What is the current version of the cluster?

ํ’€์ด

1.
kubectl get nodes
ํ˜„์žฌ ๋ฒ„์ „์— ๋Œ€ํ•œ ์ •๋ณด๊ฐ€ ์ถœ๋ ฅ๋จ
controlplane ~ โžœ kubectl get nodes NAME STATUS ROLES AGE VERSION controlplane Ready control-plane 24m v1.30.0 node01 Ready <none> 23m v1.30.0
Bash
๋ณต์‚ฌ
2.
kubeadm upgrade plan
kubectl get nodes๋กœ๋„ ๋ฒ„์ „์„ ํ™•์ธํ•  ์ˆ˜ ์žˆ์ง€๋งŒ ์ด๋Š” kubelet์˜ ๋ฒ„์ „์ด์ง€ ํด๋Ÿฌ์Šคํ„ฐ์˜ ๋ฒ„์ „์ด ์•„๋‹ˆ๊ธฐ ๋•Œ๋ฌธ์— ์ •ํ™•ํ•œ ํŒ๋‹จ์„ ์œ„ํ•ด์„œ kubeadm upgrade plan์œผ๋กœ ํ˜„์žฌ ๋ฒ„์ „ ํ™•์ธ
controlplane ~ โžœ kubeadm upgrade plan ... COMPONENT NODE CURRENT TARGET kubelet controlplane v1.30.0 v1.30.8 kubelet node01 v1.30.0 v1.30.8 ...
Bash
๋ณต์‚ฌ

์ •๋‹ต

v1.30.0

Q2

How many nodes are part of this cluster? Including controlplane and worker nodes

ํ’€์ด

controlplane ~ โžœ kubectl get nodes NAME STATUS ROLES AGE VERSION controlplane Ready control-plane 32m v1.30.0 node01 Ready <none> 31m v1.30.0
Bash
๋ณต์‚ฌ

์ •๋‹ต

2

Q3

How many nodes can host workloads in this cluster? Inspect the applications and taints set on the nodes.

ํ’€์ด

controlplane ~ โžœ kubectl describe node | grep Taints Taints: <none> Taints: <none>
Bash
๋ณต์‚ฌ

์ •๋‹ต

2

Q4

How many applications are hosted on the cluster? Count the number of deployments in theย defaultย namespace.

ํ’€์ด

controlplane ~ โžœ kubectl get deploy NAME READY UP-TO-DATE AVAILABLE AGE blue 5/5 5 5 16m
Bash
๋ณต์‚ฌ

์ •๋‹ต

1

Q5

What nodes are the pods hosted on?

ํ’€์ด

controlplane ~ โžœ kubectl get po -o wide NAME READY STATUS RESTARTS AGE IP NODE NOMINATED NODE READINESS GATES blue-fffb6db8d-6hpfz 1/1 Running 0 17m 10.244.0.4 controlplane <none> <none> blue-fffb6db8d-8mw8g 1/1 Running 0 17m 10.244.1.2 node01 <none> <none> blue-fffb6db8d-9bjzv 1/1 Running 0 17m 10.244.1.3 node01 <none> <none> blue-fffb6db8d-9qmc7 1/1 Running 0 17m 10.244.0.5 controlplane <none> <none> blue-fffb6db8d-q6pbh 1/1 Running 0 17m 10.244.1.4 node01 <none> <none>
Bash
๋ณต์‚ฌ

์ •๋‹ต

controlplane, node01

Q6

You are tasked to upgrade the cluster. Users accessing the applications must not be impacted, and you cannot provision new VMs. What strategy would you use to upgrade the cluster?

์ •๋‹ต

Upgrade one node at a time while moving the workloads to the other

Q7

What is the latest version available for an upgrade with the current version of the kubeadm tool installed?

ํ’€์ด

controlplane ~ โžœ kubeadm upgrade plan ... Components that must be upgraded manually after you have upgraded the control plane with 'kubeadm upgrade apply': COMPONENT NODE CURRENT TARGET kubelet controlplane v1.30.0 v1.30.8 kubelet node01 v1.30.0 v1.30.8 Upgrade to the latest version in the v1.30 series: COMPONENT NODE CURRENT TARGET kube-apiserver controlplane v1.30.0 v1.30.8 kube-controller-manager controlplane v1.30.0 v1.30.8 kube-scheduler controlplane v1.30.0 v1.30.8 kube-proxy 1.30.0 v1.30.8 CoreDNS v1.10.1 v1.11.1 etcd controlplane 3.5.12-0 3.5.12-0 ...
Bash
๋ณต์‚ฌ

์ •๋‹ต

v1.30.8

Q8

We will be upgrading the controlplane node first. Drain the controlplane node of workloads and mark itย UnSchedulable

ํ’€์ด ๊ณผ์ •

kubectl drain controlplane --ignore-daemonsets
Bash
๋ณต์‚ฌ

Q9

Upgrade theย controlplaneย components to exact versionย v1.31.0
Upgrade the kubeadm tool (if not already), then the controlplane components, and finally the kubelet. Practice referring to the Kubernetes documentation page.

ํ’€์ด ๊ณผ์ •

1.
k8s ํŒจํ‚ค์ง€ ์„ค์น˜๋ฅผ ์œ„ํ•œ APT Repository ์„ค์ •
echo "deb [signed-by=/etc/apt/keyrings/kubernetes-apt-keyring.gpg] https://pkgs.k8s.io/core:/stable:/v1.31/deb/ /" | sudo tee /etc/apt/sources.list.d/kubernetes.list curl -fsSL https://pkgs.k8s.io/core:/stable:/v1.31/deb/Release.key | sudo gpg --dearmor -o /etc/apt/keyrings/kubernetes-apt-keyring.gpg
Bash
๋ณต์‚ฌ
2.
์—…๊ทธ๋ ˆ์ด๋“œ ๋ฒ„์ „ ๊ฒฐ์ •
sudo apt update sudo apt-cache madison kubeadm kubeadm | 1.31.4-1.1 | https://pkgs.k8s.io/core:/stable:/v1.31/deb Packages kubeadm | 1.31.3-1.1 | https://pkgs.k8s.io/core:/stable:/v1.31/deb Packages kubeadm | 1.31.2-1.1 | https://pkgs.k8s.io/core:/stable:/v1.31/deb Packages kubeadm | 1.31.1-1.1 | https://pkgs.k8s.io/core:/stable:/v1.31/deb Packages kubeadm | 1.31.0-1.1 | https://pkgs.k8s.io/core:/stable:/v1.31/deb Packages
Bash
๋ณต์‚ฌ
1.31.0 ๋ฒ„์ „์œผ๋กœ ์—…๊ทธ๋ ˆ์ด๋“œ ํ•˜๋ผ๋Š” ๋ฌธ์ œ์ด๋ฏ€๋กœ 1.31.0-1.1 ์‚ฌ์šฉ
3.
kubeadm ์—…๊ทธ๋ ˆ์ด๋“œ
sudo apt-mark unhold kubeadm && \ sudo apt-get update && sudo apt-get install -y kubeadm='1.31.0-1.1' && \ sudo apt-mark hold kubeadm
Bash
๋ณต์‚ฌ
4.
plan ํ™•์ธ
์—…๊ทธ๋ ˆ์ด๋“œ ๊ฐ€๋Šฅ ๋ฒ„์ „์ด v1.31.4๋กœ ๋ณ€๊ฒฝ๋จ์„ ํ™•์ธ
sudo kubeadm upgrade plan ... Components that must be upgraded manually after you have upgraded the control plane with 'kubeadm upgrade apply': COMPONENT NODE CURRENT TARGET kubelet controlplane v1.30.0 v1.31.4 kubelet node01 v1.30.0 v1.31.4 Upgrade to the latest stable version: COMPONENT NODE CURRENT TARGET kube-apiserver controlplane v1.30.0 v1.31.4 kube-controller-manager controlplane v1.30.0 v1.31.4 kube-scheduler controlplane v1.30.0 v1.31.4 kube-proxy 1.30.0 v1.31.4 CoreDNS v1.10.1 v1.11.1 etcd controlplane 3.5.12-0 3.5.15-0 You can now apply the upgrade by executing the following command: kubeadm upgrade apply v1.31.4 Note: Before you can perform this upgrade, you have to update kubeadm to v1.31.4. ...
Bash
๋ณต์‚ฌ
5.
ํด๋Ÿฌ์Šคํ„ฐ ์—…๊ทธ๋ ˆ์ด๋“œ
v1.31.4๊นŒ์ง€ ์—…๊ทธ๋ ˆ์ด๋“œ ๊ฐ€๋Šฅํ•˜์ง€๋งŒ ๋ฌธ์ œ์— ๋งž๊ฒŒ v1.31.0์œผ๋กœ ์—…๊ทธ๋ ˆ์ด๋“œ
kubeadm upgrade apply v1.31.0 ... [upgrade/successful] SUCCESS! Your cluster was upgraded to "v1.31.0". Enjoy! [upgrade/kubelet] Now that your control plane is upgraded, please proceed with upgrading your kubelets if you haven't already done so.
Bash
๋ณต์‚ฌ
6.
kubelet & kubectl ์—…๊ทธ๋ ˆ์ด๋“œ
sudo apt-mark unhold kubelet kubectl && \ sudo apt-get update && sudo apt-get install -y kubelet='1.31.0-1.1' kubectl='1.31.0-1.1' && \ sudo apt-mark hold kubelet kubectl
Bash
๋ณต์‚ฌ
7.
kubelet ์žฌ์‹คํ–‰
sudo systemctl daemon-reload sudo systemctl restart kubelet
Bash
๋ณต์‚ฌ
์žฌ์‹คํ–‰ ํ›„ ์™„๋ฃŒ๊นŒ์ง€ ์•ฝ๊ฐ„์˜ ์‹œ๊ฐ„ ์†Œ์š”
8.
ํ™•์ธ
controlplane ~ โžœ kubectl get nodes NAME STATUS ROLES AGE VERSION controlplane Ready,SchedulingDisabled control-plane 62m v1.31.0 node01 Ready <none> 61m v1.30.0
Bash
๋ณต์‚ฌ

Documents

Upgrading kubeadm clusters
This page explains how to upgrade a Kubernetes cluster created with kubeadm from version 1.30.x to version 1.31.x, and from version 1.31.x to 1.31.y (where y > x). Skipping MINOR versions when upgrading is unsupported. For more details, please visit Version Skew Policy. To see information about upgrading clusters created using older versions of kubeadm, please refer to following pages instead: Upgrading a kubeadm cluster from 1.29 to 1.30 Upgrading a kubeadm cluster from 1.
https://v1-31.docs.kubernetes.io/docs/tasks/administer-cluster/kubeadm/kubeadm-upgrade/
pkgs.k8s.io: Introducing Kubernetes Community-Owned Package Repositories
On behalf of Kubernetes SIG Release, I am very excited to introduce the Kubernetes community-owned software repositories for Debian and RPM packages: pkgs.k8s.io! The new package repositories are replacement for the Google-hosted package repositories (apt.kubernetes.io and yum.kubernetes.io) that we've been using since Kubernetes v1.5. This blog post contains information about these new package repositories, what does it mean to you as an end user, and how to migrate to the new repositories.
https://v1-31.docs.kubernetes.io/blog/2023/08/15/pkgs-k8s-io-introduction/

Q10

Mark theย controlplaneย node as "Schedulable" again

ํ’€์ด

kubectl uncordon controlplane
Bash
๋ณต์‚ฌ

Q11

Next is the worker node.ย Drainย the worker node of the workloads and mark itย UnSchedulable

ํ’€์ด

kubectl drain node01 --ignore-daemonsets
Bash
๋ณต์‚ฌ

Q12

Upgrade the worker node to the exact versionย v1.31.0

ํ’€์ด ๊ณผ์ •

1.
Drain worker node
kubectl drain node01 --ignore-daemonsets
Bash
๋ณต์‚ฌ
2.
node01์— ์ ‘์†
ssh node01
Bash
๋ณต์‚ฌ
3.
k8s ํŒจํ‚ค์ง€ ์„ค์น˜๋ฅผ ์œ„ํ•œ APT Repository ์„ค์ •
echo "deb [signed-by=/etc/apt/keyrings/kubernetes-apt-keyring.gpg] https://pkgs.k8s.io/core:/stable:/v1.31/deb/ /" | sudo tee /etc/apt/sources.list.d/kubernetes.list curl -fsSL https://pkgs.k8s.io/core:/stable:/v1.31/deb/Release.key | sudo gpg --dearmor -o /etc/apt/keyrings/kubernetes-apt-keyring.gpg
Bash
๋ณต์‚ฌ
4.
๋…ธ๋“œ ์—…๊ทธ๋ ˆ์ด๋“œ
sudo kubeadm upgrade node
Bash
๋ณต์‚ฌ
5.
kubelet & kubectl ์—…๊ทธ๋ ˆ์ด๋“œ
sudo apt-mark unhold kubelet kubectl && \ sudo apt-get update && sudo apt-get install -y kubelet='1.31.0-1.1' kubectl='1.31.0-1.1' && \ sudo apt-mark hold kubelet kubectl
Bash
๋ณต์‚ฌ
6.
kubelet ์žฌ์‹œ์ž‘
sudo systemctl daemon-reload sudo systemctl restart kubelet
Bash
๋ณต์‚ฌ
7.
controlplane์œผ๋กœ ๋Œ์•„์™€ ํ™•์ธ
controlplane ~ โžœ kubectl get nodes NAME STATUS ROLES AGE VERSION controlplane Ready control-plane 76m v1.31.0 node01 Ready,SchedulingDisabled <none> 76m v1.31.0
Bash
๋ณต์‚ฌ

Documents

Upgrading Linux nodes
This page explains how to upgrade a Linux Worker Nodes created with kubeadm. Before you begin You need to have shell access to all the nodes, and the kubectl command-line tool must be configured to communicate with your cluster. It is recommended to run this tutorial on a cluster with at least two nodes that are not acting as control plane hosts. To check the version, enter kubectl version. Familiarize yourself with the process for upgrading the rest of your kubeadm cluster.
https://v1-31.docs.kubernetes.io/docs/tasks/administer-cluster/kubeadm/upgrading-linux-nodes/

Q13

Remove the restriction and mark the worker node as schedulable again.

ํ’€์ด

controlplane ~ โžœ kubectl get nodes NAME STATUS ROLES AGE VERSION controlplane Ready control-plane 76m v1.31.0 node01 Ready <none> 75m v1.31.0
Bash
๋ณต์‚ฌ