[CKA] Udemy Lightning Lab (1/7)

Weight: 15 

Upgrade the current version of kubernetes from 1.29.0 to 1.30.0 exactly using the kubeadm utility. 

Make sure that the upgrade is carried out one node at a time starting with the controlplane node.

To minimize downtime, the deployment gold-nginx should be rescheduled on an alternate node before upgrading each node.

Upgrade controlplane node first and drain node node01 before upgrading it.

Pods for gold-nginx should run on the controlplane node subsequently.

Cluster Upgraded?
pods 'gold-nginx' running on controlplane?

 

 

• 정보 확인

controlplane ~ ✖ k get nodes
NAME           STATUS                     ROLES           AGE   VERSION
controlplane   Ready,SchedulingDisabled   control-plane   54m   v1.29.0
node01         Ready                      <none>          53m   v1.29.0

controlplane ~ ➜  k get pods
NAME                          READY   STATUS    RESTARTS   AGE
gold-nginx-5d9489d9cc-qhws5   1/1     Running   0          23m

 

 

 

control plane node

• Upgrade kubeadm

# replace x in 1.30.x-* with the latest patch version
sudo apt-mark unhold kubeadm && \
sudo apt-get update && sudo apt-get install -y kubeadm='1.30.0-*' && \
sudo apt-mark hold kubeadm

 

 

Error

controlplane ~ ✖ sudo apt-mark unhold kubeadm && sudo apt-get update && sudo apt-get install -y kubeadm='1.30.0-*
' && sudo apt-mark hold kubeadm
kubeadm was already not on hold.
Hit:1 https://download.docker.com/linux/ubuntu jammy InRelease
Hit:2 https://prod-cdn.packages.k8s.io/repositories/isv:/kubernetes:/core:/stable:/v1.29/deb InRelease         
Hit:3 http://security.ubuntu.com/ubuntu jammy-security InRelease                                                
Hit:4 http://archive.ubuntu.com/ubuntu jammy InRelease
Hit:5 http://archive.ubuntu.com/ubuntu jammy-updates InRelease
Hit:6 http://archive.ubuntu.com/ubuntu jammy-backports InRelease
Reading package lists... Done
Reading package lists... Done
Building dependency tree... Done
Reading state information... Done
Package kubeadm is not available, but is referred to by another package.
This may mean that the package is missing, has been obsoleted, or
is only available from another source

E: Version '1.30.0-*' for 'kubeadm' was not found

>>> v1.29 -> v.1.30으로 변경

참고 : https://kubernetes.io/docs/tasks/administer-cluster/kubeadm/change-package-repository/

controlplane ~ ➜  cat /etc/apt/sources.list.d/kubernetes.list 
#deb [signed-by=/etc/apt/keyrings/kubernetes-apt-keyring.gpg] https://pkgs.k8s.io/core:/stable:/v1.29/deb/ /
deb [signed-by=/etc/apt/keyrings/kubernetes-apt-keyring.gpg] https://pkgs.k8s.io/core:/stable:/v1.30/deb/ /

 

controlplane ~ ➜  kubeadm version
kubeadm version: &version.Info{Major:"1", Minor:"30", GitVersion:"v1.30.0", GitCommit:"7c48c2bd72b9bf5c44d21d7338cc7bea77d0ad2a", GitTreeState:"clean", BuildDate:"2024-04-17T17:34:08Z", GoVersion:"go1.22.2", Compiler:"gc", Platform:"linux/amd64"}

 

• 업그레이드 계획 확인 

kubeadm upgrade plan

 

• kubernetes cluster update를 위해 kubeadm를 선택한 version으로 패치

controlplane ~ ➜  sudo kubeadm upgrade apply v1.30.0

 

 

• 노드 드레인

# replace <node-to-drain> with the name of your node you are draining
controlplane ~ ➜  kubectl drain controlplane --ignore-daemonsets
node/controlplane cordoned
Warning: ignoring DaemonSet-managed Pods: kube-system/kube-proxy-n9cbz, kube-system/weave-net-8hcsl
node/controlplane drained

 

• kubelet과 kubectl 업그레이드 

sudo apt-mark unhold kubelet kubectl && \
sudo apt-get update && sudo apt-get install -y kubelet='1.30.0-*' kubectl='1.30.0-*' && \
sudo apt-mark hold kubelet kubectl

...

..

.

Preparing to unpack .../kubectl_1.30.0-1.1_amd64.deb ...
Unpacking kubectl (1.30.0-1.1) over (1.29.0-1.1) ...
Preparing to unpack .../kubelet_1.30.0-1.1_amd64.deb ...
Unpacking kubelet (1.30.0-1.1) over (1.29.0-1.1) ...
Setting up kubectl (1.30.0-1.1) ...
Setting up kubelet (1.30.0-1.1) ...
kubelet set on hold.
kubectl set on hold.

 

• kubelet restart

controlplane ~ ➜  sudo systemctl daemon-reload
sudo systemctl restart kubelet

 

• 노드 uncordon 

kubectl uncordon controlplane

 

node01

controlplane ~ ➜  cat /etc/apt/sources.list.d/kubernetes.list 
#deb [signed-by=/etc/apt/keyrings/kubernetes-apt-keyring.gpg] https://pkgs.k8s.io/core:/stable:/v1.29/deb/ /
deb [signed-by=/etc/apt/keyrings/kubernetes-apt-keyring.gpg] https://pkgs.k8s.io/core:/stable:/v1.30/deb/ /

먼저 node01에서도 해당 작업을 수행

 

controlplane ~ ➜  ssh node01

node01 ~ ➜  apt-mark unhold kubeadm && apt-get update && apt-get install -y kubeadm=1.30.0-* && apt-mark hold kubeadm



sudo kubeadm upgrade node

 

• exit 후 controlplan으로 복귀

controlplane ~ ✖ kubectl drain node01 --ignore-daemonsets
node/node01 cordoned
Warning: ignoring DaemonSet-managed Pods: kube-system/kube-proxy-zd68w, kube-system/weave-net-w2g9t

 

 

node01 ~ ➜  sudo apt-mark unhold kubelet kubectl && sudo apt-get update && sudo apt-get install -y kubelet=1.30.0-* kubectl=1.30.0-* && sudo apt-mark hold kubeadm kubectl



exit



controlplane ~ ➜  kubectl uncordon controlplane
node/controlplane already uncordoned

controlplane ~ ➜  k get no
NAME           STATUS                     ROLES           AGE   VERSION
controlplane   Ready                      control-plane   90m   v1.30.0
node01         Ready,SchedulingDisabled   <none>          89m   v1.30.0


controlplane ~ ➜  k get pods -o wide
NAME                          READY   STATUS    RESTARTS   AGE   IP       NODE     NOMINATED NODE   READINESS GATES
gold-nginx-5d9489d9cc-gb98v   0/1     Pending   0          13m   <none>   <none>   <none>           <none>


controlplane ~ ✖ k describe nodes controlplane | grep -i Taint -A1
Taints:             node-role.kubernetes.io/control-plane:NoSchedule
Unschedulable:      false

controlplane ~ ➜  k taint node controlplane node-role.kubernetes.io/control-plane:NoSchedule-
node/controlplane untainted

controlplane ~ ➜  k get pods -o wide
NAME                          READY   STATUS    RESTARTS   AGE   IP           NODE           NOMINATED NODE   READINESS GATES
gold-nginx-5d9489d9cc-gb98v   1/1     Running   0          18m   10.244.0.9   controlplane   <none>           <none>

 

 

Solution

Here is the solution for this task. Please note that the output of these commands have not been added here.

To seamlessly transition from Kubernetes v1.29 to v1.30 and gain access to the packages specific to the desired Kubernetes minor version, follow these essential steps during the upgrade process. This ensures that your environment is appropriately configured and aligned with the features and improvements introduced in Kubernetes v1.30.

On the controlplane node:

Use any text editor you prefer to open the file that defines the Kubernetes apt repository.

vim /etc/apt/sources.list.d/kubernetes.list

Update the version in the URL to the next available minor release, i.e v1.30.

deb [signed-by=/etc/apt/keyrings/kubernetes-apt-keyring.gpg] https://pkgs.k8s.io/core:/stable:/v1.30/deb/ /

After making changes, save the file and exit from your text editor. Proceed with the next instruction.

kubectl drain controlplane --ignore-daemonsets
apt update
apt-cache madison kubeadm

Based on the version information displayed by apt-cache madison, it indicates that for Kubernetes version 1.30.0, the available package version is 1.30.0-1.1. Therefore, to install kubeadm for Kubernetes v1.30.0, use the following command:

apt-get install kubeadm=1.30.0-1.1

Run the following command to upgrade the Kubernetes cluster.

kubeadm upgrade plan v1.30.0
kubeadm upgrade apply v1.30.0

Now, upgrade the version and restart Kubelet. Also, mark the node (in this case, the "controlplane" node) as schedulable.

apt-get install kubelet=1.30.0-1.1
systemctl daemon-reload
systemctl restart kubelet
kubectl uncordon controlplane

Before draining node01, if the controlplane gets taint during an upgrade, we have to remove it.

# Identify the taint first. 
kubectl describe node controlplane | grep -i taint

# Remove the taint with help of "kubectl taint" command.
kubectl taint node controlplane node-role.kubernetes.io/control-plane:NoSchedule-

# Verify it, the taint has been removed successfully.  
kubectl describe node controlplane | grep -i taint

Now, drain the node01 as follows: -

kubectl drain node01 --ignore-daemonsets

SSH to the node01 and perform the below steps as follows: -

Use any text editor you prefer to open the file that defines the Kubernetes apt repository.

vim /etc/apt/sources.list.d/kubernetes.list

Update the version in the URL to the next available minor release, i.e v1.30.

deb [signed-by=/etc/apt/keyrings/kubernetes-apt-keyring.gpg] https://pkgs.k8s.io/core:/stable:/v1.30/deb/ /

After making changes, save the file and exit from your text editor. Proceed with the next instruction.

apt update
apt-cache madison kubeadm

Based on the version information displayed by apt-cache madison, it indicates that for Kubernetes version 1.30.0, the available package version is 1.30.0-1.1. Therefore, to install kubeadm for Kubernetes v1.30.0, use the following command:

apt-get install kubeadm=1.30.0-1.1
# Upgrade the node 
kubeadm upgrade node

Now, upgrade the version and restart Kubelet.

apt-get install kubelet=1.30.0-1.1
systemctl daemon-reload
systemctl restart kubelet

To exit from the specific node, type exit or logout on the terminal.

Back on the controlplane node: -

kubectl uncordon node01
kubectl get pods -o wide | grep gold # make sure this is scheduled on a node

Details