k8s从1.32升级到1.33(ubuntu系统)

一、升级前准备(必做)

1、确认集群状态:

  • 所有节点 Ready,无 NotReady/SchedulingDisabled
  • 无关键 Pod(calico、coredns、metallb)异常
  • 控制平面节点已做 etcd 备份(建议)
# 所有节点都要执行
kubectl get nodes
kubectl get pods -A
kubectl version
kubeadm version
kubelet --version
dpkg -l | grep kube

2、备份 etcd(关键!)

ETCDCTL_API=3 etcdctl snapshot save /var/lib/etcd/snapshot-pre-upgrade.db \
  --endpoints=https://127.0.0.1:2379 \
  --cacert=/etc/kubernetes/pki/etcd/ca.crt \
  --cert=/etc/kubernetes/pki/etcd/server.crt \
  --key=/etc/kubernetes/pki/etcd/server.key

3、升级策略说明

  • K8S支持从1.32升级到1.33,但是不支持直接从1.32到1.34,只能1.32.3 → 1.33.x → 1.34.x
  • 控制平面节点:先升级 kubeadm → 升级控制平面组件 → 升级 kubelet/kubectl
  • 工作节点:先驱逐 Pod → 升级 kubeadm/kubelet/kubectl → uncordon

二、升级控制平面节点

1、排空节点

kubectl drain k8s-master01 --ignore-daemonsets --delete-emptydir-data
#执行完节点状态会变成 SchedulingDisabled

2、控制平面节点更新软件源:

# 1. 配置 apt 源(如果之前没配置过)
curl -fsSL https://pkgs.k8s.io/core:/stable:/v1.33/deb/Release.key | sudo gpg --dearmor -o /etc/apt/keyrings/kubernetes-apt-keyring.gpg
echo 'deb [signed-by=/etc/apt/keyrings/kubernetes-apt-keyring.gpg] https://pkgs.k8s.io/core:/stable:/v1.33/deb/ /' | sudo tee /etc/apt/sources.list.d/kubernetes.list

# 2. 更新 apt 缓存
apt update

3、查看可用版本,如下:

apt-cache madison kubelet  | kubectl | kubeadm

4、升级kubeadm

apt install -y kubeadm=1.33.10-1.1
apt-mark hold kubeadm   #锁定版本,防止自动升级

# 先查看可升级版本
kubeadm upgrade plan

# 执行升级
kubeadm upgrade apply v1.33.10

注意:多 master 集群,其他控制平面节点执行 kubeadm upgrade node 即可,不用 apply

5、升级kubectl 和 kubelet

apt install -y kubelet=1.33.5-1.1 kubectl=1.33.10-1.1
apt-mark hold kubelet kubectl

# 重启 kubelet
systemctl daemon-reload
systemctl restart kubelet

6、恢复调度

kubectl uncordon k8s-master01

7、其他master节点,以k8s-master02为例,步骤为:

#排空节点
kubectl drain k8s-master02 --ignore-daemonsets --delete-emptydir-data
#添加软件源
curl -fsSL https://pkgs.k8s.io/core:/stable:/v1.33/deb/Release.key | sudo gpg --dearmor -o /etc/apt/keyrings/kubernetes-apt-keyring.gpg
echo 'deb [signed-by=/etc/apt/keyrings/kubernetes-apt-keyring.gpg] https://pkgs.k8s.io/core:/stable:/v1.33/deb/ /' | sudo tee /etc/apt/sources.list.d/kubernetes.list
apt update
#安装版本
apt install -y kubeadm=1.33.10-1.1 kubelet=1.33.10-1.1 kubectl=1.33.10-1.1
apt-mark hold kubeadm kubelet kubectl   #锁定版本,防止自动升级
#升级节点
kubeadm upgrade node
#重启服务
systemctl daemon-reload
systemctl restart kubelet
#在主master节点上恢复调度
kubectl uncordon k8s-master02

三、升级工作节点

1、排空工作节点,在主master节点上执行

kubectl drain k8s-node01 \
  --ignore-daemonsets \
  --delete-emptydir-data \
  --force

2、添加软件源

curl -fsSL https://pkgs.k8s.io/core:/stable:/v1.33/deb/Release.key | sudo gpg --dearmor -o /etc/apt/keyrings/kubernetes-apt-keyring.gpg
echo 'deb [signed-by=/etc/apt/keyrings/kubernetes-apt-keyring.gpg] https://pkgs.k8s.io/core:/stable:/v1.33/deb/ /' | sudo tee /etc/apt/sources.list.d/kubernetes.list
apt update

3、升级三个包

sudo apt install -y \
kubeadm=1.33.10-1.1 \
kubelet=1.33.10-1.1 \
kubectl=1.33.10-1.1
apt-mark hold kubeadm kubelet kubectl #锁定版本

4、执行升级

kubeadm upgrade node

5、重启kubelet

sudo systemctl daemon-reload
sudo systemctl restart kubelet

6、节点恢复调度

kubectl uncordon k8s-node01

标签