k8s从1.32升级到1.33(ubuntu系统)
一、升级前准备(必做)
1、确认集群状态:
- 所有节点
Ready,无NotReady/SchedulingDisabled - 无关键 Pod(calico、coredns、metallb)异常
- 控制平面节点已做 etcd 备份(建议)
# 所有节点都要执行
kubectl get nodes
kubectl get pods -A
kubectl version
kubeadm version
kubelet --version
dpkg -l | grep kube
2、备份 etcd(关键!)
ETCDCTL_API=3 etcdctl snapshot save /var/lib/etcd/snapshot-pre-upgrade.db \
--endpoints=https://127.0.0.1:2379 \
--cacert=/etc/kubernetes/pki/etcd/ca.crt \
--cert=/etc/kubernetes/pki/etcd/server.crt \
--key=/etc/kubernetes/pki/etcd/server.key
3、升级策略说明
- K8S支持从1.32升级到1.33,但是不支持直接从1.32到1.34,只能1.32.3 → 1.33.x → 1.34.x
- 控制平面节点:先升级
kubeadm→ 升级控制平面组件 → 升级kubelet/kubectl - 工作节点:先驱逐 Pod → 升级
kubeadm/kubelet/kubectl→ uncordon
二、升级控制平面节点
1、排空节点
kubectl drain k8s-master01 --ignore-daemonsets --delete-emptydir-data
#执行完节点状态会变成 SchedulingDisabled
2、控制平面节点更新软件源:
# 1. 配置 apt 源(如果之前没配置过)
curl -fsSL https://pkgs.k8s.io/core:/stable:/v1.33/deb/Release.key | sudo gpg --dearmor -o /etc/apt/keyrings/kubernetes-apt-keyring.gpg
echo 'deb [signed-by=/etc/apt/keyrings/kubernetes-apt-keyring.gpg] https://pkgs.k8s.io/core:/stable:/v1.33/deb/ /' | sudo tee /etc/apt/sources.list.d/kubernetes.list
# 2. 更新 apt 缓存
apt update
3、查看可用版本,如下:
apt-cache madison kubelet | kubectl | kubeadm

4、升级kubeadm
apt install -y kubeadm=1.33.10-1.1
apt-mark hold kubeadm #锁定版本,防止自动升级
# 先查看可升级版本
kubeadm upgrade plan
# 执行升级
kubeadm upgrade apply v1.33.10
注意:多 master 集群,其他控制平面节点执行 kubeadm upgrade node 即可,不用 apply
5、升级kubectl 和 kubelet
apt install -y kubelet=1.33.5-1.1 kubectl=1.33.10-1.1
apt-mark hold kubelet kubectl
# 重启 kubelet
systemctl daemon-reload
systemctl restart kubelet
6、恢复调度
kubectl uncordon k8s-master01
7、其他master节点,以k8s-master02为例,步骤为:
#排空节点
kubectl drain k8s-master02 --ignore-daemonsets --delete-emptydir-data
#添加软件源
curl -fsSL https://pkgs.k8s.io/core:/stable:/v1.33/deb/Release.key | sudo gpg --dearmor -o /etc/apt/keyrings/kubernetes-apt-keyring.gpg
echo 'deb [signed-by=/etc/apt/keyrings/kubernetes-apt-keyring.gpg] https://pkgs.k8s.io/core:/stable:/v1.33/deb/ /' | sudo tee /etc/apt/sources.list.d/kubernetes.list
apt update
#安装版本
apt install -y kubeadm=1.33.10-1.1 kubelet=1.33.10-1.1 kubectl=1.33.10-1.1
apt-mark hold kubeadm kubelet kubectl #锁定版本,防止自动升级
#升级节点
kubeadm upgrade node
#重启服务
systemctl daemon-reload
systemctl restart kubelet
#在主master节点上恢复调度
kubectl uncordon k8s-master02
三、升级工作节点
1、排空工作节点,在主master节点上执行
kubectl drain k8s-node01 \
--ignore-daemonsets \
--delete-emptydir-data \
--force
2、添加软件源
curl -fsSL https://pkgs.k8s.io/core:/stable:/v1.33/deb/Release.key | sudo gpg --dearmor -o /etc/apt/keyrings/kubernetes-apt-keyring.gpg
echo 'deb [signed-by=/etc/apt/keyrings/kubernetes-apt-keyring.gpg] https://pkgs.k8s.io/core:/stable:/v1.33/deb/ /' | sudo tee /etc/apt/sources.list.d/kubernetes.list
apt update
3、升级三个包
sudo apt install -y \
kubeadm=1.33.10-1.1 \
kubelet=1.33.10-1.1 \
kubectl=1.33.10-1.1
apt-mark hold kubeadm kubelet kubectl #锁定版本
4、执行升级
kubeadm upgrade node
5、重启kubelet
sudo systemctl daemon-reload
sudo systemctl restart kubelet
6、节点恢复调度
kubectl uncordon k8s-node01


