Upgrade do Cluster Kubernetes

Upgrade do Kubernetes deve ser feito de forma incremental, uma minor version por vez (ex: 1.29 → 1.30), sempre começando pelo Control Plane.

Conceito Geral

• Upgrade apenas uma minor version por vez (não pular versões)
• Ordem: Control Plane → Workers
• Em HA: um master por vez
• Drenar nodes antes do upgrade (migrar pods)
• Sempre fazer backup do etcd antes

Backup etcd
   ↓
Upgrade Master01 (kubeadm → kubelet)
   ↓
Upgrade Master02, Master03 (HA)
   ↓
Upgrade Worker01 (drenar → upgrade → uncordon)
   ↓
Upgrade Worker02, Worker03...
   ↓
Validar cluster

Verificar Versão Atual

kubectl version --short
kubeadm version
kubelet --version

Planejar Upgrade

# Ver versões disponíveis
apt-cache madison kubeadm
# ou
yum list --showduplicates kubeadm

Upgrade do Control Plane (Master)

1. Upgrade kubeadm

apt-mark unhold kubeadm
apt-get update
apt-get install -y kubeadm=1.30.0-00
apt-mark hold kubeadm

2. Plano de Upgrade

kubeadm upgrade plan

3. Aplicar Upgrade

kubeadm upgrade apply v1.30.0

4. Drenar o Node

kubectl drain master01 --ignore-daemonsets

5. Upgrade kubelet e kubectl

apt-mark unhold kubelet kubectl
apt-get update
apt-get install -y kubelet=1.30.0-00 kubectl=1.30.0-00
apt-mark hold kubelet kubectl

systemctl daemon-reload
systemctl restart kubelet

6. Uncordon

kubectl uncordon master01

Upgrade de Masters Adicionais (HA)

# No Master02 e Master03
kubeadm upgrade node

kubectl drain master02 --ignore-daemonsets
# Upgrade kubelet e kubectl (mesmo processo)
systemctl restart kubelet
kubectl uncordon master02

Upgrade de Worker Nodes

# No master, drenar o worker
kubectl drain worker01 --ignore-daemonsets --delete-emptydir-data

# No worker01
apt-mark unhold kubeadm
apt-get update
apt-get install -y kubeadm=1.30.0-00
apt-mark hold kubeadm

kubeadm upgrade node

apt-mark unhold kubelet kubectl
apt-get install -y kubelet=1.30.0-00 kubectl=1.30.0-00
apt-mark hold kubelet kubectl

systemctl daemon-reload
systemctl restart kubelet

# No master
kubectl uncordon worker01

Verificar Upgrade

kubectl get nodes
kubectl version
kubectl get pods --all-namespaces

Rollback (Se Necessário)

# Restaurar backup do etcd
ETCDCTL_API=3 etcdctl snapshot restore /backup/etcd-pre-upgrade.db

# Downgrade dos pacotes
apt-get install -y kubeadm=1.29.0-00 kubelet=1.29.0-00 kubectl=1.29.0-00

Checklist de Upgrade

• Backup do etcd
• Testar em ambiente de dev/staging
• Ler release notes da nova versão
• Verificar compatibilidade de addons
• Janela de manutenção agendada
• Upgrade master primeiro
• Upgrade workers um por vez
• Validar aplicações após cada node