Step-by-Step Guide: Upgrading a Kubernetes Ubuntu Worker Node
👋 Welcome to my Hashnode profile! I'm a passionate technologist with expertise in AWS, DevOps, Kubernetes, Terraform, Datree, and various cloud technologies. Here's a glimpse into what I bring to the table: 🌟 Cloud Aficionado: I thrive in the world of cloud technologies, particularly AWS. From architecting scalable infrastructure to optimizing cost efficiency, I love diving deep into the AWS ecosystem and crafting robust solutions. 🚀 DevOps Champion: As a DevOps enthusiast, I embrace the culture of collaboration and continuous improvement. I specialize in streamlining development workflows, implementing CI/CD pipelines, and automating infrastructure deployment using modern tools like Kubernetes. ⛵ Kubernetes Navigator: Navigating the seas of containerization is my forte. With a solid grasp on Kubernetes, I orchestrate containerized applications, manage deployments, and ensure seamless scalability while maximizing resource utilization. 🏗️ Terraform Magician: Building infrastructure as code is where I excel. With Terraform, I conjure up infrastructure blueprints, define infrastructure-as-code, and provision resources across multiple cloud platforms, ensuring consistent and reproducible deployments. 🌳 Datree Guardian: In my quest for secure and compliant code, I leverage Datree to enforce best practices and prevent misconfigurations. I'm passionate about maintaining code quality, security, and reliability in every project I undertake. 🌐 Cloud Explorer: The ever-evolving cloud landscape fascinates me, and I'm constantly exploring new technologies and trends. From serverless architectures to big data analytics, I'm eager to stay ahead of the curve and help you harness the full potential of the cloud. Whether you need assistance in designing scalable architectures, optimizing your infrastructure, or enhancing your DevOps practices, I'm here to collaborate and share my knowledge. Let's embark on a journey together, where we leverage cutting-edge technologies to build robust and efficient solutions in the cloud! 🚀💻
Upgrading your Kubernetes worker nodes is crucial for security, reliability, and feature parity with your control plane. This guide walks you through a production-grade, highly detailed process for upgrading a Kubernetes worker node running Ubuntu, using the modern pkgs.k8s.io repositories and best practices from the official Kubernetes documentation.
Prerequisites
SSH access to the worker node you want to upgrade
kubectlaccess with admin privilegesThe control plane (master node) should already be upgraded to the target Kubernetes version
A backup of your critical data (etcd, manifests, configs)
The target Kubernetes version (in this guide: v1.33.2 as an example)
1. Preparation & Checks
1.1 Review the Current Cluster State
kubectl get nodes -o wide
- Confirm which node(s) require upgrading and check their current Kubernetes versions.
1.2 Announce and Plan Downtime
Notify your team; draining the node will temporarily move pods to other nodes.
Review resource usage to ensure other nodes can absorb workloads.
2. Drain the Node
Make the node unschedulable and evict running pods (except DaemonSets):
kubectl drain <node-name> --ignore-daemonsets
Replace
<node-name>with your node's actual name.This action evicts pods safely and prevents new pods from scheduling during the upgrade.
3. SSH into the Ubuntu Worker Node
From your bastion or local terminal:
ssh <username>@<node-ip>
- Use the correct username and IP.
4. Upgrade kubeadm
4.1 Unhold the current version (if held)
sudo apt-mark unhold kubeadm
4.2 Update repositories and install the target version
sudo apt-get update
sudo apt-get install -y kubeadm='1.33.x-*'
4.3 Hold the version to prevent unintended upgrades
sudo apt-mark hold kubeadm
Tip: Adjust version strings as per your desired patch level. Use
apt-cache madison kubeadmto see available versions.
5. Upgrade the Node (Kubelet Config)
Apply the upgrade using kubeadm:
sudo kubeadm upgrade node
- This step updates the local kubelet configuration for node compatibility.
6. Upgrade kubelet and kubectl
6.1 Unhold existing versions
sudo apt-mark unhold kubelet kubectl
6.2 Update and install new versions
sudo apt-get update
sudo apt-get install -y kubelet='1.33.x-*' kubectl='1.33.x-*'
6.3 Hold these versions again
sudo apt-mark hold kubelet kubectl
6.4 Restart kubelet
sudo systemctl daemon-reload
sudo systemctl restart kubelet
7. Bring the Node Back (Uncordon)
On any node with kubectl access:
kubectl uncordon <node-name>
- This makes your worker node schedulable again.
8. Verification
8.1 Confirm Versions
kubectl get nodes
- Ensure the
VERSIONfor the upgraded node matches the control plane.
8.2 Check Node Status
Node status should show
Ready.Optionally, run:
kubectl describe node <node-name>
9. Troubleshooting & Best Practices
Image pulls or pod failures? Check logs:
journalctl -xeu kubeletVersion mismatch warnings? Carefully repeat the version steps, check available
kubeadm/kubeletpackages.Safeguard the upgrade path: Never skip minor versions; always test in a staging environment first.
Summary Table
| Step | Command / Action | Notes |
| Drain node | kubectl drain <node> | Run before SSH-ing to node |
| Upgrade kubeadm | sudo apt-mark unhold kubeadm |
sudo apt-get updatesudo apt-get install -y kubeadm=1.33.2-00sudo apt-mark hold kubeadm | On the node |
| Apply node upgrade | sudo kubeadm upgrade node | On the node |
| Upgrade kubelet/kubectl | sudo apt-mark unhold kubelet kubectlsudo apt-get updatesudo apt-get install -y kubelet=1.33.2-00 kubectl=1.33.2-00sudo apt-mark hold kubelet kubectlsudo systemctl daemon-reloadsudo systemctl restart kubelet | On the node |
| Uncordon node | kubectl uncordon <node> | After SSH, back on control plane |
| Validate | kubectl get nodes | Cluster-wide check |
Reference
For the most current instructions and caveats—especially regarding repository changes and Ubuntu compatibility—always see the official Kubernetes upgrade documentation.
https://kubernetes.io/docs/tasks/administer-cluster/kubeadm/upgrading-linux-nodes/
By following these steps, your Ubuntu worker nodes will stay in sync with your Kubernetes control plane, ensuring cluster health, feature parity, and security.
