Step-by-Step Guide to Upgrade a Kubernetes Cluster from v1.17.9 to v1.18.9
This tutorial explains how to safely back up a kubeadm‑managed Kubernetes cluster, upgrade the control‑plane from version 1.17.9 to 1.18.9, update master and worker nodes, verify the upgrade, and handle certificate renewal and recovery in case of failures.
Upgrade Overview
Use a kubeadm‑provisioned Kubernetes cluster.
Minor upgrades are supported; major upgrades are allowed but skipping two major versions is not recommended.
Back up all cluster resources before proceeding.
Upgrade Target
Upgrade the cluster from v1.17.9 to v1.18.9 .
# kubectl get nodes
NAME STATUS ROLES AGE VERSION
ecs-968f-0005 Ready node 102d v1.17.9
k8s-master Ready master 102d v1.17.9Backup the Cluster
kubeadm upgradedoes not affect workloads, but backing up the cluster is recommended. The guide uses the open‑source script k8s-backup-restore :
(1) Download the script
$ mkdir -p /data
cd /data
git clone https://github.com/solomonxu/k8s-backup-restore.git(2) Run the backup
cd /data/k8s-backup-restore
./bin/k8s_backup.shTo restore:
# mkdir -p /data/k8s-backup-restore/data/restore
$ cp devops_deployments_gitlab.yaml ../../restore/
$ cd /data/k8s-backup-restore
./bin/k8s_restore.shUpgrade the Cluster
Master Upgrade
(1) Choose the target version
$ yum list --showduplicates kubeadm --disableexcludes=kubernetes(2) Upgrade kubeadm to 1.18.9
$ yum install -y kubeadm-1.18.9-0 --disableexcludes=kubernetes(3) Verify the version
$ kubeadm version
kubeadm version: &version.Info{Major:"1", Minor:"18", GitVersion:"v1.18.9", ...}(4) Drain the master node
$ kubectl cordon k8s-master
$ kubectl drain k8s-master(5) Run the upgrade plan
$ kubeadm upgrade plan(6) Apply the upgrade
$ kubeadm upgrade apply v1.18.9 --config kubeadm.yaml(7) Uncordon the master
# kubectl uncordon k8s-masterNode Upgrade
(1) Upgrade kubeadm on the node
$ yum install -y kubeadm-1.18.9-0 --disableexcludes=kubernetes(2) Cordon and drain the node
$ kubectl cordon ecs-968f-0005
$ kubectl drain ecs-968f-0005(3) Upgrade the node control plane
$ kubeadm upgrade node(4) Upgrade kubelet and
kubectl$ yum install -y kubelet-1.18.9-0 kubectl-1.18.9-0 --disableexcludes=kubernetes
$ systemctl daemon-reload
$ systemctl restart kubelet(5) Uncordon the node
$ kubectl uncordon ecs-968f-0005Verify the Cluster
Check node status
$ kubectl get no
NAME STATUS ROLES AGE VERSION
ecs-968f-0005 Ready node 102d v1.18.9
k8s-master Ready master 102d v1.18.9Check certificate expiration
$ kubeadm alpha certs check-expiration
... (output omitted for brevity) ...Note: kubeadm upgrade automatically renews certificates it manages on the node. To skip renewal, add the flag --certificate-renewal=false .
Failure Recovery
If an upgrade fails without rollback, you can re‑run kubeadm upgrade or force it with kubeadm upgrade --force. Backup files are stored under /etc/kubernetes/tmp: kubeadm-backup-etcd-* – etcd data backup. kubeadm-backup-manifests-* – static pod YAML manifests.
Restore etcd data by copying the backup into the etcd data directory, and restore static pod manifests by copying them back to /etc/kubernetes/manifests.
Signed-in readers can open the original source through BestHub's protected redirect.
This article has been distilled and summarized from source material, then republished for learning and reference. If you believe it infringes your rights, please contactand we will review it promptly.
Ops Development Stories
Maintained by a like‑minded team, covering both operations and development. Topics span Linux ops, DevOps toolchain, Kubernetes containerization, monitoring, log collection, network security, and Python or Go development. Team members: Qiao Ke, wanger, Dong Ge, Su Xin, Hua Zai, Zheng Ge, Teacher Xia.
How this landed with the community
Was this worth your time?
0 Comments
Thoughtful readers leave field notes, pushback, and hard-won operational detail here.