记录一次 kubernets 从1.23升级到1.24

2025/8/22·

2022年5月3日，Kubernetes 1.24 正式发布，在新版本中，我们看到 Kubernetes 作为容器编排的事实标准，正愈发变得成熟，有 12 项功能都更新到了稳定版本，同时引入了很多实用的功能，例如 StatefulSets 支持批量滚动更新，NetworkPolicy 新增 NetworkPolicyStatus 字段方便进行故障排查等

kubectl get nodes
kubeadm version
kubelet --version
kubectl version --short

NAME      STATUS   ROLES                  AGE    VERSION
master1   Ready    control-plane,master   314d   v1.23.1
master2   Ready    control-plane,master   314d   v1.23.1
master3   Ready    control-plane,master   314d   v1.23.1
node1     Ready    <none>                 314d   v1.23.1
node2     Ready    <none>                 314d   v1.23.1
node3     Ready    <none>                 53d    v1.23.1
kubeadm version: &version.Info{Major:"1", Minor:"23", GitVersion:"v1.23.1", GitCommit:"86ec240af8cbd1b60bcc4c03c20da9b98005b92e", GitTreeState:"clean", BuildDate:"2021-12-16T11:39:51Z", GoVersion:"go1.17.5", Compiler:"gc", Platform:"linux/amd64"}
Kubernetes v1.23.1
Client Version: v1.23.1
Server Version: v1.23.0

etcd 备份

root@master1:/home/pdp# ETCDCTL_API=3 /opt/etcd/bin/etcdctl   --cacert=/opt/etcd/ssl/ca.pem   --cert=/opt/etcd/ssl/server.pem   --key=/opt/etcd/ssl/server-key.pem   --endpoints="https://192.168.3.70:2379"   snapshot save /usr/local/etcd/backup/snapshot.db
{"level":"info","ts":1755574194.7716947,"caller":"snapshot/v3_snapshot.go:68","msg":"created temporary db file","path":"/usr/local/etcd/backup/snapshot.db.part"}
{"level":"info","ts":1755574194.8160756,"logger":"client","caller":"v3/maintenance.go:211","msg":"opened snapshot stream; downloading"}
{"level":"info","ts":1755574194.8161745,"caller":"snapshot/v3_snapshot.go:76","msg":"fetching snapshot","endpoint":"https://192.168.3.70:2379"}
{"level":"info","ts":1755574223.9034739,"logger":"client","caller":"v3/maintenance.go:219","msg":"completed snapshot read; closing"}
{"level":"info","ts":1755574230.754973,"caller":"snapshot/v3_snapshot.go:91","msg":"fetched snapshot","endpoint":"https://192.168.3.70:2379","size":"1.5 GB","took":"35 seconds ago"}
{"level":"info","ts":1755574230.7872474,"caller":"snapshot/v3_snapshot.go:100","msg":"saved","path":"/usr/local/etcd/backup/snapshot.db"}
Snapshot saved at /usr/local/etcd/backup/snapshot.db

拉取containers

apt update && apt install -y containerd

sudo mkdir -p /etc/containerd && \
sudo containerd config default > /etc/containerd/config.toml

修改/etc/containerd/config.toml 文件中：
[plugins."io.containerd.grpc.v1.cri".containerd.runtimes.runc] 下 [plugins."io.containerd.grpc.v1.cri".containerd.runtimes.runc.options] 下的 SystemdCgroup 为 true
sandbox_image 改为 registry.aliyuncs.com/google_containers/pause:3.7

systemctl restart containerd

vim /var/lib/kubelet/kubeadm-flags.env

KUBELET_KUBEADM_ARGS="--container-runtime=remote --container-runtime-endpoint=unix:///run/containerd/containerd.sock --pod-infra-container-image=registry.aliyuncs.com/google_containers/pause:3.7"

sudo vi /etc/crictl.yaml

runtime-endpoint: unix:///run/containerd/containerd.sock
image-endpoint: unix:///run/containerd/containerd.sock
timeout: 2
pull-image-on-create: false

下载 kubeadm 1.24

升级

kubeadm upgrade apply v1.24.0

待全部控制节点升级完毕，开始升级 kubectl

sudo apt-get update
sudo apt-get install -y --allow-change-held-packages kubelet=1.24.0-00 kubectl=1.24.0-00
sudo systemctl daemon-reload
sudo systemctl restart kubelet

控制节点升级完，开始逐个升级工作节点

kubectl drain node3 --ignore-daemonsets --delete-emptydir-data

重复上面的container 配置和更新kubeadm 和 kubectl

sudo apt-get install -y --allow-change-held-packages kubelet=1.24.0-00 kubectl=1.24.0-00

# 升级节点配置
sudo kubeadm upgrade node

# 重启 kubelet
sudo systemctl daemon-reload
sudo systemctl restart kubelet

检查更新状态

crictl info
kubectl version
kubeadm version

还原节点

kubectl uncordon node3

今后的操作中，需要将 docker 相关的命令全部换成crictl