This is a cheat sheet created during the last upgrade of a Kubernetes cluster serving Developer’s Cloud Desktops to our customers. TLDR; style.

Create  Backup

Recommended

Upgrade to the latest Hotfix Version

This is an example of how to upgrade to v1.21.12 as the latest hotfix version of v1..21:

# upgrade DEV v1.21.3 to v1.21.12:
sudo yum install -y kubeadm-1.21.12-0 --disableexcludes=kubernetes # on all machines (also on the worker nodes, because we need it for pre-downloading the images)
sudo kubeadm upgrade plan # master
sudo kubeadm config images pull # on all machines
sudo kubeadm upgrade apply v1.21.12 # on master

sudo kubectl get nodes
# if the last command has failed, you might need to configure the correct kube config for root as follows:
  sudo mkdir -p /root/.kube
  sudo cp -i /etc/kubernetes/admin.conf /root/.kube/config

# drain worker nodes:
WORKER_NODE=node1
kubectl drain $WORKER_NODE --ignore-daemonsets --delete-emptydir-data

sudo systemctl daemon-reload # on all machines
sudo systemctl restart kubelet # on all machines

# check
kubectl get nodes

# enable worker node scheduling:
WORKER_NODE=node1
kubectl uncordon $WORKER_NODE

Upgrade to the next higher main Version

# upgrade DEV v1.21.12 to v1.22.9:
sudo yum install -y kubeadm-1.22.9-0 --disableexcludes=kubernetes # on all machines (also on the worker nodes, because we need it for pre-downloading the images)
sudo kubeadm upgrade plan # master
sudo kubeadm config images pull # on all machines
sudo kubeadm upgrade apply v1.22.9 # on master

# check
kubectl get nodes

# drain worker nodes: 
WORKER_NODE=node1 
kubectl drain $WORKER_NODE --ignore-daemonsets --delete-emptydir-data
sudo systemctl daemon-reload # on all machines
sudo systemctl restart kubelet # on all machines

# check
kubectl get nodes
sudo kubeadm certs check-expiration # on master

# enable worker node scheduling:
WORKER_NODE=node1 
kubectl uncordon $WORKER_NODE # on master

kubectl get nodes