Step‑by‑Step Upgrade of Docker and containerd on a Multi‑Env Kubernetes Cluster
This article walks through the prerequisites, node‑maintenance strategy, and detailed commands needed to safely upgrade Docker to 20.10.11 and containerd to 1.4.12 on a Kubernetes cluster that runs an Envoy‑based API gateway, ensuring minimal disruption for over 5,000 pods.
Introduction
The company runs a multi‑environment Kubernetes cluster that uses a low‑level Envoy‑based API gateway instead of common ingress controllers. Because the gateway updates rapidly and older API versions are removed from documentation, the component must be upgraded. The upgrade requires Docker version ≥ 20.10.11 and containerd version ≥ 1.4.11, so these two components are upgraded first.
Kubernetes Node Maintenance
Before maintaining a node, ensure there are redundant nodes that can host all pods from the node being upgraded, or that the node’s pods have been evicted and can be rescheduled elsewhere. In this case the node’s memory usage exceeded 95 % and the upgrade had to be performed at night on a cluster with more than 5,000 pods, following a one‑node‑at‑a‑time approach.
Upgrade Steps
1. Check current versions :
<code>$ containerd -v
containerd.io 1.2.13 7ad184331fa3e55e52b890ea95e65ba581ae3429
$ docker -v
Docker version 19.03.12, build 48a66213fe</code>2. Drain the node :
<code>$ kubectl drain k8s-node02.ayunw.cn --ignore-daemonsets --delete-local-data --force
$ kubectl get node
NAME STATUS
k8s-master01.ayunw.cn Ready
k8s-node01.ayunw.cn Ready
k8s-node02.ayunw.cn NotReady,SchedulingDisabled
...</code>3. Stop Docker and kubelet on the node :
<code>systemctl stop kubelet
systemctl stop docker
systemctl stop docker.socket
systemctl stop containerd</code>4. Remove old Docker packages and install the new Docker and containerd :
<code>yum -y remove docker \
docker-client \
docker-client-latest \
docker-common \
docker-latest \
docker-latest-logrotate \
docker-logrotate \
docker-engine
dnf -y install yum-utils device-mapper-persistent-data lvm2
yum-config-manager \
--add-repo \
https://download.docker.com/linux/centos/docker-ce.repo
yum makecache
dnf -y install containerd.io-1.4.12-3.1.el8.x86_64.rpm
dnf -y install docker-ce-20.10.11 docker-ce-cli-20.10.11
systemctl daemon-reload
systemctl start docker
systemctl enable docker
systemctl status docker
systemctl status containerd
systemctl enable containerd.service</code>5. Verify the installed versions :
<code>$ containerd -v && docker -v
containerd.io 1.4.12 7b11cfaabd73bb80907dd23182b9347b4245eb5d
Docker version 20.10.11, build dea9396</code>6. Start kubelet and restore the node :
<code>systemctl start kubelet
systemctl status kubelet
kubectl uncordon k8s-node02.ayunw.cn
kubectl get node -o wide</code>After these steps the Docker and containerd versions are successfully upgraded.
Ops Development Stories
Maintained by a like‑minded team, covering both operations and development. Topics span Linux ops, DevOps toolchain, Kubernetes containerization, monitoring, log collection, network security, and Python or Go development. Team members: Qiao Ke, wanger, Dong Ge, Su Xin, Hua Zai, Zheng Ge, Teacher Xia.
How this landed with the community
Was this worth your time?
0 Comments
Thoughtful readers leave field notes, pushback, and hard-won operational detail here.