Manually upgrade the control plane and node pools of an ACK cluster - Container Service for Kubernetes

To mitigate security and stability risks associated with outdated versions, promptly upgrade your cluster. A cluster upgrade involves upgrading both the control plane and the node pools.

Important

Before upgrading the cluster, review Upgrade a cluster to understand the upgrade process, methods, and important considerations.

Operation Entry Point

First, upgrade the control plane. Then, upgrade the node pools. Before upgrading the control plane, ensure that the kubelet and container runtime versions on the nodes match the control plane version. This prevents upgrade failures or service interruptions. For example, if the control plane is version 1.32 and the nodes are version 1.31, upgrade the nodes to version 1.32 before upgrading the control plane to 1.33.

Log on to the ACK console. In the left navigation pane, click Clusters.
On the Clusters page, click the name of your cluster. In the left navigation pane, click Operations > Upgrade Cluster.
On the Upgrade Cluster page, select an available Destination Version and follow the on-screen instructions to complete the upgrade process.

Upgrade the control plane

1. Pre-check

The control plane upgrade pre-check scans for deprecated APIs, component compatibility, and the overall cluster status.

For clusters that run version 1.20 or later, the pre-check scans for any deprecated APIs. The scan results do not affect the upgrade process. They are for notification purposes only. Address any issues before upgrading to ensure that the new cluster version operates as expected.

On the Upgrade Cluster page, click Precheck to scan for potential risks prior to the upgrade. After the scan completes, view the results in the Pre-check Results section. The following figure provides an example.

Normal: The upgrade check is successful. You can proceed with the upgrade.
Abnormal: The result does not affect the operation or status of the current cluster. Address the issues based on the provided solutions. For more information, see Cluster check items and solutions.

2. Perform the upgrade

Duration: ACK managed clusters and ACK serverless clusters, the upgrade is managed by ACK and takes approximately 5 minutes. For ACK dedicated clusters, the master nodes are upgraded one by one in sequence. Each node takes approximately 8 minutes.

After resolving the pre-check issues, click Upgrade and follow the on-screen instructions to upgrade the control plane.

After the control plane is upgraded, the version of new scale-out nodes will also align with the control plane version.

3. Post-upgrade validation

After the control plane is upgraded, check the following items:

The control plane has been successfully upgraded. The cluster version is updated on the Clusters page.

The API Server and core components are in a Normal state.

Business applications operate as expected.

Pods can be created normally.

Nodes can be added normally.

Upgrade a node pool

After the control plane is upgraded, you can upgrade the node pool as soon as possible during off-peak hours. The node pool upgrade involves upgrading the kubelet and container runtime on the nodes.

1. Pre-check

The node pool upgrade pre-check scans the node status, system resources, disk status, and the network environment.

On the Node Pool Upgrade page, locate the destination node pool in the list and click Upgrade in the Actions column. Then, at the bottom of the page, click Precheck to scan for potential risks during the upgrade process. After the scan completes, view the results in the Pre-check Results section.

Normal: The upgrade check is successful. You can proceed with the upgrade.
Abnormal: The result does not affect the operation or status of the current cluster. Address the issues based on the instructions in the console and Cluster check items and solutions.

2. Configure an upgrade policy and perform the upgrade

Duration: The duration depends on how the nodes are batched. An in-place upgrade takes approximately 5 to 10 minutes per batch. A disk replacement upgrade without snapshots takes approximately 8 minutes. The specific duration is influenced by the node draining time. To create snapshots, the upgrade starts after the snapshots are created. The time required to create snapshots depends on the data volume.

You can configure an upgrade policy as described in the following table. Then, click Upgrade and follow the on-screen instructions to upgrade the node pool.

Configuration item	Description
Version information	The current and available versions of kubelet and the container runtime.
Update Nodes	You can upgrade all nodes at once, or upgrade some nodes first and then upgrade the rest after you confirm that everything is normal.
Upgrade Method	In-place Upgrade: The required components are updated and replaced directly on the original node. The system disk is not replaced, and the node is not re-initialized. Data on the original node is not affected. Upgrade by Replacing System Disk: The node is re-initialized by replacing its system disk. The instance properties of the node, such as the node name, instance ID, and IP address, remain unchanged. However, data on the system disk is deleted. Data on data disks that are separately attached to the node is not affected. For more information about the upgrade logic and process, see Reference: In-place upgrade and disk replacement upgrade.
Batch Update Policy	Maximum Number of Nodes per Batch: ACK upgrades only one node pool at a time. Nodes within the node pool are upgraded in batches based on this setting. If you pause and then resume the upgrade, the batch policy is still followed. The number of nodes in a batch increments: 1, 2, 4, 8, and so on, until the maximum number of concurrent nodes is reached. After that, each batch contains the maximum number of concurrent nodes. For example, if the maximum number of concurrent nodes is 4, the number of nodes in each batch is 1, 2, 4, 4, 4, and so on. For more information, see Reference: In-place upgrade and disk replacement upgrade. Automatic Pause Policy: The policy to pause the node upgrade process. If you select Automatic, you can also configure the Interval Between Batches. This is the duration of the interval, if any, between upgrade batches (5 to 120 minutes). Auto Snapshot: If the system disks of your nodes contain important business data, you can choose whether to create snapshots for the nodes before you upgrade the node pool. This lets you back up and restore node data. Important Enable automatic snapshots for disk replacement upgrades. Using snapshots incurs snapshot fees. The time required to create a snapshot varies. By default, snapshots are retained for 7 days. After the upgrade, if the snapshots are no longer needed, delete them promptly.

3. Post-upgrade validation

After the node pool is upgraded, check the following items:

The nodes have been successfully upgraded. The kubelet and containerd versions are updated on the node details page.

Pod scheduling is functioning normally.

Business applications operate as expected.

References

For answers to common questions you may have before and during a cluster upgrade, see FAQ.
For information about ACK's Kubernetes version support policy, see Version Guide.
As of version 1.24, Docker is no longer supported as a built-in container runtime. If you upgrade to version 1.24 or later, you must migrate the container runtime of nodes from Docker to containerd.
As of version 1.30, CentOS and Alibaba Cloud Linux 2 are no longer supported. You can use other supported operating systems.
You can also enable automatic cluster upgrades to reduce the O&M workload associated with version management. For more information, see Automatically upgrade a cluster.