manual upgrades: clarify that a drain is not required #381
Conversation
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
In Kubernetes, pods are independent of containerd/kubelet, and thus restarting k3s without draining first is a safe thing to do. This is not immediately clear to folks new to hosting their own cluster, so add a reassuring note. Signed-off-by: Kyle Fazzari <[email protected]>
farazkhawaja
approved these changes
Jul 31, 2025
|
thanks for the contribution! looks like this needs a rebase. |
farazkhawaja
reviewed
Aug 1, 2025
| 3. Restart the k3s or k3s-agent service or restart the k3s process (binary) | ||
|
|
||
| :::note | ||
| It is generally safe to do this in Kubernetes without needing to drain the node (pods continue running and networking stays configured the same way it was), but you might consider draining first if you have pods that can't tolerate a short API server outage. |
There was a problem hiding this comment.
"It is generally safe to do this" , do we need to highlight what is 'this'
brandond
requested changes
Aug 1, 2025
| 3. Restart the k3s service | ||
|
|
||
| :::note | ||
| This script does not drain the node before restarting k3s. This is generally safe in Kubernetes (pods continue running and networking stays configured the same way it was), but you might consider draining first if you have pods that can't tolerate a short API server outage. |
There was a problem hiding this comment.
Suggested change
| This script does not drain the node before restarting k3s. This is generally safe in Kubernetes (pods continue running and networking stays configured the same way it was), but you might consider draining first if you have pods that can't tolerate a short API server outage. | |
| Containers for Pods continue running even when K3s is stopped. The install script does not drain or cordon the node before restarting k3s. If your workload is sensitive to brief API server outages, you should manually [drain and cordon](https://kubernetes.io/docs/reference/kubectl/generated/kubectl_drain/) the node using `kubectl` before re-running the install script to upgrade k3s or modify the configuration, and uncordon it afterwards. |
| 3. Restart the k3s or k3s-agent service or restart the k3s process (binary) | ||
|
|
||
| :::note | ||
| It is generally safe to do this in Kubernetes without needing to drain the node (pods continue running and networking stays configured the same way it was), but you might consider draining first if you have pods that can't tolerate a short API server outage. |
There was a problem hiding this comment.
Suggested change
| It is generally safe to do this in Kubernetes without needing to drain the node (pods continue running and networking stays configured the same way it was), but you might consider draining first if you have pods that can't tolerate a short API server outage. | |
| Containers for Pods continue running even when K3s is stopped. It is generally safe to restart K3s without draining pods and cordoning the node. If your workload is sensitive to brief API server outages, you should manually [drain and cordon](https://kubernetes.io/docs/reference/kubectl/generated/kubectl_drain/) the node using `kubectl` before restarting K3s, and uncordon it afterwards. |
|
@brandond on a second thought, should we go this route?kubernetes/kubernetes#129385 (comment) |
|
I still don't think its necessary to recommend always cordon+drain. As that comment says:
This suggests that this should not occur during most minor-version upgrades, and will not occur across patch-version upgrades. The 1.30 -> 1.31 transition was unique. |
|
Makes sense. Thanks |
|
@brandond i can create a diff PR for this aswell with proposed changes |
|
@brandond we can close this PR in favor of the merged one |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
In Kubernetes, pods are independent of containerd/kubelet, and thus restarting k3s without draining first is a safe thing to do. This is not immediately clear to folks new to hosting their own cluster, so add a reassuring note.