talos icon indicating copy to clipboard operation
talos copied to clipboard

Published 20 hours ago verified publisher icon siderolabs

Add option to upgrade only control-plane nodes in talosctl upgrade-k8s command

Open donch opened this issue 1 year ago • 4 comments

Feature Request

Add an option to the talosctl upgrade-k8s command to upgrade only the control-plane nodes, leaving worker nodes at their current version. This would allow administrators to perform successive control-plane upgrades before upgrading worker nodes only once, reducing the overall impact on the cluster and providing more flexibility in the upgrade process.

Description

Currently, the talosctl upgrade-k8s command upgrades all nodes in the cluster. However, according to the official Kubernetes version skew policy (https://kubernetes.io/releases/version-skew-policy/#kubelet), kubelet can be up to three minor versions behind the API server. This allows for a more flexible and less impactful upgrade strategy, especially for large clusters.

Proposed implementation:

Add a new flag to the upgrade-k8s command, such as --control-plane-only or -c, which when specified would limit the upgrade process to control-plane nodes only.

donch avatar Oct 18 '24 15:10 donch

It would also be nice if specific machines could be individually targeted, rather than all control plane nodes or all worker nodes at the same time. This could help prevent outages should the upgrade fail, as only the selected subset of machines would be affected by a failed upgrade.

solidDoWant avatar Nov 11 '24 22:11 solidDoWant

This would also be very helpful when migrating from kubeadm clusters to Talos. Targeting each nodes individually would allow to bump multiple k8s version at once.

rdegez avatar Nov 20 '24 09:11 rdegez

This issue is stale because it has been open 180 days with no activity. Remove stale label or comment or this will be closed in 7 days.

github-actions[bot] avatar May 20 '25 02:05 github-actions[bot]

Bump.

9numbernine9 avatar May 20 '25 16:05 9numbernine9

This issue is stale because it has been open 180 days with no activity. Remove stale label or comment or this will be closed in 7 days.

github-actions[bot] avatar Nov 17 '25 02:11 github-actions[bot]

Bump.

9numbernine9 avatar Nov 17 '25 13:11 9numbernine9

There is the --upgrade-kubelet false flag which seems to get quite close to this as it will handle the control-plane only upgrades and leave kubelet to the user to manually upgrade.

dbackeus avatar Nov 27 '25 21:11 dbackeus