Upgrading Kubernetes Nodes Without Breaking a Sweat

If you’re using a managed Kubernetes service, you’ve probably seen rolling updates in action while upgrading the node OS, Kubernetes version, container runtime, kubelet configs, and rotating certificates.

But what if you're running clusters on bare metal?
What if your nodes have locally attached persistent storage, you can't just toss aside during a rolling update?

Yeah… suddenly, that “just replace the node” strategy doesn’t look so good.

In this session, I’ll walk you through a new In-Place Node OS and Kubernetes version upgrade strategy built into Gardener, designed exactly for these kinds of setups.

Gardener achieves in-place upgrades by:

• Using Gardenlinux’s native in-place OS update support

• Coordinating node drain and update orchestration through Machine Controller Manager

• Running a node-local agent that carefully sequences updates across the node stack

We’ll explore:

• How the whole thing works under the hood

• How does this strategy improve efficiency in environments with limited VM flavors

• And how you, as an operator, can configure and control the rollout with precision

• Traditional rolling updates are insufficient for bare metal with local storage: The "just replace the node" approach, common in managed cloud Kubernetes services, fails when nodes have persistent data that can't be easily moved or discarded during an upgrade. This session directly addresses this challenge.

• Gardener offers a specialized in-place upgrade solution: Gardener, a Kubernetes-as-a-Service solution, has developed a specific strategy to handle OS and Kubernetes version upgrades without the need of replacing the nodes.

• Improved efficiency in resource-constrained environments: The in-place upgrade strategy avoids the need to provision new nodes and then deprovision old ones, which is particularly beneficial in environments with limited VM flavors or fixed hardware, as it reduces resource overhead and churn.

• Operational control: Gain fine-grained control over upgrade sequencing, node availability, and failure handling—tailored to your cluster’s real-world needs.