To perform OS upgrade or maintenance on a node, first drain it using k drain <node-name>. This will terminate the running pods on the node, spawn them on other nodes and mark the node as cordon, meaning no pods can be scheduled on it. The above command will not work if there are pods on the node that are not associated with any replicaset, as these pods will not be spawned on any other node. We’ll have to use --force option to terminate such pods forcefully.

Now, perform the upgrade or maintenance. After that, uncordon the node using k uncordon <node-name>. This will make the node schedulable again.

We can manually cordon a node to prevent new pods from being scheduled on it by running k cordon <node-name>. This does not remove already running pods on the node.