Upgrading your Amazon Elastic Kubernetes Service (EKS) cluster is essential to leverage the latest features, security patches, and performance improvements in Kubernetes. This guide provides a clear step-by-step process for upgrading your EKS cluster from any version to a newer one. The purpose of this blog is to help Kubernetes administrators and DevOps engineers perform this upgrade smoothly and efficiently, minimizing downtime and ensuring continued reliability/security of their workload.
This guide outlines a structured approach to upgrading an Amazon Elastic Kubernetes Service (EKS) cluster, covering both the control plane and worker nodes.
It provides detailed steps for preparation, execution, and post-upgrade verification, ensuring a smooth transition to newer Kubernetes versions.
Key actions include:
- verifying compatibility,
- backing up data,
- updating tools,
cordoning nodes to prevent new pod scheduling, and systematically upgrading both managed and self-managed node groups.
The guide also emphasizes the importance of updating essential add-ons and testing workloads post-upgrade to maintain the stability and performance of your Kubernetes environment. This ensures your cluster leverages the latest features, security patches, and performance improvements, providing a robust foundation for cloud-native applications.
Step-by-Step Upgrade Guide
1. Preparation
- Check Compatibility:
- Verify that your workloads and add-ons are compatible with the target Kubernetes version.
- Review the EKS Kubernetes version release notes.
- Backup Data:
- Backup cluster data and configurations to ensure you can restore them if needed.
- Upgrade kubectl:
curl -LO "https://dl.k8s.io/release/$(curl -L -s https://dl.k8s.io/release/stable.txt)/bin/linux/amd64/kubectl"
chmod +x kubectl
sudo mv kubectl /usr/local/bin/
- Update AWS CLI:
curl "https://awscli.amazonaws.com/awscli-exe-linux-x86_64.zip" -o "awscliv2.zip"
unzip awscliv2.zip
sudo ./aws/install
2. Upgrade EKS Control Plane
- Check Current Version:
aws eks describe-cluster --name <cluster_name> --query cluster.version --output text
- Initiate Control Plane Upgrade:
aws eks update-cluster-version --name <cluster_name> --kubernetes-version <target_version>
- Monitor the Upgrade Process:
The upgrade process can take some time. Monitor the status using:
aws eks describe-update --name <cluster_name> --update-id <update_id>
3. Upgrade Worker Nodes
Managed Node Groups
- Cordon Nodes:
Prevent new pods from being scheduled on nodes:
kubectl cordon <node_name>
- Update Managed Node Groups:
For each managed node group:
aws eks update-nodegroup-version --cluster-name <cluster_name> --nodegroup-name <node_group_name> --kubernetes-version <target_version>
- Monitor the Upgrade Process:
Check the status of the node group update:
aws eks describe-update --cluster-name <cluster_name> --nodegroup-name <node_group_name> --update-id <update_id>
Self-Managed Nodes
- Cordon and Drain Old Nodes:
- Prevent new pods from being scheduled and safely migrate workloads:
kubectl cordon <node_name>
kubectl drain <node_name> --ignore-daemonsets --delete-local-data
- Create a New Node Group:
Create a new node group with the desired Kubernetes version:
eksctl create nodegroup --cluster <cluster_name> --name <new_node_group> --kubernetes-version <target_version>
- Delete Old Node Group:
- Remove the old node group:
eksctl delete nodegroup --cluster <cluster_name> --name <old_node_group>
4. Post-Upgrade Steps
- Verify Upgrade:
- Check the nodes and ensure they are running the desired version:
kubectl get nodes
- Update Add-ons:
- Update essential add-ons to ensure compatibility with the new Kubernetes version:
eksctl update addon --name vpc-cni --cluster <cluster_name>
eksctl update addon --name kube-proxy --cluster <cluster_name>
eksctl update addon --name coredns --cluster <cluster_name>
- Test Workloads:
- Ensure all applications are functioning correctly post-upgrade:
kubectl get pods -A
- Clean Up:
- Remove old node groups if not done already:
Summary
With this structured approach, including cordoning nodes before the upgrade, you can efficiently upgrade your EKS cluster. This process helps ensure that your Kubernetes environment is up-to-date with the latest features and security enhancements, maintaining the robustness and performance of your applications and providing a solid foundation for your cloud-native workloads.