Unable to Upgrade EKS Control Plane or Managed Node Groups

Question

I have an EKS cluster that is currently on v1.17 with a set of managed nodegroups on v1.16. I'm trying to upgrade both to v1.18, but I've run into a catch-22 problem.

To upgrade the control plane version to 1.18 the nodegroups must match the current cluster version (1.17), and upgrading the nodegroups to 1.17 results in an error ("Cluster's kubernetes version 1.17 is not supported for nodegroup. Minimum supported kubernetes version is 1.18"). Trying to create a new nodegroup results in the same error.

My question is: is there a way to get out of this situation and potentially upgrade both components syncronously or is this cluster simply stuck at its current version indefinitely? It seems problematic that clusters can get into this state in the first place simply because they weren't mnaually upgraded for a period of time.

Answer

For future reference, you can create a self managed node group with the desired version for the nodes and then upgrade the cluster version.

I used eksctl to create the self managed node groups but found it would update the existing security group rules and that it would also affect the aws-load-balancer-controller because of the newly created security groups. There was a bit of downtime for the time it took to manually update the security groups and the load balancer target groups.

Answer

You should follow this guide https://docs.aws.amazon.com/eks/latest/userguide/kubernetes-versions.html to make sure you keep your cluster upgraded before it is in end of support.
If you are using gitops (with argocd or flux), you can create a new cluster and sync your yaml's from git to the new cluster.
If you are not using gitops you can create a snapshot of all the yamls in your cluster with a tool like https://velero.io/
and recreate your resources in a new cluster from the snapshot yamls's

Unable to Upgrade EKS Control Plane or Managed Node Groups

Relevant content