Cluster Upgrades¶
An eksctl-managed cluster can be upgraded in 3 easy steps:
- update control plane version with
eksctl update cluster - update default add-ons:
kube-proxyaws-nodecoredns
- replace each of the nodegroups by creating a new one and deleting the old one
Please make sure to read this section in full before you proceed.
Info
Kubernetes supports version drift of up to two minor versions during upgrade process. So nodes can be up to two minor versions ahead or behind the control plane version. You can only upgrade the control plane one minor version at a time, but nodes can be upgraded more than one minor version at a time, provided the nodes stay within two minor versions of the control plane.
Updating control plane version¶
Control plane version updates must be done for one minor version at a time.
To update control plane to the next available version run:
1 | eksctl update cluster --name=<clusterName> |
This command will not apply any changes right away, you will need to re-run it with
--approve to apply the changes.
Updating nodegroups¶
You should update nodegroups only after you ran eksctl update cluster.
If you have a simple cluster with just an initial nodegroup (i.e. created with
eksctl create cluster), the process is very simple.
Get the name of old nodegroup:
1 | eksctl get nodegroups --cluster=<clusterName> |
NOTE: you should see only one nodegroup here, if you see more - read the next section
Create new nodegroup:
1 | eksctl create nodegroup --cluster=<clusterName> |
Delete old nodegroup:
1 | eksctl delete nodegroup --cluster=<clusterName> --name=<oldNodeGroupName> |
Note
This will drain all pods from that nodegroup before the instances are deleted.
Updating multiple nodegroups¶
If you have multiple nodegroups, it's your responsibility to track how each one was configured. You can do this by using config files, but if you haven't used it already, you will need to inspect your cluster to find out how each nodegroup was configured.
In general terms, you are looking to:
- review nodegroups you have and which ones can be deleted or must be replaced for the new version
- note down configuration of each nodegroup, consider using config file to ease upgrades next time
To create a new nodegroup:
1 | eksctl create nodegroup --cluster=<clusterName> --name=<newNodeGroupName> |
To delete old nodegroup:
1 | eksctl delete nodegroup --cluster=<clusterName> --name=<oldNodeGroupName> |
Updating multiple nodegroups with config file¶
If you are using config file, you will need to do the following.
Edit config file to add new nodegroups, and remove old nodegroups.
If you just want to update nodegroups and keep the same configuration,
you can just change nodegroup names, e.g. append -v2 to the name.
To create all of new nodegroups defined in the config file, run:
1 | eksctl create nodegroup --config-file=<path> |
Once you have new nodegroups in place, you can delete old ones:
1 | eksctl delete nodegroup --config-file=<path> --only-missing |
Note
First run is in plan mode, if you are happy with the proposed changes, re-run with --approve.
Updating default add-ons¶
There are 3 default add-ons that get included in each EKS cluster, the process for updating each of them is different, hence there are 3 distinct commands that you will need to run.
Info
All of the following commands accept --config-file.
Note
By default each of these commands runs in plan mode, if you are happy with the proposed changes, re-run with --approve.
To update kube-proxy, run:
1 | eksctl utils update-kube-proxy |
To update aws-node, run:
1 | eksctl utils update-aws-node |
To update coredns, run:
1 | eksctl utils update-coredns |
Once upgraded, be sure to run kubectl get pods -n kube-system and check if all addon pods are in ready state, you should see
something like this:
1 2 3 4 5 6 7 | NAME READY STATUS RESTARTS AGE aws-node-g5ghn 1/1 Running 0 2m aws-node-zfc9s 1/1 Running 0 2m coredns-7bcbfc4774-g6gg8 1/1 Running 0 1m coredns-7bcbfc4774-hftng 1/1 Running 0 1m kube-proxy-djkp7 1/1 Running 0 3m kube-proxy-mpdsp 1/1 Running 0 3m |