Upgrade EKS

Upgrading an EKS Cluster (Real-Time Scenario)

Upgrading an AWS EKS Cluster is a critical task to keep your cluster secure, performant, and compatible with new Kubernetes features.

🛠 Step 1: Pre-Upgrade Checklist

🔹 Check the current version of your cluster:

aws eks describe-cluster --name my-cluster --query cluster.version

🔹 Check for supported versions:

aws eks describe-cluster --name my-cluster --query cluster.platformVersion

🔹 Verify worker nodes version:

kubectl get nodes

🔹 Check deprecated APIs (important to avoid issues):

kubectl get apiservices | grep v1beta1

🔹 Backup the etcd database (if using self-managed control plane):

etcdctl snapshot save /backup/etcd-snapshot.db

🚀 Step 2: Upgrade the EKS Control Plane

Upgrade EKS using AWS CLI

aws eks update-cluster-version --name my-cluster --kubernetes-version 1.29

Upgrade EKS using eksctl

eksctl upgrade cluster --name my-cluster --version 1.29

🔹 Verify the upgrade status:

aws eks describe-cluster --name my-cluster --query cluster.status

✅ Cluster status should be ACTIVE.

🖥 Step 3: Upgrade Node Groups

Managed Node Groups:

eksctl upgrade nodegroup --cluster my-cluster --name my-nodegroup

Self-Managed Nodes: 1️⃣ Drain nodes before upgrade

kubectl drain <node-name> --ignore-daemonsets --delete-emptydir-data

2️⃣ Upgrade the node AMI

aws ec2 describe-images --owners amazon --filters "Name=name,Values=amazon-eks-node-*" "Name=state,Values=available"

3️⃣ Launch new worker nodes with updated AMI. 4️⃣ Reattach nodes to cluster and uncordon

kubectl uncordon <node-name>

✅ Ensure all nodes are Ready.

kubectl get nodes

⚠️ Step 4: Fix Common Issues After Upgrade

❌ Issue: API server errors

🔹 Check logs for API failures

kubectl get events --sort-by=.metadata.creationTimestamp | tail -20

Solution: Update deprecated API resources.

❌ Issue: Some pods stuck in `CrashLoopBackOff`

🔹 Check pod logs

kubectl logs -f <pod-name> -n <namespace>

Solution: Restart workloads that depend on old API versions.

❌ Issue: Nodes not joining after upgrade

🔹 Check node status

kubectl get nodes -o wide

🔹 Check kubelet logs

journalctl -u kubelet -f

Solution: Update kubelet and restart worker nodes.

🔄 Step 5: Verify Cluster Post-Upgrade

🔹 Ensure cluster is on the latest version:

kubectl version --short

🔹 Check if workloads are running fine:

kubectl get pods -A

🔹 Confirm DNS resolution inside cluster:

kubectl run --rm -it --image=busybox dns-test -- nslookup kubernetes.default

🔹 Test application connectivity:

curl http://my-app-service

📌 Final Thoughts

✔️ Control plane upgraded successfully ✔️ Worker nodes upgraded and stable ✔️ Workloads running without issues

🚀 NEXT: Do you want to automate this using Terraform or GitHub Actions?

PreviousTerraform NextBackup

Last updated 11 months ago

hashtagUpgrading an EKS Cluster (Real-Time Scenario)

hashtag🛠 Step 1: Pre-Upgrade Checklist

hashtag🚀 Step 2: Upgrade the EKS Control Plane

hashtag🖥 Step 3: Upgrade Node Groups

hashtag⚠️ Step 4: Fix Common Issues After Upgrade

hashtag❌ Issue: API server errors

hashtag❌ Issue: Some pods stuck in CrashLoopBackOff

hashtag❌ Issue: Nodes not joining after upgrade

hashtag🔄 Step 5: Verify Cluster Post-Upgrade

hashtag📌 Final Thoughts