2 min read

AKS Upgrade Options

Maintaining workloads on Kubernetes is no simple task. Part of the reason for this difficulty is the the need for routine version upgrades. These upgrades are needed to keep up with the latest patches released for security, performance, and other enhancements. Today we will discuss the various options for upgrading Azure Kubernetes Service (AKS).

There are two ways to treat AKS upgrades: 1) Auto-upgrade and 2) manually through CLI or Azure Portal.

Auto-upgrade

AKS is a managed version of Kubernetes offered by Microsoft Azure. As such, you do have the option to opt for the Auto-upgrade feature.

You may not be comfortable in relinquishing control over your workloads in production. To build more confidence with this approach, I recommend that you:

  • Make use of Scheduled Maintenance
  • Ensure that you have automatic monitoring in place to verify that your workloads are working as expected after an AKS upgrade

Manual upgrade through Azure Portal or AZ CLI

A potential benefit of performing the upgrade manually is that we get full control over how and when the upgrade occurs. This can be done by following the steps below:

  1. Determine the version to which you would like to upgrade
  2. Upgrade Control Plane to the desirable version
  3. Create new Nodepool with the desirable version
  4. Drain old Nodepool
  5. Upgrade old Nodepool to the desirable version
  6. Drain new Nodepool
  7. Delete new Nodepool

I will provide you with sample AZ CLI commands for these steps below.

  1. Determine the version to which you would like to upgrade: The following command will provide you with a list of supported versions.
az aks get-versions --location <cluster location> --output table
  1. Upgrade Control Plane to the desirable version:
az aks upgrade \       
         --control-plane-only \
         --resource-group <resource group name> \
         --name <cluster name> \
         --kubernetes-version <kubernetes version>
  1. Create new Nodepool with the desirable version:
az aks nodepool add --resource-group <resource group name> --cluster-name <cluster name> --node-vm-size Standard_DS2_v2 --name <nodepool name> --node-count 2
  1. Drain old Nodepool: After draining the old Nodepool, you may want to wait and test that all workloads are up and running in the new Nodepool.
kubectl drain <old node name>
  1. Upgrade old Nodepool to the desirable version
az aks nodepool upgrade --resource-group <resource group name> --cluster-name <aks cluster name> --kubernetes-version <Kubernetes version> --name <old nodepool name>
  1. Drain new Nodepool: After draining the new Nodepool, you may want to wait and test that all workloads are up and running in the old Nodepool.
kubectl drain <new node name>
  1. Delete new Nodepool
az aks nodepool delete --resource-group <resource group name> --cluster-name <cluster name> --name <nodepool name>

Obligatory footer to mark the end of content