Hello Readers, In this blog, I’ll be sharing the steps to upgrade EKS using Terraform.
Here, I’m using Terraform version v0.12.9
As we know that AWS keeps updating its EKS service, and keep on deprecating the older versions, so we also need to upgrade our EKS cluster service side by side.
In this blog, I’ll be sharing the steps to upgrade the EKS cluster but before that, here are some points to note.
1. Incremental Upgrade: The EKS needs to be upgraded incrementally, i.e. you can increment the version only by 1 at a time. This means that you can follow this blog only if you are currently on EKS 1.14 version. If not, you need to upgrade to 1.14 first, and then you can follow this blog.
2. Permissions: To upgrade the cluster, the controller node, from where you are running the Terraform commands, must have eks:UpdateClusterVersion permission. You can check the IAM roles for verifying this.
Step 1: Verify the current version is 1.14
To begin with the upgrade, you first need to verify if you are on EKS version 1.14. You can verify this either from AWS Console, or run the following command from the controller node.
kubectl version --shortStep 2: Update version value to 1.15
In the Terraform variables, you need to change the value of the variable corresponds to version from 1.14 to 1.15. Here’s how you will do it.
## main.tf
resource "aws_eks_cluster" "eks_cluster" {
name = var.cluster_name
version = var.cluster_version
}
## variables.tf
variable "cluster_version" {
description = "Kubernetes version to use for the EKS cluster."
default = "1.15"
}Step 3: Apply the Terraform changes
Now, to upgrade the cluster, ssh into the controller node and trigger the following commands
cd <terraform-module-directory>
terraform init
terraform applyStep 4: Verify the upgraded EKS version
After applying the terraform changes, you need toverify if the version has upgraded to 1.15 using the following command
kubectl version --short
## Expected output
Client Version: v1.15.0
Server Version: v1.15.0In case your client version is lower than 1.15, you need to download the new kubectl binaries using the following command
KUBEPATH=$(which kubectl) && cd $(dirname $KUBEPATH) && curl -LO https://storage.googleapis.com/kubernetes-release/release/v1.15.0/bin/linux/amd64/kubectl && cd - && unset KUBEPATHRecommended versions from AWS for EKS related components
| Kubernetes Version | Kube-Proxy Version | CoreDNS Version | Amazon VPC CNI Version |
| 1.15 | v1.15.11 | v1.6.6 | v1.6.1 |
Step 5: Upgrade Kube-Proxy version
Check the current Kube-Proxy version using this command:
kubectl describe ds kube-proxy -n kube-system | grep Image | awk -F":" '{print$3}'If the version is less than 1.15.11 , replace us-east-1 with your EKS region and run the following command.
kubectl patch daemonset kube-proxy -n kube-system
-p '{"spec": {"template": {"spec": {"containers": [{"image": "602401143452.dkr.ecr.us-east-1.amazonaws.com/eks/kube-proxy:v1.15.11","name":"kube-proxy"}]}}}}'Step 6: Upgrade CoreDNS version
Check the current CoreDNS version using this command:
kubectl describe deploy coredns -n kube-system | grep Image | awk -F":" '{print$3}'If the version is less than 1.6.6 , replace us-east-1 with your EKS region and run the following command.
kubectl set image --namespace kube-system deployment.apps/coredns \
coredns=602401143452.dkr.ecr.us-east-1.amazonaws.com/eks/coredns:v1.6.6Step 7: Upgrade Amazon VPC CNI version
Check the current Amazon VPC CNI version using this command:
kubectl describe daemonset aws-node -n kube-system | grep Image | awk -F":" '{print$3}'If the version is less than 1.6.1, run the following command.
kubectl apply -f https://raw.githubusercontent.com/aws/amazon-vpc-cni-k8s/master/config/v1.6/aws-k8s-cni.yamlFinal Step: Upgrading the nodes
Terminate the nodes one by one, and they will turn up with the newer version. To verify that, run the following command
Important Note: Make sure you terminate only those nodes which are stateless. For stateful services, you’ll need to figure out a way to back up the per-node data and then re-spawn that node else there are chances to lose your data.
kubectl get nodesYou’ll see that the version of nodes is now v1.15
These concludes all the steps you need to follow for upgrading EKS to v1.15. Still, if you have any doubts or queries, feel free to contact me at yatharth.sharma@knoldus.in.
Here are my references :
1. bluematador: Perform Terraform EKS Upgrade on Kubernetes
Also, I would like to thank you for sticking to the end. If you like this blog, please do show your appreciation by giving thumbs-ups and share this blog and give me suggestions on how I can improve my future posts to suit your needs. Follow me to get updates on different technologies.
