Essential Upgrade Kubernetes Version
Upgrade the Kubernetes Version
When upgrading the Kubernetes version of a cluster:
Upgrade the control plane first using the infrastructure specific command.
NOTE the additional considerations for FIPS if using FIPS configuration.
Upgrade the node pools second using the infrastructure specific command.
NOTE the additional considerations for FIPS if using FIPS configuration.
Build a new image if applicable.
If an AMI was specified when initially creating a cluster for AWS, you must build a new one with Konvoy Image Builder and set the flag(s) in the update commands. Either AMI ID
--ami AMI_ID
, or the lookup image flags:--ami-owner AWS_ACCOUNT_ID
,--ami-base-os ubuntu-20.04
, and--ami-format 'example-{{.BaseOS}}-?{{.K8sVersion}}-*'
.⚠️ The AMI lookup method will return an error if the lookup uses the upstream CAPA account ID.
If an Azure Machine Image was specified for Azure, you must build a new one with Konvoy Image Builder.
If a vSphere template Image was specified for vSphere, you must build a new one with Konvoy Image Builder.
You must build a new GCP image with Konvoy Image Builder.
Upgrade the Kubernetes version of the control plane. Each cloud provider has distinctive commands. Below is the AWS command example. Select the drop-down menu next to your provider for compliant CLI.
NOTE: The first example below is for AWS. If you created your initial cluster with a custom AMI using the--ami
flag, it is required to set the--ami
flag during the Kubernetes upgrade.CODEdkp update controlplane aws --cluster-name=${CLUSTER_NAME} --kubernetes-version=v1.28.7
The output should be similar to the below example, with the provider name corresponding to the CLI you executed from the choices above:
Updating control plane resource controlplane.cluster.x-k8s.io/v1beta1, Kind=KubeadmControlPlane default/my-aws-cluster-control-plane
Waiting for control plane update to finish.
✓ Updating the control plane
Some advanced options are available for various providers. To see all the options for your particular provider, run this command dkp update controlplane aws|vsphere|preprovisioned|azure|gcp|eks --help
for more advance options like the example below:
This example for AWS AMI instance type: aws: --ami, --instance-type
would be some of the options mentioned in the note above.
NOTE: The command dkp update controlplane {provider}
has a 30 minute default timeout for the update process to finish. If you see the error "timed out waiting for the condition
“, you can check the control plane nodes version using the command kubectl get machines -o wide --kubeconfig $KUBECONFIG
before trying again.
5. Upgrade the Kubernetes version of your node pools. Upgrading a nodepool involves draining the existing nodes in the nodepool and replacing them with new nodes. In order to ensure minimum downtime and maintain high availability of the critical application workloads during the upgrade process, we recommend deploying Pod Disruption Budget (Disruptions) for your critical applications. For more information, refer to Update Cluster Nodepools documentation.
a. First, get a list of all node pools available in your cluster by running the following command:
dkp get nodepool --cluster-name ${CLUSTER_NAME}
b. Select the nodepool you want to upgrade with the command below:
export NODEPOOL_NAME=my-nodepool
c. Then update the selected nodepool using the command below. Upgrading a node pool involves draining the existing nodes in the node pool and replacing them with new nodes. we recommend deploying Pod Disruption Budget (Disruptions) for your critical applications. Refer to Update Cluster Nodepools for more information.
The first example command shows AWS language, so select the drop-down menu for your provider for the correct command. Execute the update
command for each of the node pools listed in the previous command:
NOTE: The first example below is for AWS. If you created your initial cluster with a custom AMI using the --ami
flag, it is required to set the --ami
flag during the Kubernetes upgrade.
dkp update nodepool aws ${NODEPOOL_NAME} --cluster-name=${CLUSTER_NAME} --kubernetes-version=v1.28.7
The output should be similar to the following, with the name of the infrastructure provider shown accordingly:
Updating node pool resource cluster.x-k8s.io/v1beta1, Kind=MachineDeployment default/my-aws-cluster-my-nodepool
Waiting for node pool update to finish.
✓ Updating the my-aws-cluster-my-nodepool node pool
d. Repeat this step for each additional node pool.
When all nodepools have been updated, your upgrade is complete. For the overall process for upgrading to the latest version of DKP, refer back to Upgrade DKP for more details.