Skip to main content

The Amazon EKS cluster upgrade utility

Project description

Amazon EKS Upgrade Utility

Validation Status E2E Cluster Upgrade Coverage Status PyPI Downloads

Amazon EKS cluster upgrade is a utility that automates the upgrade process for Amazon EKS clusters.

Checks post v0.9.0

The pre/post-flight checks are removed in favor of guiding the user to evaluate their clusters with existing tools which handle this better such as eksup. The existing pre/post checks will be replaced with relevant checks specific to the upgrade (based on previous understanding the cluster is eligible for such an upgrade).

Cluster Upgrade

  1. Control plane upgrade - This is handled entirely by AWS once the version upgrade has been requested.
  2. Identification of Managed and Self-managed node - The worker nodes are identified as EKS managed and Self-managed to perform upgrade.
  3. Managed Node group update - Updates managed node group to the specified version.
  4. Self-managed Node group update
    • Launch new nodes with upgraded version and wait until they require ready status for next step.
    • Mark existing nodes as unschedulable.
    • If pod disruption budget (PDB) is present then check for force eviction flag (--force) which is given by user, only then evict the pods or continue with the flow.

Pre-Requisites

Before running eksupgrade, you will need to have permission for both AWS and the Kubernetes cluster itself.

  1. Install eksupgrade locally:
python -m pip install eksupgrade
  1. Ensure you have the necessary AWS permissions; an example policy of required permissions is listed below:
{
  "Version": "2012-10-17",
  "Statement": [
    {
      "Sid": "iam",
      "Effect": "Allow",
      "Action": [
        "iam:GetRole",
        "sts:GetAccessKeyInfo",
        "sts:GetCallerIdentity",
        "sts:GetSessionToken"
      ],
      "Resource": "*"
    },
    {
      "Sid": "ec2",
      "Effect": "Allow",
      "Action": [
        "autoscaling:CreateLaunchConfiguration",
        "autoscaling:Describe*",
        "autoscaling:SetDesiredCapacity",
        "autoscaling:TerminateInstanceInAutoScalingGroup",
        "autoscaling:UpdateAutoScalingGroup",
        "ec2:Describe*",
        "ssm:*"
      ],
      "Resource": "*"
    },
    {
      "Sid": "eks",
      "Effect": "Allow",
      "Action": [
        "eks:Describe*",
        "eks:List*",
        "eks:UpdateAddon",
        "eks:UpdateClusterVersion",
        "eks:UpdateNodegroupVersion"
      ],
      "Resource": "*"
    }
  ]
}
  1. Update your local kubeconfig to authenticate to the cluster:
aws eks update-kubeconfig --name <CLUSTER-NAME> --region <REGION>

Usage

To view the arguments and options, run:

eksupgrade --help
 Usage: eksupgrade [OPTIONS] CLUSTER_NAME CLUSTER_VERSION REGION

 Run eksupgrade against a target cluster.

╭─ Arguments ──────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────╮
│ *    cluster_name         TEXT  The name of the cluster to be upgraded [default: None] [required]                                                                                                                                                        │
│ *    cluster_version      TEXT  The target Kubernetes version to upgrade the cluster to [default: None] [required]                                                                                                                                       │
│ *    region               TEXT  The AWS region where the target cluster resides [default: None] [required]                                                                                                                                               │
╰──────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────╯
╭─ Options ────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────╮
│ --max-retry                                    INTEGER  The most number of times to retry an upgrade [default: 2]                                                                                                                                        │
│ --force                 --no-force                      Force the upgrade (e.g. pod eviction with PDB) [default: no-force]                                                                                                                               │
│ --preflight             --no-preflight                  Run pre-upgrade checks without upgrade [default: no-preflight]                                                                                                                                   │
│ --parallel              --no-parallel                   Upgrade all nodegroups in parallel [default: no-parallel]                                                                                                                                        │
│ --latest-addons         --no-latest-addons              Upgrade addons to the latest eligible version instead of default [default: no-latest-addons]                                                                                                     │
│ --disable-checks        --no-disable-checks             Disable the pre-upgrade and post-upgrade checks during upgrade scenarios [default: no-disable-checks]                                                                                            │
│ --interactive           --no-interactive                If enabled, prompt the user for confirmations [default: interactive]                                                                                                                             │
│ --version                                               Display the current eksupgrade version                                                                                                                                                           │
│ --install-completion                                    Install completion for the current shell.                                                                                                                                                        │
│ --show-completion                                       Show completion for the current shell, to copy it or customize the installation.                                                                                                                 │
│ --help                                                  Show this message and exit.                                                                                                                                                                      │
╰──────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────╯

Support & Feedback

This project is maintained by AWS Solution Architects and Consultants. It is not part of an AWS service and support is provided best-effort by the maintainers. To post feedback, submit feature ideas, or report bugs, please use the Issues section of this repo. If you are interested in contributing, please see the Contribution guide.

Security

See CONTRIBUTING for more information.

License

This library is licensed under the MIT-0 License. See the LICENSE file.

Project details


Download files

Download the file for your platform. If you're not sure which to choose, learn more about installing packages.

Source Distribution

eksupgrade-0.9.0.tar.gz (31.6 kB view details)

Uploaded Source

Built Distribution

eksupgrade-0.9.0-py3-none-any.whl (40.1 kB view details)

Uploaded Python 3

File details

Details for the file eksupgrade-0.9.0.tar.gz.

File metadata

  • Download URL: eksupgrade-0.9.0.tar.gz
  • Upload date:
  • Size: 31.6 kB
  • Tags: Source
  • Uploaded using Trusted Publishing? No
  • Uploaded via: poetry/1.4.2 CPython/3.10.11 Linux/5.15.0-1036-azure

File hashes

Hashes for eksupgrade-0.9.0.tar.gz
Algorithm Hash digest
SHA256 51169d4ef46cda4f29191978f6f77b38ea50dc9c2f5ee23ecdc4106dc2ebce4a
MD5 9a0f91ece275f5cdab4356e7faa338ca
BLAKE2b-256 b28828769ae21acb8060b6604d192b136e8d8a1eab76dd6c39372ae1dd86cd1f

See more details on using hashes here.

File details

Details for the file eksupgrade-0.9.0-py3-none-any.whl.

File metadata

  • Download URL: eksupgrade-0.9.0-py3-none-any.whl
  • Upload date:
  • Size: 40.1 kB
  • Tags: Python 3
  • Uploaded using Trusted Publishing? No
  • Uploaded via: poetry/1.4.2 CPython/3.10.11 Linux/5.15.0-1036-azure

File hashes

Hashes for eksupgrade-0.9.0-py3-none-any.whl
Algorithm Hash digest
SHA256 94cc629db4cedb2a5a56d7e30327ca56d4fcac86bec1f00859883037712ce4d4
MD5 e6dba6a69d126a1c5250d301a34e9dfb
BLAKE2b-256 975a8e0064df5fe80db448dc7dd09c9aab08683aae7792c2b05ec9588010f414

See more details on using hashes here.

Supported by

AWS AWS Cloud computing and Security Sponsor Datadog Datadog Monitoring Fastly Fastly CDN Google Google Download Analytics Microsoft Microsoft PSF Sponsor Pingdom Pingdom Monitoring Sentry Sentry Error logging StatusPage StatusPage Status page