karasms.com

Upgrade Your Amazon EKS from 1.29 to 1.30: Meet "Uwubernetes"

Written on

We are excited to introduce the “Uwubernetes” release, detailing the upgrade process and key considerations when transitioning the EKS control plane to version 1.30.

Overview

Welcome to Amazon EKS 1.30! This release of Kubernetes v1.30 enhances the aesthetic appeal of your clusters.

Kubernetes is a collaborative effort by thousands globally, many of whom contribute voluntarily to solve problems, learn, or simply for their love of the community. The Release Team feels privileged to contribute to Kubernetes's ongoing evolution.

I want to express my gratitude to the community for their tremendous support and contributions. It's essential to recognize that specialists in many organizations often go unacknowledged, which is a disservice.

Kubernetes v1.30 is affectionately dubbed “Uwubernetes,” a blend of “Kubernetes” and the emoticon “UwU,” symbolizing happiness and cuteness.

Previous Stories and Upgrades

If you are considering upgrading from earlier versions, here are some helpful links: - For the upgrade from EKS 1.28 to 1.29, check this story. - For the upgrade from EKS 1.27 to 1.28, check this story. - For the upgrade from EKS 1.26 to 1.27, check this story. - For the upgrade from EKS 1.25 to 1.26, check this story. - For the upgrade from EKS 1.24 to 1.25, check this story. - For the upgrade from EKS 1.23 to 1.24, check this story.

Prerequisites for Upgrade

Before you upgrade to Kubernetes v1.30 in Amazon EKS, ensure you complete the necessary tasks, easily reviewed in the EKS console under “Upgrade Insights.” Personally, I found no pending tasks since I keep my clusters regularly updated.

Kubernetes 1.30: Notable Changes in This Release

To find a comprehensive list of updates in Kubernetes version 1.30, refer to the Kubernetes change log. Below are a few noteworthy enhancements from this release:

Specific Changes for Amazon EKS 1.30

  • From EKS 1.30 onwards, newly created managed node groups will default to Amazon Linux 2023 (AL2023) as the operating system. More details can be found in the Amazon Linux User Guide.
  • A new label, topology.k8s.aws/zone-id, has been added to worker nodes, allowing the use of Availability Zone IDs to track resource locations across accounts.
  • The default annotation on the gp2 StorageClass resource for newly created clusters has been removed. If you previously relied on a default StorageClass, ensure you reference it by name. Alternatively, set the defaultStorageClass.enabled parameter to true when deploying the aws-ebs-csi-driver add-on version v1.31.0 or later.
  • The minimum required IAM policy for the EKS cluster IAM role has been updated to include the action ec2:DescribeAvailabilityZones.

Improvements Graduating to Stable in Kubernetes v1.30

  • Enhanced VolumeManager Reconstruction: This allows for better information on volume mounts during kubelet startup without impacting users or admins.
  • Unauthorized Volume Mode Prevention: The control plane now blocks unauthorized changes to volume modes during snapshot restoration.
  • Pod Scheduling Readiness: This feature ensures that Pods are scheduled only when adequate resources are available, allowing for more controlled scheduling.
  • Minimum Domains in PodTopologySpread: This stable feature allows the definition of minimum domains, beneficial for Cluster Autoscaler users.

A full list of 17 enhancements promoted to stable includes: - Container Resource-based Pod Autoscaling - Removal of transient node predicates from KCCM’s service controller - Go workspaces for k/k - Reduction of Secret-based Service Account Tokens - CEL for Admission Control - CEL-based admission webhook match conditions - Pod Scheduling Readiness - Minimum domains in PodTopologySpread - Prevention of unauthorized volume mode conversion during restore - API Server Tracing - Cloud Dual-Stack — node-ip Handling - AppArmor support - Robust VolumeManager reconstruction after kubelet restart - kubectl delete: Add interactive (-i) flag - Metric cardinality enforcement - Field status.host IPs added for Pod - Aggregated Discovery

Upgrade Your EKS with Terraform

As with all my upgrades, I utilize Terraform for its speed and efficiency. The following providers were used for this upgrade:

The control plane upgrade took approximately 8 minutes, which is impressively fast with no subsequent issues. Unlike previous upgrades, I did not notice any API server downtime. AWS continues to improve the upgrade process, with EKS 1.30 taking just 4 seconds longer than the EKS 1.29 upgrade.

I promptly upgraded the worker nodes, which took around 14 minutes to integrate into the upgraded EKS cluster, depending on the number of nodes and pods needing to be drained.

Overall, the complete upgrade process (control plane plus worker nodes) took about 22 minutes — a commendable time frame.

Here’s an example of the EKS cluster resource using Terraform:

resource "aws_eks_cluster" "cluster" {

enabled_cluster_log_types = ["audit"]

name = local.name_prefix

role_arn = aws_iam_role.cluster.arn

version = "1.30"

vpc_config {

subnet_ids = flatten([module.vpc.public_subnets, module.vpc.private_subnets])

security_group_ids = []

endpoint_private_access = "true"

endpoint_public_access = "true"

}

encryption_config {

resources = ["secrets"]

provider {

key_arn = module.kms-eks.key_arn

}

}

access_config {

authentication_mode = "API_AND_CONFIG_MAP"

bootstrap_cluster_creator_admin_permissions = false

}

tags = var.tags

}

For the worker nodes, I utilized the official AMI with ID: ami-0e6a4f108467d0c54. This AMI may be specific to the London region, eu-west-2. After rotating all nodes, I encountered no issues, and the nodes are running version: v1.30.0-eks-036c24b.

The initial EKS 1.30 release uses the first 1.30.0 version, not the latest 1.30.1.

You can find my Terraform templates for EKS clusters on my GitHub repository at https://github.com/marcincuber/eks.

Upgrading Managed EKS Add-ons

Upgrading add-ons is straightforward; simply update the version. In this case, I am using kube-proxy, coreDNS, and ebs-csi-driver.

Terraform Resources for Add-ons

resource "aws_eks_addon" "kube_proxy" {

cluster_name = aws_eks_cluster.cluster[0].name

addon_name = "kube-proxy"

addon_version = "v1.30.0-eksbuild.3"

resolve_conflicts = "OVERWRITE"

}

resource "aws_eks_addon" "core_dns" {

cluster_name = aws_eks_cluster.cluster[0].name

addon_name = "coredns"

addon_version = "v1.11.1-eksbuild.9"

resolve_conflicts = "OVERWRITE"

}

resource "aws_eks_addon" "aws_ebs_csi_driver" {

cluster_name = aws_eks_cluster.cluster[0].name

addon_name = "aws-ebs-csi-driver"

addon_version = "v1.31.1-eksbuild.1"

resolve_conflicts = "OVERWRITE"

}

After Upgrading EKS Control Plane

Don't forget to upgrade core deployments and daemon sets recommended for EKS 1.30: 1. CoreDNS — v1.11.1-eksbuild.9 2. Kube-proxy — 1.30.0-eksbuild.3 3. VPC CNI — 1.18.1-eksbuild.3 4. aws-ebs-csi-driver — v1.31.1-eksbuild.1

These are merely suggestions from AWS. It's advisable to upgrade all components to align with the 1.30 Kubernetes version, potentially including: 1. Load Balancer Controller 2. calico-node 3. Cluster Autoscaler or Karpenter 4. External Secrets Operator 5. Kube State Metrics 6. Metrics Server 7. csi-secrets-store 8. calico-typha and calico-typha-horizontal-autoscaler 9. Reloader 10. Keda (event driven autoscaler) 11. nvidia device plugin (used with GPUs)

Final Result

> $ kubectl version

Client Version: v1.30.1

Kustomize Version: v5.0.4-0.20230601165947-6ce0bf390ce3

Server Version: v1.30.0-eks-036c24b

I like to keep my CLIs current, so ensure your kubectl version matches your Kubernetes cluster version.

Summary and Conclusions

The upgrade of the EKS cluster was completed faster than ever, with the control plane upgrade finishing in just 8 minutes. Utilizing Terraform for my cluster and node upgrades, along with GitHub Actions, has made the process seamless.

Once again, I experienced no significant issues. I hope your upgrade is just as smooth, as all workloads performed flawlessly without any modifications needed.

If you wish to explore the complete Terraform setup for EKS, visit my GitHub at https://github.com/marcincuber/eks.

This article aims to consolidate all vital information regarding the upgrade to EKS version 1.30, helping others expedite their tasks.

In conclusion, whether you love or hate Kubernetes, you still find yourself using it ;).

Please note that my insights are based on official AWS and Kubernetes sources.

Enjoy Kubernetes!!!

Share the page:

Twitter Facebook Reddit LinkIn

-----------------------

Recent Post:

Challenging the Notion of a Man's World: Insights from Angela Saini

Exploring Angela Saini's work debunking myths of male superiority and advocating for gender equality.

Love Triumphs Over Perfectionism: A Journey of Self-Discovery

A heartfelt exploration of how love can overcome the challenges of perfectionism in relationships.

Gravity and the Space-Time Fabric: A Spy's Journey

A tale of a CIA operative navigating the complexities of espionage and emergency medicine in a war-torn country.

How to Leverage IServiceCollection in Console Applications

Discover how to effectively use IServiceCollection in console applications for dependency injection without needing a hosted application.

Embracing Tomorrow: A Reflective Look at Future Possibilities

Exploring the significance of looking ahead instead of dwelling on the past, with insights from literature and technology.

Mastering the Art of Refusal: A Path to Success

Discover the importance of saying no and how it can lead to greater success in your life and endeavors.

Unlocking the Secrets to Creating Viral Blog Posts

Discover effective strategies to craft viral blog posts that engage and resonate with readers, encouraging them to share and promote your content.

Three Transformative Years of Sobriety: Unanticipated Insights

Discover the unexpected benefits and lessons learned after three years of sobriety.