Reading Time: 3 minutes
Hello Readers, In this blog, I’ll be sharing the steps to upgrade EKS using Terraform.
Here, I’m using Terraform version **v0.12.9**
As we know that AWS keeps updating its EKS service, and keep on deprecating the older versions, so we also need to upgrade our EKS cluster service side by side.
In this blog, I’ll be sharing the steps to upgrade the EKS cluster but before that, here are some points to note.
1. Incremental Upgrade: The EKS needs to be upgraded incrementally, i.e. you can increment the version only by 1 at a time. This means that you can follow this blog only if you are currently on EKS 1.14 version. If not, you need to upgrade to 1.14 first, and then you can follow this blog.
2. Permissions: To upgrade the cluster, the controller node, from where you are running the Terraform commands, must have **eks:UpdateClusterVersion**
permission. You can check the IAM roles for verifying this.
To begin with the upgrade, you first need to verify if you are on EKS version 1.14. You can verify this either from AWS Console, or run the following command from the controller node.
kubectl version --short
version
value to 1.15In the Terraform variables, you need to change the value of the variable corresponds to version
from 1.14
to 1.15
. Here’s how you will do it.
## main.tf
resource "aws_eks_cluster" "eks_cluster" {
name = var.cluster_name
version = var.cluster_version
}
## variables.tf
variable "cluster_version" {
description = "Kubernetes version to use for the EKS cluster."
default = "1.15"
}
Now, to upgrade the cluster, ssh into the controller node and trigger the following commands
cd <terraform-module-directory>
terraform init
terraform apply
After applying the terraform changes, you need toverify if the version has upgraded to 1.15 using the following command
kubectl version --short
## Expected output
Client Version: v1.15.0
Server Version: v1.15.0
In case your client version is lower than 1.15
, you need to download the new kubectl
binaries using the following command
KUBEPATH=$(which kubectl) && cd $(dirname $KUBEPATH) && curl -LO https://storage.googleapis.com/kubernetes-release/release/v1.15.0/bin/linux/amd64/kubectl && cd - && unset KUBEPATH
Kubernetes VersionKube-Proxy VersionCoreDNS VersionAmazon VPC CNI Version1.15v1.15.11v1.6.6v1.6.1
Components Version for EKS 1.15
Kube-Proxy
versionCheck the current **Kube-Proxy**
version using this command:
kubectl describe ds kube-proxy -n kube-system | grep Image | awk -F":" '{print$3}'
If the version is less than 1.15.11
, **replace ****us-east-1**
with your EKS region and run the following command.
kubectl patch daemonset kube-proxy -n kube-system
-p '{"spec": {"template": {"spec": {"containers": [{"image": "602401143452.dkr.ecr.us-east-1.amazonaws.com/eks/kube-proxy:v1.15.11","name":"kube-proxy"}]}}}}'
CoreDNS
versionCheck the current **CoreDNS**
version using this command:
kubectl describe deploy coredns -n kube-system | grep Image | awk -F":" '{print$3}'
If the version is less than 1.6.6
, **replace ****us-east-1**
with your EKS region and run the following command.
kubectl set image --namespace kube-system deployment.apps/coredns \
coredns=602401143452.dkr.ecr.us-east-1.amazonaws.com/eks/coredns:v1.6.6
#aws #aws services #devops #eks #kubernetes #terraform