AKS Node and Control-Plane Maintenance

AKS allows you to upgrade your Kubernetes control-plane and nodes. See Upgrade an Azure Kubernetes Service (AKS) cluster.

Node images can also be upgraded. AKS provides one new image per week with the latest updates, see Azure Kubernetes Service (AKS) node image upgrade.

Also check AKS Release Notes for details on a release.

Kubernetes Control Plane upgrade

Change the parameter cluster_version in your aks-terraform repository to change the Kubernetes version. When applied, AKS starts with the upgrade process as described here

The upgrade channel for the Kubernetes Cluster is set to patch. Therefore the variable cluster_version might not match the current state of your cluster. Verify the cluster version and upgrade cluster_version before applying.

Node Image Upgrade

Check latest node image version available for your node pool with the following command:

az aks nodepool get-upgrades \
    --nodepool-name mynodepool \
    --cluster-name myAKSCluster \
    --resource-group myResourceGroup

Then compare this with your current node image version by running:

az aks nodepool show \
    --resource-group myResourceGroup \
    --cluster-name myAKSCluster \
    --name mynodepool \
    --query nodeImageVersion

To upgrade the node image, use the following command:

az aks nodepool upgrade \
    --resource-group myResourceGroup \
    --cluster-name myAKSCluster \
    --name mynodepool \
    --node-image-only

During the upgrade, check the status of the node images with the following kubectl command to get the labels and filter out the current node image information:

kubectl get nodes -o jsonpath='{range .items[*]}{.metadata.name}{"\t"}{.metadata.labels.kubernetes\.azure\.com\/node-image-version}{"\n"}{end}'

AKS Maintenance Image

The procedure described aboved was put into a script that is included in the following container image: github.com/appuio/container-aks-maintenance