Skip to content

EMK - Update a Kubernetes cluster

Estimated time to read: 4 minutes

In this tutorial you learn how to update your Kubernetes cluster to a higher version through the GUI, kubectl or Terraform.

Upgrading a cluster has some restrictions:

  • Patch versions can be updated directly to the highest available patch version.
  • Minor versions can only be updated one minor at a time.

For automatically updates see cluster config - Auto Updates.

When the Kubernetes patch version is updated, the update occurs in-place. This means that the worker nodes of the shoot remain unaffected, and only the kubelet process restarts with the new Kubernetes version binary. The same process applies for any configuration changes to the kubelet.

However, if the Kubernetes minor version is updated, the update is carried out through a "rolling update" approach, akin to how pods are updated in Kubernetes (when managed by a Deployment). During this process, new worker nodes are created and old ones are then terminated. The existing workload is gracefully drained and evicted from the old worker nodes to the new ones, adhering to any configured PodDisruptionBudgets.

Upgrading an EMK Cluster is straightforward.

Navigate to the EMK Cluster overview in the Fuga dashboard

Select region

In this cluster overview example, there is one cluster displayed. A cluster can have different views around the version number:

View Description
Green current highest minor and patch version
Yellow and "^" patch version update is available
Yellow and "^^" minor version update is available
  • Green color: the current highest minor and patch version.
  • Orange and "^":

Clicking on the version or the "..." and then "update cluster" will give the option to update your cluster to a higher Kubernetes version.

Danger

Make sure your workload can run on the next version of Kubernetes!

Select region

Select the version to update to and click on update cluster.

Requirements:

  • Kubectl, installation instructions can be found here.
  • Service Account (SA), how to get one; See here.

First list your clusters.

% export KUBECONFIG=emk-sa-kubeconfig.yaml
% kubectl get shoots
NAME         K8S VERSION  HIBERNATION  LAST OPERATION             STATUS      AGE
my-cluster   1.28.8       Awake        Reconcile Succeeded (100%) healthy     42d

Then list all the currently available Kubernetes versions with:

 kubectl get cloudprofile fugacloud --output 'jsonpath={.spec.kubernetes.versions}' | yq e -P
or use:
 kubectl get cloudprofile fugacloud --output 'jsonpath={.spec.kubernetes.versions}' | jq .
.....
- classification: deprecated
  version: 1.28.8
- classification: supported
  version: 1.28.9

This will output in a readable format the currenct Kubernetes versions. In the previous list of shoots it is possible to see our cluster is at 1.28.8. So it is possible to update it to 1.28.9. It is possible to do that with the following command:

kubectl patch shoot my-cluster -p '{"spec":{"kubernetes":{"version": "1.28.9"}}}'
shoot.core.gardener.cloud/my-cluster patched

While your cluster is updated, you can check the status of the update process by listing your clusters:

% kubectl get shoots
NAME         K8S VERSION  HIBERNATION  LAST OPERATION             STATUS       AGE
my-cluster   1.28.9       Awake        Reconcile Succeeded (21%)  progressing  42d

Requirements:

  • Terraform, installation instructions can be found here.
  • Service Account (SA), how to get one; See here.

This Terraform guide assumes the creation of clusters through our creation tutorial; see here.

To update the cluster it is required to set the value spec.kubernetes.version to a higher Kubernetes version in the cluster.yaml configuration:

spec:
    kubernetes:
        version: "1.28.9"

Run terraform plan and terraform apply.

❯ terraform apply
kubectl_manifest.my_first_cluster: Refreshing state... [id=/apis/core.gardener.cloud/v1beta1/namespaces/    garden-thomas/shoots/my-cluster]

Terraform used the selected providers to generate the following execution plan. Resource actions are     indicated with the following symbols:
  ~ update in-place

Terraform will perform the following actions:

  # kubectl_manifest.my_first_cluster will be updated in-place
  ~ resource "kubectl_manifest" "my_first_cluster" {
        id                      = "/apis/core.gardener.cloud/v1beta1/namespaces/garden-thomas/shoots/my-cluster"
        name                    = "my-cluster"
      ~ yaml_body               = (sensitive value)
      ~ yaml_body_parsed        = <<-EOT
            apiVersion: core.gardener.cloud/v1beta1
            kind: Shoot
            spec:
          +   kubernetes:
          +     version: "1.28.9"
              name: my-cluster
              namespace: garden-thomas
            spec:
                .............
        EOT
        # (13 unchanged attributes hidden)
    }

Plan: 0 to add, 1 to change, 0 to destroy.

Do you want to perform these actions?
  Terraform will perform the actions described above.
  Only 'yes' will be accepted to approve.

  Enter a value: yes 

kubectl_manifest.my_first_cluster: Modifying... [id=/apis/core.gardener.cloud/v1beta1/namespaces/    garden-thomas/shoots/my-cluster]
kubectl_manifest.my_first_cluster: Modifications complete after 0s [id=/apis/core.gardener.cloud/v1beta1/    namespaces/garden-thomas/shoots/my-cluster]

Apply complete! Resources: 0 added, 1 changed, 0 destroyed.

The cluster will now be updated, the process for upgrading can take some time.