Upgrade an AKS cluster

Understanding AKS Cluster and Its Importance

AKS cluster is an important Azure service that simplifies the deployment, scaling, and management of containerized applications using Kubernetes, an open-source orchestration system.

Regular upgrading of the AKS cluster is necessary to:

• Maintain better security by getting latest patches and fixes.
• Gain access to new capabilities and features.
• Avoid any disruptions caused by AKS’s policy of supporting only the last two minor versions of Kubernetes.

Procedure to Upgrade an AKS Cluster

Before initiating an upgrade, validate the current version of your AKS cluster. Azure provides a special command for this purpose:

az aks show --resource-group myResourceGroup --name myAKSCluster --output table

You then cross-reference your current version with Microsoft’s doc “Supported Kubernetes versions in AKS” to identify if an upgrade is necessary.

To upgrade:

1. Update the Azure CLI: Before starting any upgrade process, ensure you have the most up-to-date version of Azure CLI. This can be done with the command:

az upgrade

2. Check available upgrade versions: Use the following command to list the versions available for upgrade:

az aks get-upgrades --resource-group myResourceGroup --name myAKSCluster --output table

3. Perform the upgrade: Now that you’ve established which version you’d like to upgrade to, you can do so with the following command:

az aks upgrade --resource-group myResourceGroup --name myAKSCluster --kubernetes-version KUBERNETES_VERSION

Just replace KUBERNETES_VERSION with the desired version number. Note that the operation can take several minutes to complete.

Best Practices for Upgrading an AKS Cluster

Here are some best practices for upgrading an AKS cluster:

• Run a health check: Microsoft recommends you run a pre-upgrade health check using Azure Advisor to ensure your cluster is ready for the upgrade. This service provides personalized recommendations based on best practices.
• Implement in phases: Upgrade the nodes in your cluster in multiple phases to maintain availability during the upgrade.
• Testing: Test your application in the newer version of Kubernetes before upgrading the AKS cluster.
• Backup: Always take a backup of your data and configurations. AKS supports volume snapshot and Azure Backup for disaster recovery.

Monitoring the Upgrade

Monitoring the AKS upgrade process is crucial. Azure Monitor and Log Analytics provide insights into your applications, infrastructure, and network, ensuring the availability and performance of your applications and services.

Use the kubectl get nodes command to check the status of your nodes:

kubectl get nodes

Conclusion

Knowing how to upgrade an AKS cluster is essential for the Azure Administrator. This topic is likely to feature in the AZ-104 Microsoft Azure Administrator exam. So understanding its procedure, best practices and monitoring will certainly boost your score. Always remember to check AKS documentation and guidelines regularly to stay updated.

Practice Test

True or False: You can upgrade an AKS cluster without any downtime.

• True
• False

Answer: False

Explanation: When you initiate an AKS cluster upgrade, your application may face a brief downtime as nodes are carefully cycled.

What types of updates does an AKS cluster handle automatically?

• A. Azure platform updates
• B. Kubernetes version updates
• C. Both

Answer: A. Azure platform updates

Explanation: AKS cluster is responsible for updating the underlying Azure platform, not the Kubernetes version. The latter needs to be updated manually.

What do you need to consider when updating the Kubernetes version of an AKS cluster?

• A. New features may not work with the older API version
• B. Possible downtime
• C. Cost implications
• D. All of the above

Answer: D. All of the above

Explanation: All these factors need to be considered when planning to update the Kubernetes version of your AKS cluster.

When you upgrade an AKS cluster what happens to nodes that are not in an upgraded node pool?

• A. They are automatically upgraded
• B. They continue to function normally
• C. They are deleted
• D. They are isolated

Answer: B. They continue to function normally

Explanation: Until you upgrade a node pool manually, the nodes that are not upgraded will continue to function normally.

True or False: Only specific node pools can be upgraded in an AKS cluster.

• True
• False

Answer: True

Explanation: You have the flexibility to upgrade specific node pools in an AKS cluster, rather than upgrade all the nodes at once.

What does AKS stand for?

• A. Azure Kubernetes System
• B. Azure Kubernetes Service
• C. Azure Kubernative Service
• D. Azure Kubernetes Setup

Answer: B. Azure Kubernetes Service

Explanation: AKS stands for Azure Kubernetes Service, a managed container orchestration service provided by Azure.

True or False: AKS provides automatic OS upgrades and patching for your cluster.

• True
• False

Answer: False

Explanation: Although the Azure platform updates are handled automatically, you have to manage OS upgrades and patching manually.

How can you perform an upgrade on an Azure Kubernetes cluster?

• A. Azure portal
• B. Azure CLI
• C. Azure PowerShell
• D. All of the above

Answer: D. All of the above

Explanation: You can perform an upgrade on an Azure Kubernetes cluster using multiple interfaces – the Azure portal, Azure CLI, or Azure PowerShell.

What happens if an upgrade is initiated while another one is in progress?

• A. The second upgrade is queued
• B. The second upgrade is ignored
• C. The first upgrade is stopped and the second starts
• D. The second upgrade fails immediately

Answer: A. The second upgrade is queued

Explanation: AKS applies upgrades in serial, so if you try starting a second upgrade, it will be queued until the first one finishes.

True or False: All major updates should be performed one minor version at a time.

• True
• False

Answer: True

Explanation: This strategy ensures that your cluster remains in a supportable state, reduces the risk of encountering a known issue, and if an issue occurs, the amount of changes which must be reviewed to identify the issue is minimized.

Interview Questions

What is the purpose of upgrading an AKS cluster?

Upgrading an AKS cluster allows for the use of newer Kubernetes versions. This can provide new features, stability improvements, extended API capabilities, as well as patched security vulnerabilities.

Can AZ-104 candidates initiate the AKS upgrade from Azure CLI?

Yes, an AKS upgrade can be initiated from the Azure CLI using the ‘az aks upgrade’ command.

Can you upgrade the nodes in an AKS cluster directly?

No, you can’t upgrade the nodes in an AKS cluster directly. Instead, the node version upgrade happens when you upgrade the AKS cluster version.

What should you do prior to initiating an AKS upgrade?

Prior to initiating an AKS upgrade, it is recommended to back up your data and test the upgrade in a non-production environment.

How can you find out the Kubernetes versions available for upgrade?

The ‘az aks get-upgrades’ command in the Azure CLI can provide the Kubernetes versions available for an AKS cluster upgrade.

What are the possible impacts if an AKS cluster upgrade fails midway?

If an AKS cluster upgrade fails, it can lead to an unusable state or an incomplete upgrade which can create difficulties in operations.

Can a customer upgrade an AKS cluster if a node pool is under the ‘Out of disk’ state?

No. An AKS upgrade operation won’t proceed if any node in the node pool is under the ‘Out of disk’ state.

How long does it take to upgrade an AKS cluster?

The upgrade time of an AKS cluster largely depends on the number of nodes in the cluster, the workloads running, and the resources available. It could take several minutes to hours.

What happens to the running applications during an AKS upgrade?

An AKS upgrade causes a controlled upgrade to nodes in the cluster, one at a time. While this happens, running applications are automatically scheduled on other nodes in the cluster to ensure minimal disruption.

How are unavailable nodes handled during an AKS upgrade?

Before the ‘az aks upgrade’ command initiates an upgrade, it checks for node availability. If a node is unavailable, it will not proceed with the upgrade and instead, return an error.

What can you do if your AKS upgrade operation fails?

If an AKS upgrade fails, you can retry the operation. Often it resolves the problem. If the issue persists, contact Azure support.

Can you rollback an AKS upgrade if you encounter issues post the operation?

No, a rollback isn’t possible with AKS upgrades. It’s advisable to test the upgrades in a non-production environment before applying them to a production cluster.

What is the purpose of disabling the Kubernetes cluster-autoscaler before doing an upgrade?

Disabling the Kubernetes cluster-autoscaler prevents it from interfering with the appropriate functioning of the upgrade process.

Why it is recommended to scale up your node-count prior to upgrade?

Scaling up the node-count prior to an upgrade can help to accommodate the load displacement caused due to a node going into the upgrading state, thereby ensuring higher availability during an upgrade.

How frequently are Kubernetes versions updated in Azure AKS?

Microsoft is committed to ensuring that AKS supports at least the three latest minor (z.x) versions of Kubernetes. Once a new minor Kubernetes version is out, the oldest version is deprecated.