EksCtl : Update node-definitions via cluster config file not working

1
votes

I am using eksctl to create our EKS cluster.

For the first run, it works out good, but if I want to upgrade the cluster-config later in the future, it's not working.

I have a cluster-config file with me, but any changes made to it are not reflect with update/upgrade command.

What am I missing?

Cluster.yaml : 

apiVersion: eksctl.io/v1alpha5
kind: ClusterConfig

metadata: 
  name: supplier-service
  region: eu-central-1

vpc:
  subnets:
    public: 
      eu-central-1a: {id: subnet-1}
      eu-central-1b: {id: subnet-2}
      eu-central-1c: {id: subnet-2}

nodeGroups:
  - name: ng-1
    instanceType: t2.medium
    desiredCapacity: 3
    ssh: 
      allow: true
    securityGroups:
      withShared: true
      withLocal: true
      attachIDs: ['sg-1', 'sg-2']
    iam:
      withAddonPolicies:
        autoScaler: true

Now, if in the future, I would like to make change to instance.type or replicas, I have to destroy entire cluster and recreate...which becomes quite cumbersome.

How can I do in-place upgrades with clusters created by EksCtl? Thank you.

2
amazon-web-serviceskubernetesamazon-vpcamazon-ekseksctl
Would you please show logs of error?Yasen
@Yasen No error, it says configuration is up to date. :-) Changes are not parsed.We are Borg

2 Answers

2
votes

I'm looking into the exact same issue as yours.

After a bunch of searches against the Internet, I found that it is not possible yet to in-place upgrade your existing node group in EKS.

First, eksctl update has become deprecated. When I executed eksctl upgrade --help, it gave a warning like this:

DEPRECATED: use 'upgrade cluster' instead. Upgrade control plane to the next version.

Second, as mentioned in this GitHub issue and eksctl document, up to now the eksctl upgrade nodegroup is used only for upgrading the version of managed node group.

So unfortunately, you'll have to create a new node group to apply your changes, migrate your workload/switch your traffic to new node group and decommission the old one. In your case, it's not necessary to nuke the entire cluster and recreate.

If you're seeking for seamless upgrade/migration with minimum/zero down time, I suggest you try managed node group, in which the graceful draining of workload seems promising:

Node updates and terminations gracefully drain nodes to ensure that your applications stay available.

Note: in your config file above, if you specify nodeGroups rather than managedNodeGroups, an unmanaged node group will be provisioned.

However, don't lose hope. An active issue in eksctl GitHub repository has been lodged to add eksctl apply option. At this stage it's not yet released. Would be really nice if this came true.

0
votes

To upgrade the cluster using eksctl:

  1. Upgrade the control plane version
  2. Upgrade coredns, kube-proxy and aws-node
  3. Upgrade the worker nodes

If you just want to update nodegroup and keep the same configuration, you can just change nodegroup names, e.g. append -v2 to the name. [0]

If you want to change the node group configuration 'instance type', you need to just create a new node group: eksctl create nodegroup --config-file=dev-cluster.yaml [1]

[0] https://eksctl.io/usage/cluster-upgrade/#updating-multiple-nodegroups-with-config-file

[1] https://eksctl.io/usage/managing-nodegroups/#creating-a-nodegroup-from-a-config-file