Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Upgrade to Kubernetes 1.23 #3053

Closed
23 tasks done
lemeurherve opened this issue Jul 13, 2022 · 7 comments
Closed
23 tasks done

Upgrade to Kubernetes 1.23 #3053

lemeurherve opened this issue Jul 13, 2022 · 7 comments
Assignees

Comments

@lemeurherve
Copy link
Member

lemeurherve commented Jul 13, 2022

Previous upgrade: #2930

  • Upgrade kubectl within docker-helmfile

  • Upgrade DOKS (doks and doks-public)

    • Disable kubernetes management (disable job on infra.ci.jenkins.io)
    • Bump Kubernetes version in digitalocean /variables.tf
    • Ensure cluster is re-created by terraform in jenkins-infra/digitalocean
    • Re-Enable kubernetes management (and update kubeconfigs in the infra.ci's SOPS credentials (private repo), if kubernetes management cannot connect)
    • Add the credential of the service account jenkins-agents in ci.jenkins.io if needed (manual step) doks only not doks-public
  • Upgrade EKS

    • Open datetime announcement on status.jenkins.io
    • Disable cluster in ci.jenkins.io configuration as code
    • Upgrade cluster through Terraform (control plane + node groups)
    • Upgrade add-ons if needed
      • If done via the UI, select the checkbox "replace existing configuration"
      • For vpc-cni select the inheritance from node.
    • Ensure the upgraded cluster is still OK (check kubernetes-management) ⚠️ ensure that the security group eks-cluster-sg-<cluster name>-<random ID> that is managed directly by EKS doesn't contain the tag kubernetes.io/cluster/ (the tag is provided by our terraform)
    • Enable it again in ci.jenkins.io config as code
  • Upgrade AKS

    • Check previous AKS upgrades and create one for 1.23
    • Open datetime announcement on status.jenkins.io
    • Upgrade temp-privatek8s first. ⚠️ it will put infra.ci out of service so might need manual steps to re-boostrap the kubernetes-management job
    • Upgrade prodpublick8s
    • Close announcement
@github-actions
Copy link

github-actions bot commented Jul 13, 2022

Take a look at these similar issues to see if there isn't already a response to your problem:

  1. 92% Upgrade to Kubernetes 1.21 #2866
  2. 77% [INFRA-3118] Upgrade to Kubernetes 1.20 #2664

@lemeurherve
Copy link
Member Author

lemeurherve commented Oct 10, 2022

According to DigitalOcean supported Kubernetes release page, the version v1.22 will be "end of support" on the 28th of October, and automatic upgrades will begin 27th of November.

And for Azure, it will be EOL when the version 1.25 will be GA, planned for November.

For AWS, Amazon EKS guarantees support for at least four production-ready versions of Kubernetes at any given time.

To keep in mind for the next milestones.

@smerle33
Copy link
Contributor

smerle33 commented Oct 12, 2022

Here is a link to hackdays notes for the changelog from 1.22 : https://hackmd.io/z0sMiMMpReenvVvheoZCMA

A link to the dedicated changelog for DigitalOcean : https://docs.digitalocean.com/products/kubernetes/details/changelog/#1-23-x

dduportal added a commit to jenkins-infra/digitalocean that referenced this issue Oct 20, 2022
* feat(kub 1.23): upgrade kubernetes to 1.23

as per jenkins-infra/helpdesk#3053

* feat(doks/doks-public) split kubernetes versions per cluster: 1.22 for doks and 1.23 for doks-public

Signed-off-by: Damien Duportal <[email protected]>

* fixup

Signed-off-by: Damien Duportal <[email protected]>

* fixup

Signed-off-by: Damien Duportal <[email protected]>

Signed-off-by: Damien Duportal <[email protected]>
Co-authored-by: Damien Duportal <[email protected]>
@dduportal
Copy link
Contributor

dduportal commented Oct 26, 2022

Note related to AKS clusters: as per https://github.com/Azure/AKS/blob/master/CHANGELOG.md#release-2022-10-17, there are 2 changes we have to look for, after the upgrade, about our Windows node pools:

  • Switching to containerd
  • Ensuring that the labels/taints/tolerations are not deprecated

@smerle33
Copy link
Contributor

@lemeurherve
Copy link
Member Author

Forgot the most important, the release logo:

image

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Projects
None yet
Development

No branches or pull requests

3 participants