Amazon EKS Upgrade

Overview

See Upgrade Approach for details on permissions and prerequisites.

Amazon Nuances

Be aware of the following requirements when installing the CloudCenter Suite:

  • Maximum Supported Version: EKS Version 1.13.7 and below.

  • Unavailable Resources: The following resources will not be available until the upgrade completes:

    • EKS cluster

    • Suite admin cluster

  • Resources: Amazon creates the following resources for the AWS account:

    • An EKS Cluster with user-provided specifications.

    • All resources remain in the same region as the cluster.

    • A new CloudFormation stack with the same number of instances, security groups, subnets, and roles that are used to connect to the cluster.

      • VPC Name: cluster_name-VPC

      • Role Name for VPC: cluster_name-Role

      • Role Name for Workers: cluster_name-NodeInstanceRole

      • New CFN stack Name: cluster_name-New-Workers-random_UUID32

      • Auto Scaling Group for worker nodes as part of cloud formation workers stack

  • The Delete API:

    You cannot trigger a Delete call by deleting the Amazon cluster from either the AWS console or the AWS CLI. Instead, use the Delete API.

Module Details

Additionally, refer to your module documentation for module-specific dependencies as specified in the following table.

ModuleDocumentation
Workload ManagerCloud Overview
Action OrchestratorAdd Cloud Account
Cost OptimizerCloud Overview

Minimum Permissions Needed

The following IAM policies are required for the CloudCenter Suite to access the EKS and create a new cluster on AWS.

  • AmazonEC2FullAccess

  • IAMFullAccess

  • AutoScalingFullAccess

  • AmazonEKSClusterPolicy

  • AmazonEKSWorkerNodePolicy

  • AmazonVPCFullAccess

  • AmazonEKSServicePolicy

  • AmazonEKS_CNI_Policy

  • AmazonRoute53FullAccess

  • Inline_Policy_EKS_Cluster = an inline policy allowing the following actions on the EKS service to an IAM user:

    {
        "Version": "2012-10-17",
        "Statement": [
            {
                "Sid": "VisualEditor0",
                "Effect": "Allow",
                "Action": [
                    "cloudformation:CreateStack",
                    "cloudformation:DescribeStacks",
                    "cloudformation:DescribeStackEvents",
                    "cloudformation:DescribeStackResources",
                    "cloudformation:DescribeStackResource",
                    "cloudformation:GetTemplate",
                    "cloudformation:ValidateTemplate",
                    "cloudformation:DeleteStack",
                    "eks:UpdateClusterVersion",
                    “cloudformation:UpdateStack”,
                    "eks:ListUpdates",
                    "eks:DescribeUpdate",
                    "eks:DescribeCluster",
                    "eks:ListClusters",
                    "eks:CreateCluster",
                    "eks:DeleteCluster"
                ],
                "Resource": "*"
            }
        ]
    }

Installation Process

To upgrade the cluster for an Amazon EKS Kubernetes environment, perform the following procedure. 

  1. Navigate to the Suite Installer Dashboard (see Prepare Infrastructure).

  2. Click Upgrade in the Upgrade Kubernetes Cluster section to specify the credentials for your cluster as displayed in the following screenshot.

  3. Enter the Suite Admin DNS (or URL), username, password, and Tenant ID for the admin account.

  4. Identify if this is An Amazon EKS Cluster by toggling the switch (the default is No).

  5. Provide the Access Key and Secret Key details for the Amazon EKS Cluster as visible in the following screenshot.

    The CloudCenter Suite validates the EKS credentials to ensure that the EKS cluster is available to this user.

  6. Click Connect to validate your credentials. Once Connected, you see the cloud type and other information on the left side off the screen

  7. Click Next and select the desired Kubernetes version from the dropdown list for this upgrade.

  8. If an upgrade is available, select the Desired K8s version for the upgrade.

  9. Click Upgrade to upgrade the Kubernetes cluster as well as the primary server and worker nodes once the upgrade is complete. A progress bar with relevant status messages is displayed.

    An upgrade operation can take more than one hour depending on the number of nodes to be upgraded and cloud response time.

    1. The following screenshot displays the progress bar to indicate the upgrade of a primary server node:

    2. The following screenshot displays the progress bar to indicate the upgrade of a worker node:

  10. At this point, you can:

    1. Download the latest logs to track the upgrade process.

    2. Wait for cluster to finish upgrading.

  11. The installation progress is visible on screen. Once successful, you see the success message displayed.

    CloudCenter Suite installation successful!


  12. You have the following options at this point:

    1. Click Take Me To Suite Admin to launch and set up the Suite Admin.

    2. Click Install or Upgrade Another Cluster to start another installation on the same cluster.

    3. Download the Kubeconfig file.

    4. Re-purpose the installer server.

  13. Login to CloudCenter Suite using valid credentials and verify that your information is preserved and that the cluster was upgraded.

You have now upgraded the cluster on the EKS cloud. Verify your Suite Admin and tenant data.


  • No labels
Terms & Conditions Privacy Statement Cookies Trademarks