diff --git a/runbooks/source/container-images.html.md.erb b/runbooks/source/container-images.html.md.erb index e84c4356..df572619 100644 --- a/runbooks/source/container-images.html.md.erb +++ b/runbooks/source/container-images.html.md.erb @@ -87,10 +87,10 @@ This depends on several factors, some of them are: ## kube-system | container image | urgency | latest version for k8s 1.29 | latest version available | latest helm chart | |-|-|-|-|-| -| 602401143452.dkr.ecr.eu-west-2.amazonaws.com/amazon-k8s-cni:v1.18.2-eksbuild.1 | 🟢 | [v1.18.6-eksbuild.1](https://docs.aws.amazon.com/eks/latest/userguide/managing-vpc-cni.html) | [v1.18.B-eksbuild.1](https://docs.aws.amazon.com/eks/latest/userguide/managing-vpc-cni.html) | n/a | +| 602401143452.dkr.ecr.eu-west-2.amazonaws.com/amazon-k8s-cni:v1.19.0-eksbuild.1 | 🟢 | [v1.19.0-eksbuild.1](https://docs.aws.amazon.com/eks/latest/userguide/managing-vpc-cni.html) | [v1.19.0-eksbuild.1](https://docs.aws.amazon.com/eks/latest/userguide/managing-vpc-cni.html) | n/a | | 602401143452.dkr.ecr.eu-west-2.amazonaws.com/amazon/aws-network-policy-agent:v1.1.2 | 🟢 | [v1.1.4](https://github.com/aws/aws-network-policy-agent/releases/tag/v1.1.4) | [v1.1.4](https://github.com/aws/aws-network-policy-agent/releases/tag/v1.1.4) | n/a -| 602401143452.dkr.ecr.eu-west-2.amazonaws.com/eks/coredns:v1.10.1-eksbuild.11 | 🟢 | [v1.11.3-eksbuild.11](https://docs.aws.amazon.com/eks/latest/userguide/managing-coredns.html) | [v1.11.3-eksbuild.9](https://docs.aws.amazon.com/eks/latest/userguide/managing-coredns.html) | n/a | -| 602401143452.dkr.ecr.eu-west-2.amazonaws.com/eks/kube-proxy:v1.28.8-minimal-eksbuild.5 | 🟢 | [v1.29.10-minimal-eksbuild.2](https://docs.aws.amazon.com/eks/latest/userguide/managing-kube-proxy.html#managing-kube-proxy-images) | [v1.31.1-minimal-eksbuild.2](https://docs.aws.amazon.com/eks/latest/userguide/managing-kube-proxy.html) | n/a +| 602401143452.dkr.ecr.eu-west-2.amazonaws.com/eks/coredns:v1.11.3-eksbuild.2 | 🟢 | [v1.11.3-eksbuild.2](https://docs.aws.amazon.com/eks/latest/userguide/managing-coredns.html) | [v1.11.3-eksbuild.9](https://docs.aws.amazon.com/eks/latest/userguide/managing-coredns.html) | n/a | +| 602401143452.dkr.ecr.eu-west-2.amazonaws.com/eks/kube-proxy:v1.29.10-eksbuild.3 | 🟢 | [v1.29.10-eksbuild.3](https://docs.aws.amazon.com/eks/latest/userguide/managing-kube-proxy.html#managing-kube-proxy-images) | [v1.31.1-minimal-eksbuild.2](https://docs.aws.amazon.com/eks/latest/userguide/managing-kube-proxy.html) | n/a | docker.io/bitnami/external-dns:0.13.4-debian-11-r14 | 🟠 | v0.15.x | [v0.15.x](https://github.com/kubernetes-sigs/external-dns/releases/tag/v0.15.0) | [v0.15.x](https://github.com/bitnami/charts/blob/main/bitnami/external-dns/Chart.yaml#L11) | | registry.k8s.io/autoscaling/cluster-autoscaler:v1.28.5 | 🟢 | [v1.29.4](https://github.com/kubernetes/autoscaler/releases/tag/cluster-autoscaler-1.29.4) | [v1.31.0](https://github.com/kubernetes/autoscaler/releases/tag/cluster-autoscaler-1.31.0) | [9.38.0](https://github.com/kubernetes/autoscaler/releases/tag/cluster-autoscaler-chart-9.38.0) | | registry.k8s.io/descheduler/descheduler:v0.27.1 | 🟠 | [v0.29.x](https://github.com/kubernetes-sigs/descheduler?tab=readme-ov-file#%EF%B8%8F--documentation-versions-by-release) | [v0.29.0](https://github.com/kubernetes-sigs/descheduler/releases/tag/v0.29.0) | [0.31.0](https://github.com/kubernetes-sigs/descheduler/releases/tag/descheduler-helm-chart-0.31.0) | diff --git a/runbooks/source/upgrade-eks-addons.html.md.erb b/runbooks/source/upgrade-eks-addons.html.md.erb index 0a774b3a..7c4c279f 100644 --- a/runbooks/source/upgrade-eks-addons.html.md.erb +++ b/runbooks/source/upgrade-eks-addons.html.md.erb @@ -45,6 +45,8 @@ aws eks describe-addon-versions --kubernetes-version=$K8S_VERSION | jq '.addons[ this will pull out the default compatible value for the k8s version for your addon. +You can use the helper script to get the most up-to-date available addon versions for each kubernetes cluster version [script here](https://github.com/ministryofjustice/cloud-platform-infrastructure/blob/main/scripts/addons-upgrade.bash) + ## Preparing for upgrade Check the changelog for each of the addons and determine if there are any breaking changes. @@ -53,26 +55,24 @@ Create a thread in #cloud-platform notifying the team that upgrades are starting ## Starting the upgrade -1. Bump the version number in cloud-platform-terraform-eks-add-ons -2. Commit changes on a new branch and create a pull request -3. Request review from someone on the team -4. Merge pull request and create a new release through the Github UI -5. Bump the version number of the cloud-platform-terraform-eks-add-ons in cloud-platform-infrastructure -6. Commit changes on a new branch and create a pull request -7. Request review from someone on the team -8. Check the terraform plan in concourse and pause the following pipelines: +1. Run the helper [script](https://github.com/ministryofjustice/cloud-platform-infrastructure/blob/main/scripts/addons-upgrade.bash) before +2. Bump the version of the addon +3. Commit changes on a new branch and create a pull request +4. Request review from someone on the team +5. Check the terraform plan in concourse and pause the following pipelines: * bootstrap * infrastructure-live * infrastructure-manager * infrastructure-live-2 -9. Create an output of the configuration of a pod before the upgrade. `kubectl -n kube-system get pod $addon -oyaml` there is also a helper [script](https://github.com/ministryofjustice/cloud-platform-infrastructure/blob/main/scripts/addons-upgrade.bash). -10. Merge the pull request -11. Unpause an infrastructure pipeline and wait for it to complete -12. While running: +6. Create an output of the configuration of a pod before the upgrade. `kubectl -n kube-system get pod $addon -oyaml` there is also a helper . +7. Merge the pull request +8 Unpause an infrastructure pipeline and wait for it to complete +9. While running: * Keep an eye on pods recycling `watch -n 1 "kubectl -n kube-system get pods"` * Keep an eye on events `watch -n 1 "kubectl -n kube-system get events"` -13. Run the reporting pipeline on the infrastructure environment -14. If everything is green repeat steps 11-14 on each environment. +10. Run the helper [script](https://github.com/ministryofjustice/cloud-platform-infrastructure/blob/main/scripts/addons-upgrade.bash) after +11. Run the reporting pipeline on the infrastructure environment +12. If everything is green repeat steps 8 - 11 on each environment. ## Finish the upgrade