To upgrade your GKE on AWS environment, first upgrade your management service and then upgrade your user clusters .
Management service
In the following sections, you upgrade your management service.
Before you begin
To connect to your GKE on AWS resources, perform the following steps. Select if you have an existing AWS VPC (or direct connection to your VPC) or created a dedicated VPC when creating your management service.
Existing VPC
If you have a direct or VPN connection to an existing VPC, omit the line env HTTP_PROXY=http://localhost:8118
from commands in this topic.
Dedicated VPC
When you create a management service in a dedicated VPC, GKE on AWS includes a bastion host in a public subnet.
To connect to your management service, perform the following steps:
-
Change to the directory with your GKE on AWS configuration. You created this directory when Installing the management service .
cd anthos-aws -
To open the tunnel, run the
bastion-tunnel.shscript. The tunnel forwards tolocalhost:8118.To open a tunnel to the bastion host, run the following command:
./bastion-tunnel.sh -NMessages from the SSH tunnel appear in this window. When you are ready to close the connection, stop the process by using Control+C or closing the window.
-
Open a new terminal and change into your
anthos-awsdirectory.cd anthos-aws -
Check that you're able to connect to the cluster with
kubectl.env HTTPS_PROXY = http://localhost:8118 \ kubectl cluster-infoThe output includes the URL for the management service API server.
Upgrade your management service
To upgrade your management service, you download a new version of anthos-gke
,
edit your anthos-gke.yaml
, and
then apply the changes.
Download a new version of anthos-gke
The latest version of the anthos-gke
tool is aws-1.14.1-gke.0
. To
download a new version of anthos-gke
, perform the following steps:
The anthos-gke
command-line tool only supports Linux and macOS.
-
Download the binary from Cloud Storage.
Linux
gcloud storage cp gs://gke-multi-cloud-release/aws/aws-1.14.1-gke.0/bin/linux/amd64/anthos-gke .macOS
gcloud storage cp gs://gke-multi-cloud-release/aws/aws-1.14.1-gke.0/bin/darwin/amd64/anthos-gke . -
Update the permissions of
anthos-gkeand copy it to/usr/local/bin.chmod 755 anthos-gke sudo mv anthos-gke /usr/local/bin -
Confirm that the version is
aws-1.14.1-gke.0anthos-gke version
Upgrade your management service
To upgrade your cluster, perform the following steps:
- Change to the directory with your GKE on AWS configuration.
You created this directory when Installing the management service
.
cd anthos-aws -
Open your
anthos-gke.yamlin a text editor. Change the value ofspec.versionto aws-1.14.1-gke.0.apiVersion : multicloud.cluster.gke.io/v1 kind : AWSManagementService metadata : name : management spec : version : aws-1.14.1-gke.0 region : aws-region ... -
Run
anthos-gke aws management initto validate theAWSManagementServiceobject and update theanthos-gke.status.yamlfile.anthos-gke aws management init -
Run
anthos-gke aws management applyto update the management service on AWS.anthos-gke aws management applyThe
anthos-gkecommand begins to upgrade your management service. The upgrade might take up to ten minutes to complete.
User clusters
In the following sections, you upgrade your user clusters.
Before you begin
Before you can complete these steps, you must have a management service and at least one user cluster .
Supported Kubernetes versions
GKE on AWS aws-1.14.1-gke.0 supports the following Kubernetes versions:
- 1.23.15-gke.2000
- 1.24.9-gke.2100
- 1.25.5-gke.2100
For information on prior supported versions, see Release notes .
Component upgrades
This section describes upgrading your AWSClusters and AWSNodePools.
AWSCluster
You can update an AWSCluster to a new version of GKE on AWS without updating your AWSNodePools.
AWSNodePools
You cannot update an AWSNodePool to a version newer than your AWSCluster. To update your AWSNodePools, you must first update your AWSCluster.
Your AWSNodePools version must be no less than two minor versions behind your AWSCluster version.
Upgrade an existing AWSCluster and AWSNodePool
To upgrade your cluster, you update the version
field of AWSCluster
and AWSNodePool
objects on your management service.
AWSCluster
To upgrade an AWSCluster, perform the following steps:
-
From your
anthos-awsdirectory, useanthos-gketo switch context to your management service.cd anthos-aws anthos-gke aws management get-credentials
-
Open the YAML file that created your AWSCluster in a text editor. If you do not have your initial YAML file, you can use
kubectl edit.Edit YAML
If you followed the instructions in Creating a user cluster , your YAML file is named
cluster-0.yaml. Open this file in a text editor.kubectl edit
To use
kubectl editto edit your AWSCluster, run the following command:env HTTPS_PROXY = http://localhost:8118 \ kubectl edit awscluster cluster-nameReplace cluster-name with your AWSCluster. For example, to edit the default cluster,
cluster-0, run the following command:env HTTPS_PROXY = http://localhost:8118 \ kubectl edit awscluster cluster-0 -
Update the
spec.controlPlane.versionfield to a new version of GKE on AWS. The most recent version is 1.25.5-gke.2100.apiVersion : multicloud.cluster.gke.io/v1 kind : AWSCluster metadata : name : cluster-0 spec : region : us-east-1 controlPlane : version : gke_version instanceType : t3.medium ...Replace gke-version with your desired Kubernetes version . The most recent supported Kubernetes version is 1.25.5-gke.2100.
-
Save the file. If you are using
kubectl edit,kubectlapplies the changes automatically. If you are editing the YAML file, apply it to your management service with the following command:env HTTPS_PROXY = http://localhost:8118 \ kubectl apply -f cluster-0.yamlThe management service then updates your AWSCluster.
AWSNodePool
To upgrade an AWSNodePool, perform the following steps:
-
From your
anthos-awsdirectory, useanthos-gketo switch context to your management service.cd anthos-aws anthos-gke aws management get-credentials
-
Open the YAML file that created your AWSNodePool in a text editor. If you followed the instructions in Creating a user cluster , this file is named
cluster-0.yaml. -
Update the value of
spec.versionin your AWSNodePool resources.apiVersion : multicloud.cluster.gke.io/v1 kind : AWSNodePool metadata : name : cluster-0-pool-0 spec : clusterName : cluster-0 region : us-east-1 version : gke-version ...Replace gke-version with your desired Kubernetes version . The most recent supported Kubernetes version is 1.25.5-gke.2100.
-
Apply the new configuration to your management service with
kubectl.env HTTPS_PROXY = http://localhost:8118 \ kubectl apply -f cluster-0.yamlThe management service then updates your AWSNodePool one node at a time. Before a node is shut down, Pods running on that node receive a SIGTERM . If a Pod does not shut down after a grace period, it receives a SIGKILL.
View Status
To get the status of an upgrade, run kubectl get AWSClusters
on your
management service.
env
HTTPS_PROXY
=
http://localhost:8118
\
kubectl
get
AWSClusters
The output includes each cluster's name, state, age, version, and endpoint.
For example, the following output includes one AWSCluster
named cluster-0
.
NAME STATE AGE VERSION ENDPOINT
cluster-0 Upgrading 2m41s 1.25.5-gke.2100 gke-xyz.elb.us-east-1.amazonaws.com
Your user cluster upgrade is complete when the STATEof your clusters is Provisioned.
