diff --git a/Cargo.lock b/Cargo.lock index 90bf31c..e712c33 100644 --- a/Cargo.lock +++ b/Cargo.lock @@ -322,9 +322,9 @@ dependencies = [ [[package]] name = "aws-smithy-async" -version = "0.55.0" +version = "0.55.1" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "8cd4b9b7d99263f75304fc1fcd752361cbc4cbf068b832acd8daeaaff44267eb" +checksum = "88573bcfbe1dcfd54d4912846df028b42d6255cbf9ce07be216b1bbfd11fc4b9" dependencies = [ "futures-util", "pin-project-lite", @@ -334,9 +334,9 @@ dependencies = [ [[package]] name = "aws-smithy-client" -version = "0.55.0" +version = "0.55.1" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "748298b60bbd0594223ea136ceed2ed4b6d50970bcefa69a5ff6d710ce593854" +checksum = "b2f52352bae50d3337d5d6151b695d31a8c10ebea113eca5bead531f8301b067" dependencies = [ "aws-smithy-async", "aws-smithy-http", @@ -358,9 +358,9 @@ dependencies = [ [[package]] name = "aws-smithy-http" -version = "0.55.0" +version = "0.55.1" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "d78510732b81040689dc146e3693bfbcf388ab88cbda667d3ef67f8869b0744a" +checksum = "03bcc02d7ed9649d855c8ce4a735e9848d7b8f7568aad0504c158e3baa955df8" dependencies = [ "aws-smithy-types", "bytes", @@ -380,9 +380,9 @@ dependencies = [ [[package]] name = "aws-smithy-http-tower" -version = "0.55.0" +version = "0.55.1" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "dc33689c27bbd8184412b45c4d1ab795d9a35402562d9fde6c53695a90969740" +checksum = "da88b3a860f65505996c29192d800f1aeb9480440f56d63aad33a3c12045017a" dependencies = [ "aws-smithy-http", "aws-smithy-types", @@ -396,18 +396,18 @@ dependencies = [ [[package]] name = "aws-smithy-json" -version = "0.55.0" +version = "0.55.1" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "ada31cab1b1d1f0abc5c4d1183de5b278597704851aa703801b82feabf19aa74" +checksum = "9b0c1e87d75cac889dca2a7f5ba280da2cde8122448e7fec1d614194dfa00c70" dependencies = [ "aws-smithy-types", ] [[package]] name = "aws-smithy-query" -version = "0.55.0" +version = "0.55.1" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "b55358401b657d192f70f093927f01d73cc4859e2907956b20c4043c76624006" +checksum = "f6b50d15f446c19e088009ecb00e2fb2d13133d6fe1db702e9aa67ad135bf6a6" dependencies = [ "aws-smithy-types", "urlencoding", @@ -415,9 +415,9 @@ dependencies = [ [[package]] name = "aws-smithy-types" -version = "0.55.0" +version = "0.55.1" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "474d145c2e0f82892841d2502bd546ca0dbc1e4e242c3563d96e7061054c268f" +checksum = "cd0afc731fd1417d791f9145a1e0c30e23ae0beaab9b4814017708ead2fc20f1" dependencies = [ "base64-simd", "itoa", @@ -428,9 +428,9 @@ dependencies = [ [[package]] name = "aws-smithy-xml" -version = "0.55.0" +version = "0.55.1" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "bb159921734d090b01c586a4fef73964f42fcb7eb53a8184b2db374bd6a6fc99" +checksum = "8b5398c1c25dfc6f8c282b1552a66aa807c9d6e15e1b3a84b94aa44e7859bec3" dependencies = [ "xmlparser", ] diff --git a/eksup/src/version.rs b/eksup/src/version.rs index a718d00..cf60302 100644 --- a/eksup/src/version.rs +++ b/eksup/src/version.rs @@ -6,7 +6,7 @@ use seq_macro::seq; use serde::{Deserialize, Serialize}; /// Latest support version -pub const LATEST: &str = "1.25"; +pub const LATEST: &str = "1.26"; #[derive(Debug, Serialize, Deserialize)] pub struct Versions { @@ -14,7 +14,7 @@ pub struct Versions { pub target: String, } -seq!(N in 20..=24 { +seq!(N in 20..=26 { /// Kubernetes version(s) supported #[derive(Clone, Copy, Debug, Serialize, Deserialize)] pub enum KubernetesVersion { diff --git a/eksup/templates/data.yaml b/eksup/templates/data.yaml index bafafd9..6e1f5bd 100644 --- a/eksup/templates/data.yaml +++ b/eksup/templates/data.yaml @@ -23,5 +23,12 @@ deprecation_url: https://kubernetes.io/docs/reference/using-api/deprecation-guide/#v1-26 '1.27': - release_url: TBD + release_url: https://kubernetes.io/blog/2023/04/11/kubernetes-v1-27-release/ deprecation_url: https://kubernetes.io/docs/reference/using-api/deprecation-guide/#v1-27 + +'1.28': + release_url: TBD + +'1.29': + release_url: TBD + deprecation_url: https://kubernetes.io/docs/reference/using-api/deprecation-guide/#v1-29 diff --git a/eksup/templates/eks-managed-nodegroup.md b/eksup/templates/eks-managed-nodegroup.md index 33903eb..1982af5 100644 --- a/eksup/templates/eks-managed-nodegroup.md +++ b/eksup/templates/eks-managed-nodegroup.md @@ -22,7 +22,7 @@ The default update strategy for EKS managed nodegroups is a surge, rolling updat - #### Check [[EKS003]](https://clowdhaus.github.io/eksup/checks/#eks003) + #### Check [[EKS003]](https://clowdhaus.github.io/eksup/info/checks/#eks003) {{ eks_managed_nodegroup_health }} 2. Ensure the EKS managed nodegroup(s) do not have any pending updates and they are using the latest version of their respective launch templates. If the nodegroup(s) are not using the latest launch template, it is recommended to update to the latest to avoid accidentally introducing any additional and un-intended changes during the upgrade. @@ -36,7 +36,7 @@ The default update strategy for EKS managed nodegroups is a surge, rolling updat - Check [[EKS006]](https://clowdhaus.github.io/eksup/checks/#eks006) + Check [[EKS006]](https://clowdhaus.github.io/eksup/info/checks/#eks006) {{ eks_managed_nodegroup_update }} ##### Upgrade diff --git a/eksup/templates/playbook.md b/eksup/templates/playbook.md index 133e90e..dc4210b 100644 --- a/eksup/templates/playbook.md +++ b/eksup/templates/playbook.md @@ -79,7 +79,7 @@ ``` - #### Check [[K8S001]](https://clowdhaus.github.io/eksup/checks/#k8s001) + #### Check [[K8S001]](https://clowdhaus.github.io/eksup/info/checks/#k8s001) {{ version_skew }} 3. Verify that there are at least 5 free IPs in the VPC subnets used by the control plane. Amazon EKS creates new elastic network interfaces (ENIs) in any of the subnets specified for the control plane. If there are not enough available IPs, then the upgrade will fail (your control plane will stay on the prior version). @@ -96,7 +96,7 @@ - #### Check [[EKS001]](https://clowdhaus.github.io/eksup/checks/#eks001) + #### Check [[EKS001]](https://clowdhaus.github.io/eksup/info/checks/#eks001) {{ control_plane_ips }} 4. Ensure the cluster is free of any health issues as reported by Amazon EKS. If there are any issues, resolution of those issues is required before upgrading the cluster. Note - resolution in some cases may require creating a new cluster. For example, if the cluster primary security group was deleted, at this time, the only course of remediation is to create a new cluster and migrate any workloads over to that cluster (treated as a blue/green cluster upgrade). @@ -111,7 +111,7 @@ - #### Check [[EKS002]](https://clowdhaus.github.io/eksup/checks/#eks002) + #### Check [[EKS002]](https://clowdhaus.github.io/eksup/info/checks/#eks002) {{ cluster_health }} 5. Ensure the EKS addons in use are using a version that is supported by the intended target Kubernetes version. If an addon is not compatible with the intended target Kubernetes version, upgrade the addon to a version that is compatible before upgrading the cluster. @@ -137,7 +137,7 @@ - #### Check [[EKS005]](https://clowdhaus.github.io/eksup/checks/#eks005) + #### Check [[EKS005]](https://clowdhaus.github.io/eksup/info/checks/#eks005) {{ addon_version_compatibility }} 5. Check Kubernetes API versions currently in use and ensure any versions that are removed in the next Kubernetes release are updated prior to upgrading the cluster. There are several open source tools that can help you identify deprecated API versions in your Kubernetes manifests. The following open source projects support scanning both your cluster as well as manifest files to identify deprecated and/or removed API versions: @@ -173,31 +173,31 @@ When upgrading the control plane, Amazon EKS performs standard infrastructure an 🚧 TODO - fill in analysis results - #### Check [[K8S002]](https://clowdhaus.github.io/eksup/checks/#k8s002) + #### Check [[K8S002]](https://clowdhaus.github.io/eksup/info/checks/#k8s002) {{ min_replicas }} - #### Check [[K8S003]](https://clowdhaus.github.io/eksup/checks/#k8s003) + #### Check [[K8S003]](https://clowdhaus.github.io/eksup/info/checks/#k8s003) {{ min_ready_seconds }} - #### Check [[K8S004]](https://clowdhaus.github.io/eksup/checks/#k8s004) + #### Check [[K8S004]](https://clowdhaus.github.io/eksup/info/checks/#k8s004) 🚧 TODO - #### Check [[K8S005]](https://clowdhaus.github.io/eksup/checks/#k8s005) + #### Check [[K8S005]](https://clowdhaus.github.io/eksup/info/checks/#k8s005) {{ pod_topology_distribution }} - #### Check [[K8S006]](https://clowdhaus.github.io/eksup/checks/#k8s006) + #### Check [[K8S006]](https://clowdhaus.github.io/eksup/info/checks/#k8s006) {{ readiness_probe }} - #### Check [[K8S007]](https://clowdhaus.github.io/eksup/checks/#k8s007) + #### Check [[K8S007]](https://clowdhaus.github.io/eksup/info/checks/#k8s007) {{ termination_grace_period }} - #### Check [[K8S008]](https://clowdhaus.github.io/eksup/checks/#k8s008) + #### Check [[K8S008]](https://clowdhaus.github.io/eksup/info/checks/#k8s008) {{ docker_socket }} - #### Check [[K8S009]](https://clowdhaus.github.io/eksup/checks/#k8s009) + #### Check [[K8S009]](https://clowdhaus.github.io/eksup/info/checks/#k8s009) {{ pod_security_policy }} - #### Check [[K8S0011]](https://clowdhaus.github.io/eksup/checks/#k8s011) + #### Check [[K8S0011]](https://clowdhaus.github.io/eksup/info/checks/#k8s011) {{ kube_proxy_version_skew }} 2. Inspect [AWS service quotas](https://docs.aws.amazon.com/general/latest/gr/aws_service_limits.html) before upgrading. Accounts that are multi-tenant or already have a number of resources provisioned may be at risk of hitting service quota limits which will cause the cluster upgrade to fail, or impede the upgrade process. @@ -223,7 +223,7 @@ When upgrading the control plane, Amazon EKS performs standard infrastructure an - #### Check [[AWS002]](https://clowdhaus.github.io/eksup/checks/#aws002) + #### Check [[AWS002]](https://clowdhaus.github.io/eksup/info/checks/#aws002) {{ pod_ips }} {{/if}} @@ -253,7 +253,7 @@ When upgrading the control plane, Amazon EKS performs standard infrastructure an - #### Check [[EKS004]](https://clowdhaus.github.io/eksup/checks/#eks004) + #### Check [[EKS004]](https://clowdhaus.github.io/eksup/info/checks/#eks004) {{ addon_health }} ### Addon Upgrade diff --git a/eksup/templates/self-managed-nodegroup.md b/eksup/templates/self-managed-nodegroup.md index 460bade..41372f7 100644 --- a/eksup/templates/self-managed-nodegroup.md +++ b/eksup/templates/self-managed-nodegroup.md @@ -19,7 +19,7 @@ A starting point for the instance refresh configuration is to use a value of 70% - Check [[EKS007]](https://clowdhaus.github.io/eksup/checks/#eks007) + Check [[EKS007]](https://clowdhaus.github.io/eksup/info/checks/#eks007) {{ self_managed_nodegroup_update }} ##### Upgrade diff --git a/examples/eks-managed/main.tf b/examples/eks-managed/main.tf index cd899de..b5f8bd3 100644 --- a/examples/eks-managed/main.tf +++ b/examples/eks-managed/main.tf @@ -37,7 +37,7 @@ locals { module "eks" { source = "terraform-aws-modules/eks/aws" - version = "~> 19.5" + version = "~> 19.12" cluster_name = local.name cluster_version = "1.${local.minor_version}" @@ -81,7 +81,7 @@ module "eks" { module "vpc" { source = "terraform-aws-modules/vpc/aws" - version = "~> 3.0" + version = "~> 4.0" name = local.name cidr = local.vpc_cidr @@ -99,13 +99,8 @@ module "vpc" { private_subnet_ipv6_prefixes = [3, 4, 5] intra_subnet_ipv6_prefixes = [6, 7, 8] - enable_nat_gateway = true - single_nat_gateway = true - enable_dns_hostnames = true - - enable_flow_log = true - create_flow_log_cloudwatch_iam_role = true - create_flow_log_cloudwatch_log_group = true + enable_nat_gateway = true + single_nat_gateway = true public_subnet_tags = { "kubernetes.io/role/elb" = 1 diff --git a/examples/fargate-profile/main.tf b/examples/fargate-profile/main.tf index e302dc0..50a82da 100644 --- a/examples/fargate-profile/main.tf +++ b/examples/fargate-profile/main.tf @@ -37,7 +37,7 @@ locals { module "eks" { source = "terraform-aws-modules/eks/aws" - version = "~> 19.5" + version = "~> 19.12" cluster_name = local.name cluster_version = "1.${local.minor_version}" @@ -57,17 +57,14 @@ module "eks" { subnet_ids = module.vpc.private_subnets control_plane_subnet_ids = module.vpc.intra_subnets - fargate_profiles = merge( - { for i in range(3) : - "kube-system-${element(split("-", local.azs[i]), 2)}" => { - selectors = [ - { namespace = "kube-system" } - ] - # We want to create a profile per AZ for high availability - subnet_ids = [element(module.vpc.private_subnets, i)] - } - }, - ) + fargate_profiles = { + kube_system = { + name = "kube-system" + selectors = [ + { namespace = "kube-system" } + ] + } + } tags = local.tags } @@ -88,13 +85,8 @@ module "vpc" { public_subnets = [for k, v in local.azs : cidrsubnet(local.vpc_cidr, 8, k + 48)] intra_subnets = [for k, v in local.azs : cidrsubnet(local.vpc_cidr, 8, k + 52)] - enable_nat_gateway = true - single_nat_gateway = true - enable_dns_hostnames = true - - enable_flow_log = true - create_flow_log_cloudwatch_iam_role = true - create_flow_log_cloudwatch_log_group = true + enable_nat_gateway = true + single_nat_gateway = true public_subnet_tags = { "kubernetes.io/role/elb" = 1 diff --git a/examples/mixed/main.tf b/examples/mixed/main.tf index 591963e..59dcfd8 100644 --- a/examples/mixed/main.tf +++ b/examples/mixed/main.tf @@ -52,7 +52,7 @@ locals { module "eks" { source = "terraform-aws-modules/eks/aws" - version = "~> 19.5" + version = "~> 19.12" cluster_name = local.name cluster_version = "1.${local.minor_version}" @@ -99,10 +99,10 @@ module "eks" { eks_managed_node_groups = { # This uses a custom launch template (custom as in module/user supplied) standard = { - # pre_bootstrap_user_data = <<-EOT - # #!/bin/bash - # echo "Hello from user data!" - # EOT + pre_bootstrap_user_data = <<-EOT + #!/bin/bash + echo "Hello from user data!" + EOT # To show pending changes update_launch_template_default_version = false @@ -131,10 +131,10 @@ module "eks" { } different = { - # pre_bootstrap_user_data = <<-EOT - # #!/bin/bash - # echo "Hello from user data!" - # EOT + pre_bootstrap_user_data = <<-EOT + #!/bin/bash + echo "Hello from user data!" + EOT # To show pending changes instance_refresh = {} @@ -182,7 +182,7 @@ resource "kubectl_manifest" "eni_config" { module "vpc" { source = "terraform-aws-modules/vpc/aws" - version = "~> 3.0" + version = "~> 4.0" name = local.name cidr = local.vpc_cidr_nodes @@ -197,17 +197,8 @@ module "vpc" { public_subnets = [for k, v in local.azs : cidrsubnet(local.vpc_cidr_nodes, 8, k + 48)] intra_subnets = [for k, v in local.azs : cidrsubnet(local.vpc_cidr_nodes, 8, k + 52)] - enable_nat_gateway = true - single_nat_gateway = true - enable_dns_hostnames = true - - # Manage so we can name - manage_default_network_acl = true - default_network_acl_tags = { Name = "${local.name}-default" } - manage_default_route_table = true - default_route_table_tags = { Name = "${local.name}-default" } - manage_default_security_group = true - default_security_group_tags = { Name = "${local.name}-default" } + enable_nat_gateway = true + single_nat_gateway = true public_subnet_tags = { "kubernetes.io/role/elb" = 1 diff --git a/examples/test-mixed_v1.24_upgrade.md b/examples/test-mixed_v1.24_upgrade.md index 2223e0c..9679e54 100644 --- a/examples/test-mixed_v1.24_upgrade.md +++ b/examples/test-mixed_v1.24_upgrade.md @@ -70,18 +70,18 @@ ``` - #### Check [[K8S001]](https://clowdhaus.github.io/eksup/checks/#k8s001) + #### Check [[K8S001]](https://clowdhaus.github.io/eksup/info/checks/#k8s001) | CHECK | | NODE | CONTROL PLANE | SKEW | QUANTITY | |--------|----|-------|---------------|------|----------| - | K8S001 | ❌ | v1.22 | v1.23 | +1 | 2 | | K8S001 | ❌ | v1.21 | v1.23 | +2 | 2 | + | K8S001 | ❌ | v1.22 | v1.23 | +1 | 2 | | | NAME | NODE | CONTROL PLANE | SKEW | |----|-----------------------------|-------|---------------|------| - | ❌ | ip-10-0-0-100.ec2.internal | v1.21 | v1.23 | +2 | - | ❌ | ip-10-0-14-188.ec2.internal | v1.22 | v1.23 | +1 | - | ❌ | ip-10-0-19-35.ec2.internal | v1.21 | v1.23 | +2 | - | ❌ | ip-10-0-40-93.ec2.internal | v1.22 | v1.23 | +1 | + | ❌ | ip-10-0-0-186.ec2.internal | v1.22 | v1.23 | +1 | + | ❌ | ip-10-0-18-239.ec2.internal | v1.21 | v1.23 | +2 | + | ❌ | ip-10-0-29-85.ec2.internal | v1.22 | v1.23 | +1 | + | ❌ | ip-10-0-33-167.ec2.internal | v1.21 | v1.23 | +2 | 3. Verify that there are at least 5 free IPs in the VPC subnets used by the control plane. Amazon EKS creates new elastic network interfaces (ENIs) in any of the subnets specified for the control plane. If there are not enough available IPs, then the upgrade will fail (your control plane will stay on the prior version). @@ -98,7 +98,7 @@ - #### Check [[EKS001]](https://clowdhaus.github.io/eksup/checks/#eks001) + #### Check [[EKS001]](https://clowdhaus.github.io/eksup/info/checks/#eks001) ✅ - There is sufficient IP space in the subnets provided 4. Ensure the cluster is free of any health issues as reported by Amazon EKS. If there are any issues, resolution of those issues is required before upgrading the cluster. Note - resolution in some cases may require creating a new cluster. For example, if the cluster primary security group was deleted, at this time, the only course of remediation is to create a new cluster and migrate any workloads over to that cluster (treated as a blue/green cluster upgrade). @@ -113,7 +113,7 @@ - #### Check [[EKS002]](https://clowdhaus.github.io/eksup/checks/#eks002) + #### Check [[EKS002]](https://clowdhaus.github.io/eksup/info/checks/#eks002) ✅ - There are no reported health issues on the cluster control plane 5. Ensure the EKS addons in use are using a version that is supported by the intended target Kubernetes version. If an addon is not compatible with the intended target Kubernetes version, upgrade the addon to a version that is compatible before upgrading the cluster. @@ -139,12 +139,12 @@ - #### Check [[EKS005]](https://clowdhaus.github.io/eksup/checks/#eks005) + #### Check [[EKS005]](https://clowdhaus.github.io/eksup/info/checks/#eks005) | | NAME | CURRENT | LATEST | DEFAULT | |----|------------|---------------------|---------------------|--------------------| | ⚠️ | coredns | v1.8.4-eksbuild.2 | v1.9.3-eksbuild.2 | v1.8.7-eksbuild.3 | | ❌ | kube-proxy | v1.21.14-eksbuild.3 | v1.24.10-eksbuild.2 | v1.24.7-eksbuild.2 | - | ❌ | vpc-cni | v1.11.3-eksbuild.3 | v1.12.5-eksbuild.2 | v1.11.4-eksbuild.1 | + | ❌ | vpc-cni | v1.11.3-eksbuild.3 | v1.12.6-eksbuild.1 | v1.11.4-eksbuild.1 | 5. Check Kubernetes API versions currently in use and ensure any versions that are removed in the next Kubernetes release are updated prior to upgrading the cluster. There are several open source tools that can help you identify deprecated API versions in your Kubernetes manifests. The following open source projects support scanning both your cluster as well as manifest files to identify deprecated and/or removed API versions: @@ -180,7 +180,7 @@ When upgrading the control plane, Amazon EKS performs standard infrastructure an 🚧 TODO - fill in analysis results - #### Check [[K8S002]](https://clowdhaus.github.io/eksup/checks/#k8s002) + #### Check [[K8S002]](https://clowdhaus.github.io/eksup/info/checks/#k8s002) | | NAME | NAMESPACE | KIND | REPLICAS | |----|---------|-------------|-------------|----------| | ❌ | bad-dpl | deployment | Deployment | 1 | @@ -189,7 +189,7 @@ When upgrading the control plane, Amazon EKS performs standard infrastructure an | ❌ | bad-ss | statefulset | StatefulSet | 1 | - #### Check [[K8S003]](https://clowdhaus.github.io/eksup/checks/#k8s003) + #### Check [[K8S003]](https://clowdhaus.github.io/eksup/info/checks/#k8s003) | | NAME | NAMESPACE | KIND | SECONDS | |----|---------|-------------|-------------|---------| | ⚠️ | bad-dpl | deployment | Deployment | 0 | @@ -198,10 +198,10 @@ When upgrading the control plane, Amazon EKS performs standard infrastructure an | ❌ | bad-ss | statefulset | StatefulSet | 0 | - #### Check [[K8S004]](https://clowdhaus.github.io/eksup/checks/#k8s004) + #### Check [[K8S004]](https://clowdhaus.github.io/eksup/info/checks/#k8s004) 🚧 TODO - #### Check [[K8S005]](https://clowdhaus.github.io/eksup/checks/#k8s005) + #### Check [[K8S005]](https://clowdhaus.github.io/eksup/info/checks/#k8s005) | | NAME | NAMESPACE | KIND | ANTIAFFINITY | TOPOLOGYSPREADCONSTRAINTS | |----|---------|-------------|-------------|--------------|---------------------------| | ❌ | bad-dpl | deployment | Deployment | false | false | @@ -209,7 +209,7 @@ When upgrading the control plane, Amazon EKS performs standard infrastructure an | ❌ | bad-ss | statefulset | StatefulSet | false | false | - #### Check [[K8S006]](https://clowdhaus.github.io/eksup/checks/#k8s006) + #### Check [[K8S006]](https://clowdhaus.github.io/eksup/info/checks/#k8s006) | | NAME | NAMESPACE | KIND | READINESS PROBE | |----|---------|-------------|-------------|-----------------| | ❌ | bad-dpl | deployment | Deployment | false | @@ -217,13 +217,13 @@ When upgrading the control plane, Amazon EKS performs standard infrastructure an | ❌ | bad-ss | statefulset | StatefulSet | false | - #### Check [[K8S007]](https://clowdhaus.github.io/eksup/checks/#k8s007) + #### Check [[K8S007]](https://clowdhaus.github.io/eksup/info/checks/#k8s007) | | NAME | NAMESPACE | KIND | TERMINATIONGRACEPERIOD | |----|--------|-------------|-------------|------------------------| | ❌ | bad-ss | statefulset | StatefulSet | 0 | - #### Check [[K8S008]](https://clowdhaus.github.io/eksup/checks/#k8s008) + #### Check [[K8S008]](https://clowdhaus.github.io/eksup/info/checks/#k8s008) | | NAME | NAMESPACE | KIND | DOCKERSOCKET | |----|----------|-------------|-------------|--------------| | ❌ | bad-cron | cronjob | CronJob | true | @@ -235,13 +235,13 @@ When upgrading the control plane, Amazon EKS performs standard infrastructure an | ❌ | bad-ss | statefulset | StatefulSet | true | - #### Check [[K8S009]](https://clowdhaus.github.io/eksup/checks/#k8s009) + #### Check [[K8S009]](https://clowdhaus.github.io/eksup/info/checks/#k8s009) | | NAME | NAMESPACE | KIND | |---|----------------|-----------|-------------------| | ⚠️ | eks.privileged | | PodSecurityPolicy | - #### Check [[K8S0011]](https://clowdhaus.github.io/eksup/checks/#k8s011) + #### Check [[K8S0011]](https://clowdhaus.github.io/eksup/info/checks/#k8s011) | | KUBELET | KUBE PROXY | SKEW | |----|---------|------------|------| | ❌ | v1.23 | v1.21 | -2 | @@ -270,7 +270,7 @@ When upgrading the control plane, Amazon EKS performs standard infrastructure an - #### Check [[AWS002]](https://clowdhaus.github.io/eksup/checks/#aws002) + #### Check [[AWS002]](https://clowdhaus.github.io/eksup/info/checks/#aws002) ✅ - There is sufficient IP space in the subnets provided #### EKS Managed Nodegroup @@ -297,7 +297,7 @@ The default update strategy for EKS managed nodegroups is a surge, rolling updat - #### Check [[EKS003]](https://clowdhaus.github.io/eksup/checks/#eks003) + #### Check [[EKS003]](https://clowdhaus.github.io/eksup/info/checks/#eks003) ✅ - There are no reported nodegroup health issues. 2. Ensure the EKS managed nodegroup(s) do not have any pending updates and they are using the latest version of their respective launch templates. If the nodegroup(s) are not using the latest launch template, it is recommended to update to the latest to avoid accidentally introducing any additional and un-intended changes during the upgrade. @@ -311,10 +311,10 @@ The default update strategy for EKS managed nodegroups is a surge, rolling updat - Check [[EKS006]](https://clowdhaus.github.io/eksup/checks/#eks006) + Check [[EKS006]](https://clowdhaus.github.io/eksup/info/checks/#eks006) | | MANAGED NODEGROUP | LAUNCH TEMP ID | CURRENT | LATEST | |---|-------------------------------------|----------------------|---------|--------| - | ⚠️ | standard-20230311143408696200000027 | lt-0a9ebcea03f330711 | 1 | 2 | + | ⚠️ | standard-20230412140514370900000027 | lt-06916d6df58a5d33c | 1 | 2 | ##### Upgrade @@ -387,10 +387,10 @@ A starting point for the instance refresh configuration is to use a value of 70% - Check [[EKS007]](https://clowdhaus.github.io/eksup/checks/#eks007) + Check [[EKS007]](https://clowdhaus.github.io/eksup/info/checks/#eks007) | | AUTOSCALING GROUP | LAUNCH TEMP ID | CURRENT | LATEST | |---|--------------------------------------|----------------------|---------|--------| - | ⚠️ | different-20230311143408778000000029 | lt-061e6a6f3cc5c1db9 | 1 | 2 | + | ⚠️ | different-20230412140514375500000029 | lt-0eac669d894cd3b1c | 1 | 2 | ##### Upgrade @@ -473,7 +473,7 @@ The Kubernetes version used by Fargate nodes is referenced from the control plan - #### Check [[EKS004]](https://clowdhaus.github.io/eksup/checks/#eks004) + #### Check [[EKS004]](https://clowdhaus.github.io/eksup/info/checks/#eks004) ✅ - There are no reported addon health issues. ### Addon Upgrade