Auto-upgrading nodes

This page shows you how to configure node auto-upgrades in Google Kubernetes Engine.

Overview

Node auto-upgrades help you keep the nodes in your cluster up to date with the cluster master version when your master is updated on your behalf. When you create a new cluster using Google Cloud Platform Console, node auto-upgrade is enabled by default.

For more information about upgrading, refer to Upgrading a Container Cluster.

Some benefits of using auto-upgrades:

• Lower management overhead: You don't have to manually track and update your nodes when the master is upgraded on your behalf.
• Better security: Sometimes new binaries are released to fix a security issue. With auto-upgrades, GKE automatically ensures that security updates are applied and kept up to date.
• Ease of use: Provides a simple way to keep your nodes up to date with the latest Kubernetes features.

Node pools with auto-upgrades enabled are automatically scheduled for upgrades soon after a cluster's masters are upgraded. When the upgrade is performed, nodes are drained and re-created to match the current cluster master version. Modifications on the boot disk of a node VM do not persist across node re-creations. To preserve modifications across node re-creation, use a DaemonSet.

Node auto-upgrade is not available for Alpha Clusters.

If you want more control over when upgrades to your nodes occur, you can schedule a maintenance window.

You can disable auto-upgrades on one or more node pools at any time. However, disabling auto-upgrades does not halt in-progress upgrades.

How node auto-upgrade works

When you enable node auto-upgrade for a node pool, your nodes are upgraded to match the version of your master shortly after the master is upgraded.

First, here are some guidelines about node auto-upgrade:

• Only one node pool's nodes are upgraded at a time.
• In a given node pool, one node is upgraded at a time. The order is chosen at random.
• Nodes are auto-upgraded during a maintenance window.

When a node is automatically upgraded, the following things happen:

1. The node is cordoned and drained. At this point, it cannot be scheduled to run new Pods.
   • PodDisruptionBudget is respected for 1 hour.
   • GracefulTerminationPeriod is limited to 1 hour.
2. Pods on the node are rescheduled onto other nodes. If a Pod can't be rescheduled, that Pod stays in PENDING state until the node is recreated.
3. The node is deleted, then re-created at the new version.
4. If the new node fails to register as healthy, auto-upgrade of the entire node pool is disabled.
5. If a significant number of node auto-upgrades to a given version result in unhealthy nodes across the GKE fleet, upgrades to that version are halted while the problem is investigated.

Creating a cluster or node pool with node auto-upgrades

gcloud container clusters create [CLUSTER_NAME] --zone [COMPUTE_ZONE] \
    --enable-autoupgrade

gcloud container node-pools create [NODE_POOL] --cluster [CLUSTER_NAME] \
    --zone [COMPUTE_ZONE] --enable-autoupgrade

Enabling node auto-upgrades for an existing node pool

gcloud container node-pools update [NODE_POOL] --cluster [CLUSTER_NAME] \
    --zone [COMPUTE_ZONE] --enable-autoupgrade

Disabling node auto-upgrades for an existing node pool

gcloud container node-pools update [NODE_POOL] --cluster [CLUSTER_NAME] \
    --zone [COMPUTE_ZONE] --no-enable-autoupgrade

What's next

• Learn more about node pools.