Updating AKS Version In Sync with Nginx-Ingress Version

Harry Whitehouse 40 Reputation points
2024-04-13T18:33:05.9866667+00:00

Azure offers both a manual upgrade and automatic upgrade process for AKS versions. I have used the manual method to successfully upgrade from 1.21 to 1.28. A table here https://github.com/kubernetes/ingress-nginx shows the relationship between AKS versions and Nginx-Ingress versions and, as you move up in AKS versions, it appears you must also upgrade Ingress. For instance, we have one server moved up to 1.28 but I'm holding off upgrading to 1.29 until I figure out if and how I need to upgrade Nginx-Ingress to 1.10. I know that a colleague had this problem when moving from AKS version 1.21 (the cluster stopped working) -- but he left without documenting how he upgraded the Nginx-Ingress.

Question 1: When manually triggering an AKS version in the Azure UI, is it true that the process ignores the need for upgrading Nginx-Ingress? That is what appears to be happening.

Question 2: Azure has an "automatic" upgrade option which we have yet to invoke but would like to. How does this work? Does it handle Nginx-Ingress upgrades as well (if required)?

Question 3: If I have to upgrade Ingress manually, I believe that a Helm command like the one below will do the upgrade AND preserve the configuration setting in the older version:

helm upgrade --reuse-values ingress-nginx ingress-nginx/ingress-nginx

Am I heading the the right direction here?

Question 4: When my departed colleague upgraded Ingress, the public IP address changed and he had to update our DNS mapping. Is there anyway to avoid this? Will the --reuse-values flag preserve our original IP address?

Azure Kubernetes Service (AKS)
Azure Kubernetes Service (AKS)
An Azure service that provides serverless Kubernetes, an integrated continuous integration and continuous delivery experience, and enterprise-grade security and governance.
2,115 questions
0 comments No comments
{count} votes

1 answer

Sort by: Most helpful
  1. Anveshreddy Nimmala 3,545 Reputation points Microsoft Vendor
    2024-04-15T05:49:15.83+00:00

    Hello

    Welcome to microsoft Q&A, Thankyou for posting your query here.

    when you manually upgrade the version of Azure Kubernetes Service (AKS) the process typically focuses solely on upgrading the Kubernetes components and does not automatically handle the upgrading of applications or services running within the cluster.

    Nginx-Ingress is essentially an Ingress controller running as pods within your AKS cluster, any update management of its deployment is taken by the cluster administrator. This includes updating to newer versions of Nginx-Ingress or modifying its configuration based on Kubernetes updates.

    There are several channels available, each targeting different levels of stability. Depending on the channel selected, AKS automatically schedules and implements upgrades to your clusters. The automatic upgrade process typically involves updating the control plane followed by node pools. The control plane is upgraded first without any downtime. Node pool upgrades are done one node at a time to maintain availability. It do not include upgrades for applications like Nginx-Ingress.

    If you installed ingress-nginx using the Helm command in the deployment docs so its name is ingress-nginx, you should be able to upgrade using

    helm upgrade --reuse-values ingress-nginx ingress-nginx/ingress-nginx

    https://kubernetes.github.io/ingress-nginx/deploy/upgrade/

    The --reuse-values flag in Helm preserves the values used in the previous release, including the configuration of how services are set up.

    If your Ingress controller is exposed through a Kubernetes Service of type LoadBalancer, then the external IP address is typically managed by Azure, which remains attached to the service until the service is deleted.

    you should create static IP address that you can assign to your Ingress controller. This way, the IP address can be reused across different deployments and upgrades.

    apiVersion: v1
    kind: Service
    metadata:
      name: nginx-ingress
      annotations:
        service.beta.kubernetes.io/azure-load-balancer-resource-group: myResourceGroup
    spec:
      type: LoadBalancer
      loadBalancerIP: your-static-ip <163.17.03.01>
      ports:
      - port: 80
      selector:
        app: nginx-ingress
    

    Hope this helps you.

    If an answer has been helpful, please consider accepting the answer to help increase visibility of this question for other members of the Microsoft Q&A community. If not, please let us know what is still needed in the comments so the question can be answered. Thank you for helping to improve Microsoft Q&A!

    7446a2b3-8937-494a-ad3c-0a8dad27574f

    0 comments No comments

Your answer

Answers can be marked as Accepted Answers by the question author, which helps users to know the answer solved the author's problem.