This browser is no longer supported.
Upgrade to Microsoft Edge to take advantage of the latest features, security updates, and technical support.
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(185.6, 33%, 27%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ECF%3C/text%3E%3C/svg%3E)
az aks upgrade --resource-group --name --kubernetes-version 1.18.14 (from 1.17.9)
is reporting the following error:
Deployment failed. Correlation ID: fa7565e0-a741-4ef2-accf-a76be59da209. Drain did not complete pods [nginx-ingress-ingress-nginx-controller-744847f7b8-kh7bc] on vm aks-agentpool-42415862-vmss000004. Check Pod Disruption Budgets
This is causing an inconsistent configuration (some nodes look like updated to 1.18.14 and some nodes not yet e.g.aks-agentpool-42415862-vmss000004 ).
Any hints will be appreciated.
Thanks !
Further details:
kubectl get poddisruptionbudgets
NAME MIN AVAILABLE MAX UNAVAILABLE ALLOWED DISRUPTIONS AGE
nginx-ingress-ingress-nginx-controller 1 N/A 0 158d
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(249.60000000000002, 98%, 34%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ESP%3C/text%3E%3C/svg%3E)
Hello @Colasanto, Francesca ,
Thanks for your query !
Based upon your existing poddisruptionbudgets configuration , aks upgrade failure is expected. The node aks-agentpool-42415862-vmss000004 was not upgraded because the process was not able to move the pod nginx-ingress-ingress-nginx-controller-744847f7b8-kh7bc to another node (Failed to drain the node due to pod PDBs )
You are hitting the issue mentioned at
Take a look at similar post
Basics of PDB
The affect of PDB
How to configure PDB (Best practices)
(Detailed description mentioned in the above article )
In short , If you see your PDB , it clearly says minimum available should be always 1 (i.e. atleast 1 pod should be available all the time ) . At the upgrade , it will try to drain the node . As a part of draining the node - pods will be moved from one node to another node. Since PDB configuration says minimum available is 1
Basic Rule while defining PDB:-
Have max allowed disruption on PDB less than existing no. of replicas during upgrade
Mitigation1:-
Try deleting the PDB and do the upgrade
kubectl delete pdb nginx-ingress-ingress-nginx-controller
Mitigation2:-
Try to increase the number of replicas of the pod nginx-ingress-ingress-nginx-controller in your deployment yaml file
Mitigation3:-
Try to change the maximum allowed disruptions to less than allowed number of replicas
Hope above explanation helps out in understanding and resolving the issue. If it helps - kindly Upvote and Accept the Answer
Hello @shiva patpi ,
Issue solved, AKS Kubernetes version update to 18.4 completed with success after PDB conf update (by defining a maximum number of unavailable instances):
spec:
maxUnavailable: 1
Thanks a lot for support !
Hello @Colasanto, Francesca ,
Thanks for the update. Yeah - that's the right approach. You might want to "Accept the answer" so that it will be very helpful to the whole community out there who are looking for similar issues
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(48, 10%, 14%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ET%3C/text%3E%3C/svg%3E)
Hello @shiva patpi
I am interested in your suggestion on Mitigation3 :Try to change the maximum allowed disruptions
I am curious about how that could be achieved, I am not seeing PDB yaml format support the editing of allowed disruptions.
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(64, 98%, 16%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ECF%3C/text%3E%3C/svg%3E)
PodDisruptionBudget yaml file sample:
apiVersion: policy/v1beta1
kind: PodDisruptionBudget
metadata:
name: nginx-pdb
namespace: <your_namespace>
spec:
maxUnavailable: 1
selector:
matchLabels:
app: nginx-frontend
You can run in your kube context
$ kubectl get poddisruptionbudget -n <your_namespace>
$ kubectl get poddisruptionbudget <poddisruptionbudgetname> -n <your_namespace> -o yaml > /tmp/poddisruptionbudget .yaml
In /tmp/poddisruptionbudget .yaml set "maxUnavailable: 1", save and exit
$ kubectl apply -f /tmp/poddisruptionbudget .yaml -n <your_namespace>
For details see https://learn.microsoft.com/en-us/azure/aks/operator-best-practices-scheduler#plan-for-availability-using-pod-disruption-budgets