You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
What would you like to be added: Please consider adding bootstrap flag which would prevent node from joining when kubelet version is higher than the control plane version. If it would be more appropriate, please consider proposing the feature upstream to k8s/kubelet itself.
Why is this needed: kubelet itself doesn't seem to support this feature, at least not yet, but we would like to enforce kubelet skew policy which says kubelet must not be newer than kube-apiserver. Recently we were doing k8s upgrade on pre-prod environment and managed to rollout newer AMIs with newer kubelet, missed a step to upgrade control plane first, and noticed it late; then to ensure pre-prod and production rollout process are the same, we had to do lots of re-work to revert node upgrade, and follow the upgrade process to upgrade control plane first and then re-do node upgrade. Having a feature flag that would prevent nodes from joining when skew is not respected would help us fail sooner and avoid rework (we'd debug the node join failure, notice the issue sooner, upgrade control plane, and delete new nodes to have ASGs bring in new replacements which would join successfully)
The text was updated successfully, but these errors were encountered:
What would you like to be added: Please consider adding bootstrap flag which would prevent node from joining when kubelet version is higher than the control plane version. If it would be more appropriate, please consider proposing the feature upstream to k8s/kubelet itself.
Why is this needed: kubelet itself doesn't seem to support this feature, at least not yet, but we would like to enforce kubelet skew policy which says
kubelet must not be newer than kube-apiserver. Recently we were doing k8s upgrade on pre-prod environment and managed to rollout newer AMIs with newer kubelet, missed a step to upgrade control plane first, and noticed it late; then to ensure pre-prod and production rollout process are the same, we had to do lots of re-work to revert node upgrade, and follow the upgrade process to upgrade control plane first and then re-do node upgrade. Having a feature flag that would prevent nodes from joining when skew is not respected would help us fail sooner and avoid rework (we'd debug the node join failure, notice the issue sooner, upgrade control plane, and delete new nodes to have ASGs bring in new replacements which would join successfully)The text was updated successfully, but these errors were encountered: