How can I upgrade the AKS cluster using terraform without downtime

Question

I want to upgrade my AKS cluster using terraform without or with minimal downtime.

1. What happens to the workloads during the cluster upgrade.
2. Can i do the AKS cluster upgrade and node upgrade same time.
3. Azure provides the Scheduled AKS cluster maintenance (preview feature) , is it Azure does the cluster upgrade?

Answer 1

You have several questions listed here so I will try to answer them as best as I can. Your questions are generic and not related to Terraform, so I will address Terraform separately at the bottom.

What happens to the workloads during the cluster upgrade.

During an upgrade, it depends on whether Azure is doing the upgrade, or you are doing it manually. If Azure does the upgrade, it may be disruptive depending on the settings you choose when you create the cluster.

If you do the upgrade yourself, you can do it with no downtime, but it does require some azure cli usage due to how the AKS terraform code is designed.

Can i do the AKS cluster upgrade and node upgrade same time.

Yes. If your node is out of date and you schedule a cluster upgrade, the nodes will be brought up to date in the process of upgrading the cluster.

Azure provides the Scheduled AKS cluster maintenance (preview feature) , is it Azure does the cluster upgrade?

No. A different setting determines if Azure does the upgrade. This Scheduled Maintenance feature is designed to allow you to specify what times and days Microsoft is NOT allowed to do maintenance. The default when you don't specify a Scheduled Maintenance is that Microsoft may perform upgrades at any time:

https://docs.microsoft.com/en-us/azure/aks/planned-maintenance

Your AKS cluster has regular maintenance performed on it automatically. By default, this work can happen at any time. Planned Maintenance allows you to schedule weekly maintenance windows that will update your control plane as well as your kube-system Pods on a VMSS instance and minimize workload impact

The feature you are looking for regarding AKS performing cluster upgrades is called Cluster Autoupgrade, and you can read about that here: https://docs.microsoft.com/en-us/azure/aks/upgrade-cluster#set-auto-upgrade-channel-preview

Now in regards to performing a cluster upgrade with Terraform. Currently, due to how azurerm_kubernetes_cluster is designed, it is not possible to perform an upgrade of a cluster using only Terraform. Some azure-cli usage is required. It is possible to perform a cluster upgrade without downtime, but not possible by exclusively using Terraform. The steps to perform such an upgrade are detailed pretty well in this blog post: https://blog.gft.com/pl/2020/08/26/zero-downtime-migration-of-azure-kubernetes-clusters-managed-by-terraform/

Answer 2

AKS Cluster uses concept of buffer node when upgrade is performed. It brings a buffer node, move the workload to buffer node and upgrades the actual node. Time taken to upgrade the cluster depends on number of nodes in the cluster.

https://docs.microsoft.com/en-us/azure/aks/upgrade-cluster#upgrade-an-aks-cluster

You can upgrade Control Plane as well as Hosted Plane using Azure CLI.

#az aks upgrade --resource-group <ResourceGroup> --name <ClusterName> -k <KubernetesVersion>