Node management
Change kernel parameters
Pod’s securityContext
will most likely result in SysctlForbidden
erros.
To workaround, create DaemonSet.
Reboot node
Manually, through the Azure portal or the Azure CLI.
By upgrading your AKS cluster. The cluster upgrades cordon and drain nodes automatically and then bring a new node online with the latest Ubuntu image and a new patch version or a minor Kubernetes version. For more information, see Upgrade an AKS cluster.
By using Kured, an open-source reboot daemon for Kubernetes. Kured runs as a DaemonSet and monitors each node for the presence of a file that indicates that a reboot is required. Across the cluster, OS reboots are managed by the same cordon and drain process as a cluster upgrade.
References
https://docs.microsoft.com/en-us/azure/aks/faq#are-security-updates-applied-to-aks-agent-nodes
SSH to nodes
Set your subscription.
Set an env var with your cluster resources RG.
Add your RSA key to the node.
Get your node IP.
Run a pod.
Install SSH client.
Setup the id_rsa file.
SSH to your node.
Last updated