We have updated our AWS EKS-based reference solution to be compatible with Kubernetes 1.13. More specifically, EKS uses K8s v1.13.10.
Actions to take
No specific actions are rerquired.
The following features are now supported in Kubernetes 1.13 Amazon EKS clusters:
PodSecurityPolicyadmission controller is now enabled. This admission controller allows fine-grained control over pod creation and updates. For more information, see Pod Security Policies.
Amazon ECR interface VPC endpoints (AWS PrivateLink) are supported. When enabled, all network traffic between a VPC and Amazon ECR is restricted to the Amazon network. We’ll be rolling out AWS PrivateLink for all VPCs soon.
DryRunfeature is in beta in Kubernetes 1.13 and is enabled by default on EKS. For more information, see Dry run in the Kubernetes documentation.
TaintBasedEvictionsfeature is in beta in Kubernetes 1.13 and is enabled by default on EKS. For more information, see Taint based Evictions in the Kubernetes documentation.
Raw block volume support is in beta in Kubernetes 1.13 and is enabled by default on EKS. This is accessible via the
volumeDevicescontainer field in pod specs, and the
volumeModefield in persistent volume and persistent volume claim definitions. For more information, see Raw Block Volume Support in the Kubernetes documentation.
Node lease renewal is treated as the heartbeat signal from the node, in addition to its
NodeStatusupdate. This reduces load on the control plane for large clusters. For more information, see https://github.com/kubernetes/kubernetes/pull/69241.
For the complete Kubernetes 1.13 changelog, see https://github.com/kubernetes/kubernetes/blob/master/CHANGELOG-1.13.md.
EKS cluster add-on changes:
- CoreDNS has been updated to
- Kube-proxy has been upadted to
- Cluster-autoscaler has been updated to
- We’re still using Calico
v3.6.1. We’re looking into upgrading Calico in the coming weeks