Implications of Running “Too Old” Kubernetes (k8s) Versions in Amazon Elastic Kubernetes Service (EKS)

Our organization is actively moving away from Docker Shim, aiming for a clean transition to EKS version 1.24+ by October deadline—but we’re grappling with compatibility issues on our current setup of eks 1.23. Here are some key takeaws:

• Amazon outlines what will occur after the end date for your k8’s version—key points to note here include a gradual, automatic update process initiated by Amazon EKS following support cessation and unpredictable timing of these updates:
  • End Date & Updates: The control plane (master/manager components) will be updated automatically post-support end date. This could occur at any time after October 10, 2023—for version EKS 1.23. It’s prudent to manually monitor and handle these updates if necessary for critical processes like your Docker Shim usage cases:
  • Security & Priority: AWS emphasizes maintaining high security standards even after support ends; thus, leaving control planes on old versions might risk breaches. This underscores the importance of timely upgrades and adherence to best practices for container orchestration platforms like k8s in a managed service context such as EKS:
    • Cluster Control Plane & Node Groups: Notably, there are separate update mechanisms between cluster control plane (where AWS manages the manager components) and your worker node groups. Your Docker Shim scenarios might be secure on those nodes independently of any changes made to the master/manager parts; however, it’s still recommended for optimal performance that they align with supported versions:

In summary, while maintaining older k8’s in EKS doesn’t inherently guarantee issues—especially not if you are handling critical use cases such as Docker Shim independently on worker nodes within your domain control—it is prudent to stay abreast of AWS guidelines and strategically plan updates before the deadline.