# EKS-upgrade-from-version-1.29-to-1.30_709421239
1. Upgrade coredns,kube-proxy,aws-node add-ons before EKS upgrade.  
	  
	[https://docs.aws.amazon.com/eks/latest/userguide/managing-coredns.html](https://docs.aws.amazon.com/eks/latest/userguide/managing-coredns.html "https://docs.aws.amazon.com/eks/latest/userguide/managing-coredns.html")  
	[https://docs.aws.amazon.com/eks/latest/userguide/managing-vpc-cni.html](https://docs.aws.amazon.com/eks/latest/userguide/managing-vpc-cni.html "https://docs.aws.amazon.com/eks/latest/userguide/managing-vpc-cni.html")  
	[https://docs.aws.amazon.com/eks/latest/userguide/managing-kube-proxy.html](https://docs.aws.amazon.com/eks/latest/userguide/managing-kube-proxy.html "https://docs.aws.amazon.com/eks/latest/userguide/managing-kube-proxy.html")  
	  
	**If custom networking(non-routable CIDR) is enabled on this farm, please re-enable it after updating VPC CNI plugin.**  
	`kubectl set env daemonset aws-node -n kube-system AWS_VPC_K8S_CNI_CUSTOM_NETWORK_CFG=` `true`
2. Upgrade EKS Cluster from 1.30 to 1.31,you may refer to [How to upgrade EKS in SaaS](https://rndwiki.houston.softwaregrp.net/confluence/display/SMA/How+to+upgrade+EKS+in+SaaS)
3. Run attached script,it will automatically create New Worker nodes and add tags.
	`nohup sh create-eks-worker.sh &`
4. Taint all the 1.30 worker nodes  
	`nodes=$(kubectl get nodes | grep -i v1.``30` `| awk ` `'{print $1}'``)`  
	`for` `node in $nodes`  
	`do`  
	`kubectl taint nodes ${node} podReScheduler=value:NoSchedule`  
	  
	`done`
5. Upgrade ESM 25.2.2 for OMT,SMAX,CMS,OOMT and Audit.
6. Check if there is any pods still on 1.30 worker nodes,if so,manually restart it.
	`nodes=$(kubectl get nodes | grep -i v1.``30` `| awk ` `'{print $1}'``)`  
	`for` `node in $nodes`  
	`do`  
	`kubectl get po -o wide -A | grep -i $node | grep -v ` `'aws-node-\|kube-proxy-\|ebs-csi-node\|twistlock-defender\|itom-prometheus-node-exporter-\|itom-throttling-controller\|Completed'` `| awk ` `'{print $1,$2}'`  
	`done`
	Or you can use attached script to rolling restart the pods by namespace  
	`Usage: ./rollingMigratePodsByNamespace.sh namespace1 namespace2 . .`  
	`nohup sh rollingMigratePodsByNamespace.sh audit core kube-system &`
7. **Terminate old 1.29 worker nodes**
8. After all old worknodes not displayed in the output of: kubectl get no, install qualys agents on the new worknodes, you can achieve this by copying the attached shell script to bastion and run it with(except for us24-prod): sh install\_qualys\_agent.sh **<farmName>**
9. SSH to one of the new worknode, check the qualys is installed by typing: **service qualys-cloud-agent status**