Listen to this Post
The latest version of Kubernetes 1.33 is now available on the Elastic Kubernetes Service (EKS) on AWS. This version marks a significant shift as it is the first release not supported on Amazon Linux 2 (AL2). Instead, it is exclusively available on Amazon Linux 2023 (AL2023) and Bottlerocket-based AMIs.
If you are still running workloads on AL2, you must migrate to AL2023 or Bottlerocket to stay current with Kubernetes updates.
Reference:
Amazon EKS and Amazon EKS Distro now supports Kubernetes version 1.33 – AWS
You Should Know:
- Migrating from Amazon Linux 2 to Amazon Linux 2023
To upgrade your EKS nodes to AL2023, follow these steps:
Step 1: Check Current Node OS
kubectl get nodes -o wide
Look for `amazonlinux2` in the OS-IMAGE column.
Step 2: Create a New Node Group with AL2023
Update your CloudFormation/Terraform template or use `eksctl`:
eksctl create nodegroup \ --cluster my-cluster \ --name al2023-ng \ --node-type t3.medium \ --nodes 3 \ --node-ami-family AmazonLinux2023
Step 3: Drain and Replace Old Nodes
Cordon and drain AL2 nodes:
kubectl cordon <AL2-node-name> kubectl drain <AL2-node-name> --ignore-daemonsets --delete-emptydir-data
Then delete the old node group.
2. Using Bottlerocket OS for Kubernetes
Bottlerocket is a secure, minimal OS designed for containers.
Deploying Bottlerocket Nodes
With `eksctl`:
eksctl create nodegroup \ --cluster my-cluster \ --name bottlerocket-ng \ --node-type t3.medium \ --nodes 2 \ --node-ami-family Bottlerocket
SSH into Bottlerocket Nodes (Admin Container)
aws ssm start-session --target <instance-id>
3. Verifying Kubernetes 1.33 Deployment
Check cluster version:
kubectl version --short
List available EKS versions:
aws eks describe-addon-versions --kubernetes-version 1.33
4. Key Kubernetes 1.33 Features
- Improved CRI (Container Runtime Interface) performance
- Enhanced security policies with PodSecurity admission
- Better support for Windows containers
Check new features:
kubectl get --raw /version
What Undercode Say
Migrating from AL2 to AL2023 or Bottlerocket is essential for staying updated with Kubernetes security patches and features. Bottlerocket provides a more secure, immutable OS, while AL2023 offers better compatibility with newer AWS services.
Key Commands Recap:
- Check Nodes: `kubectl get nodes -o wide`
- Drain Nodes: `kubectl drain
–ignore-daemonsets` - Bottlerocket SSH: `aws ssm start-session –target
` - EKS Version Check: `aws eks describe-addon-versions –kubernetes-version 1.33`
Prediction
As Kubernetes evolves, AWS will likely phase out AL2 entirely in favor of Bottlerocket and AL2023. Expect tighter integration with AWS Nitro Enclaves for confidential computing in future releases.
Expected Output:
NAME STATUS OS-IMAGE KERNEL-VERSION ip-10-0-1-10 Ready Amazon Linux 2023 5.15.123-123.456.amzn2023 ip-10-0-2-20 Ready Bottlerocket 5.10.123
IT/Security Reporter URL:
Reported By: Darryl Ruggles – Hackers Feeds
Extra Hub: Undercode MoN
Basic Verification: Pass ✅
