Hi @Ludo
Thank You for posting in Q & A.
Upgrade a specific node pool
https://learn.microsoft.com/en-us/azure/aks/node-image-upgrade#upgrade-a-specific-node-pool
Upgrade all nodes in all node pools
https://learn.microsoft.com/en-us/azure/aks/node-image-upgrade#upgrade-all-nodes-in-all-node-pools
Check if your node pool is on the latest node image
https://learn.microsoft.com/en-us/azure/aks/node-image-upgrade#check-if-your-node-pool-is-on-the-latest-node-image
There is an additional process in AKS that lets you upgrade a cluster. An upgrade is typically to move to a newer version of Kubernetes, not just apply node security updates. An AKS upgrade performs the following actions:
- A new node is deployed with the latest security updates and Kubernetes version applied.
An old node is cordoned and drained.
Pods are scheduled on the new node.
The old node is deleted. - By default, AKS uses one additional node to configure upgrades.
You can control this process by increase --max-surge parameter
To speed up the node image upgrade process, you can upgrade your node images using a customizable node surge value. - Security and kernel updates to Linux nodes:
In an AKS cluster, your Kubernetes nodes run as Azure virtual machines (VMs). These Linux-based VMs use an Ubuntu image, with the OS configured to automatically check for updates every night. If security or kernel updates are available, they are automatically downloaded and installed.
Some security updates, such as kernel updates, require a node reboot to finalize the process. A Linux node that requires a reboot creates a file named /var/run/reboot-required. This reboot process doesn't happen automatically.
Refer - https://stackoverflow.com/questions/63501141/azure-kubernetes-service-node-pool-upgrades-patches
https://learn.microsoft.com/en-us/azure/aks/upgrade-cluster
If the Answer is helpful, please click Accept Answer
and up-vote, this can be beneficial to other community members.