Hi all! hope I have reached the right place with the following question:
In general, would you recommend adding seccompProfile.type=RuntimeDefault to securityContext on any container running on k8s workloads? or am I missing something?
Moved here from terraform channel
Automating k8s upgrades: has anyone successfully automated upgrade of k8s cluster (managed via EKS)?
Namely you have a script you run it does this (some of it via terraform, some via helm, some bash, etc)
• it verifies all pre-requisites are met
• verifies that no deprecated apis have been removed
• ensures the worker nodes are at same version as control plane
• ensure correct kubectl is installed since kubectl only supports +- 1 minor delta from current and target
• upgrade control plane
• upgrade add-ons and other “operationsl” charts (like external dns, cloudwatch agent, etc)
• upgrade the worker nodes
• repeat the whole process if you were more than one minor away from target
I am skeptical this is worth automating, or that it is even safe, but I’m curious, maybe it has been done.