Kubernetes Services
      Back to home
      1. CNS Policies
      2. Azure Knowledge Base
      3. Kubernetes Services

      Kubernetes Different Node Pool Version

      Risk Level: Low

      Description

      This plugin ensures that the Kubernetes version is the same across the node pools with the cluster. AKS supports provisioning clusters from several versions of Kubernetes. Node pools should be at par with the cluster Kubernetes version to avoid endpoint and integration issues.

      About the Service

      Kubernetes services: Azure provides a fully managed container management service called Azure Kubernetes services. It enables continuous integration and deployment of software. The service offers scalability, end to end deployment and availability. Kubernetes helps in facilitating communication between the containers, its management and auto-scaling.

      Impact

      Mentioning mismatched versions of the service can cause endpoint and integration issues in the product. It is suggested to use the latest version of the Kubernetes services to ensure better services and security.

      Steps to Reproduce

      1. Login to the Azure portal.
      2. Click on Kubernetes services under Services or type “Kubernetes services” in the search box.
      3. Select any one of the provided accounts to check for the issue.
      4. Mark the version of the Kubernetes given under the Kubernetes version.
      5. Go to Node pools under Settings from the Navigation bar.
      6. If the Kubernetes version in any of the provided node pools is not the same as the one marked on the overview page, visit the steps to remediation section.
      7. Repeat the steps for other clusters as well.

      Steps for Remediation

      1. Login to azure portal.
      2. Click on Kubernetes services under Services or type “Kubernetes services” in the search box.
      3. Select any one of the provided accounts to remediate the version issue.
      4. From the options menu, select Upgrade Kubernetes, select the version mentioned on the overview page (although, it is recommended to use and update to the latest version of the service at both places). Click on Apply. Wait for the changes to get saved.
      5. Repeat steps for other vulnerable clusters as well.

      Please feel free to reach out to support@pingsafe.ai with any questions that you may have.

      Thanks

      PingSafe Support