I find that in my experience that a Node Image may need to get an update due to a big or security vulnerability. This is a seldom occurring occasion but I strongly be prepared for production environments.
So what is a Node Image upgrade?
MS docs says
AKS supports upgrading the images on a node so you’re up to date with the newest OS and runtime updates. AKS regularly provides new images with the latest updates, so it’s beneficial to upgrade your node’s images regularly for the latest AKS features. Linux node images are updated weekly, and Windows node images updated monthly. Although customers will be notified of image upgrades via the AKS release notes, it might take up to a week for updates to be rolled out in all regions.– https://learn.microsoft.com/en-us/azure/aks/node-image-upgrade
A Kubernetes version upgrade will also do node image upgrade, but you may want to play it safe and be conservative by having more granular control of just doing a node image upgrade manually. Especially if you have multiple node pools and just want to focus on a particular node pool.
A Node image upgrade consists of the following:
- Security: Node image upgrades can include security updates that address vulnerabilities, patches for security breaches, and improved security configurations that help protect your applications and data from cyber-attacks.
- Stability and reliability: Upgrading to newer node images can improve the stability and reliability of your AKS clusters. Newer versions of node images can include bug fixes and performance improvements that can help keep your cluster running smoothly.
- Feature updates: Upgrading to a newer node image can also provide access to new features and functionality that are not available in previous versions. This can help you take advantage of new capabilities and improvements that can enhance your applications.
- Compliance: Upgrading to newer node images can help you maintain compliance with industry standards and regulations. For example, if your organization is subject to the General Data Protection Regulation (GDPR), upgrading to newer node images that include privacy and security features can help you stay in compliance.
- Support: Some versions of node images may no longer be supported by Microsoft. Upgrading to a newer version can ensure that you continue to receive support and updates for your AKS cluster.
You can find further details of AKS versions and respective node image updates at https://github.com/Azure/AKS/releases
Here are the steps to showcase an upgrade procedure.
Click on Node pools
See each node’s image version.
Click into one of the nodes.
Click on Update image.
See if there an Later version great than the current version.
Click on Update image button to start the upgrade process.
After several minutes, see that one of the nodes image version got updated.
After another several minutes, in this case, node pool is confirmed to be using the latest image.
Node Image Upgrades focus on the individual nodes that make up your cluster, while AKS cluster upgrades focus on the control plane components that manage your cluster. It’s important to plan and perform these upgrades carefully to ensure that your AKS environment remains stable and secure.