Thanks Rata! Definitely helpful information.
Are you running your clusters on AWS? As I understand, kops works well with cloud providers, but not necessarily on bare metal. In our case, we run clusters on our own hardware, so we’re using kubesray with ansible.
Anyway, if you upgrade once a quarter, did it happen that you had to jump versions? If so, did kops handle that well?
As for security bugs, even if you upgrade often, wouldn’t they still hit you at some point? For example, right now I’m thinking to upgrade from 1.7 to 1.10. I could go 1.7->1.8->1.9->1.10, one at a time, if there’re security bugs in between, it would affect one of the upgrades. Or I could build a 1.10 cluster, and start migrating all the services over and deal with the same security bug – which probably require some application code change?
Upgrade in staging is a great idea. What release are you on today?
Thanks a lot!