Azure-docs: How will Microsoft notify customers about a needed worker node reboot?

Created on 21 Jul 2019 · 11Comments · Source: MicrosoftDocs/azure-docs

Hi,
This is stated in this article:
“When a security patch requires worker node reboots, Microsoft will notify customers of this requirement.“
Who is notified and how?
Regards Peter

Document Details

⚠ Do not edit this section. It is required for docs.microsoft.com ➟ GitHub issue linking.

ID: 36ecef62-68f2-9e81-f4b6-da2b49d1a653
Version Independent ID: a6c2c35a-8a12-a9de-0a4e-669cf8506892
Content: Support policies for Azure Kubernetes Service (AKS)
Content Source: articles/aks/support-policies.md
Service: container-service
GitHub Login: @jnoller
Microsoft Alias: jenoller

Pri2 assigned-to-author container-servicsvc product-question triaged

Source

theheatDK

👍1

Most helpful comment

Assign this issue to me. /var/run/reboot-required is only for operating system security updates, not AKS cluster, kubernetes, or other updates. Those notifications are sent via Portal notification, the AKS release notes, etc.

I will clarify the wording

jnoller on 31 Jul 2019

👍3

All 11 comments

Thanks for the question. We are currently investigating and will update you shortly.

Karishma-Tiwari-MSFT on 22 Jul 2019

Related comment in another issue https://github.com/MicrosoftDocs/azure-docs/issues/35195#issuecomment-511754085

@theheatDK After applying patches to the node, AKS creates a file /var/run/reboot-required.

Other than that , I am not aware of any notification process. I will check with the team and update you

jakaruna-MSFT on 22 Jul 2019

@jnoller @jluk Please add your comments

jakaruna-MSFT on 22 Jul 2019

@theheatDK I checked with my team.
Currently no notifications will be send other than the file creation which is happening inside the server.

We can achieve notification by various means. Easiest way is to deploy a daemon set which will check the files existence and notify if its there.

My team suggested a Medium article written by Dennis Zielke, which you can use as a starting point. In that article author used a daemon set to find the files existence and then writing a message in console. Later the author is using log analytics to created a dashboard. We can use the same log analytics alert to trigger a alert as well.

There is an existing feedback item here https://feedback.azure.com/forums/914020-azure-kubernetes-service-aks/suggestions/38173222-addon-for-automatic-reboot-of-nodes which is related to the rebooting of AKS nodes.
You can upvote there or create a new one here https://feedback.azure.com/forums/914020-azure-kubernetes-service-aks

Product teams look into these feedback and review them.

jakaruna-MSFT on 29 Jul 2019

@theheatDK
I will close this out for now. If you need additional help please let me know and we can reopen and continue.

jakaruna-MSFT on 29 Jul 2019

Thanks @jakaruna-MSFT,
Maybe somebody should update the documentation since it is currently wrong :-)
You mention /var/run/reboot-required. This is a standard Ubuntu functionality. I assume that there could be AKS patches that require a reboot. Will this also be communicated via /var/run/reboot-required?
Regards Peter

theheatDK on 29 Jul 2019

👍1

I will clarify the wording

jnoller on 31 Jul 2019

👍3

Hi @jnoller ,

Is there any "/var/run/reboot-required" equivalent for Windows nodes requiring a reboot ?
I thnik the whole reboot responsibilty problem is same for Windows nodes, isn't it ?