AWS Infrastructure · Kubernetes

EKS upgrades, executed without incident.

We upgrade production Amazon EKS clusters through a planned, documented, zero-downtime process — for teams that know they need to upgrade but don't have the bandwidth to do it properly in-house.

Request a Free Assessment View Engagement Scope

eks-upgrade-plan.log

$ kubectl version --short
Server Version: v1.29.4-eks standard support ending

$ mtc plan --target 1.36
⚠ 7 version increments detected
1.29 → 1.30 → 1.31 → ... → 1.36
→ reviewing add-ons (CoreDNS, VPC-CNI, EBS-CSI)
→ checking deprecated APIs in workloads
✓ plan generated: 7 change windows
✓ rollback plan documented

$ mtc upgrade --step 1/7
✓ control plane → 1.30 — OK
✓ node groups → 1.30 — OK
→ validating critical workloads...
✓ 0 pods down · 0 downtime

AWS retires standard support for each EKS version roughly 14 months after release. After that, you're still paying — for extended support, not for staying put.

+200%

approximate per-node cost increase under EKS extended support

Kubernetes API deprecations per version jump — legacy workloads can break

target downtime: control plane and node groups are migrated one at a time

The Engagement

EKS Upgrade & Hardening

A single engagement with a defined scope, built for teams running EKS in production that need to catch up without derailing the rest of their roadmap.

Statement of Work

For teams running a production EKS cluster on a version past standard support, or without an upgrade in 8+ months.

EKS 1.27 – 1.36

In Scope

Cluster diagnostic: version, add-ons, deprecated APIs, workload compatibility
Documented upgrade plan, version by version, with windows and rollback steps
Execution of control plane and node group upgrades (including Karpenter)
Post-upgrade validation: smoke tests, autoscaling, ingress, monitoring
Final report and a reusable upgrade runbook

Out of Scope

New application feature development
Cloud provider migration
24/7 support after delivery (available separately as a retainer)
Full infrastructure-as-code refactor (can be scoped as a separate engagement)

Estimated Duration

2 to 4 weeks, depending on version distance and cluster complexity

Deliverable

Cluster on the target version, technical documentation, and a reusable upgrade runbook

How It's Executed

Four Stages, in Sequence

A well-executed EKS upgrade is sequential — each stage depends on the one before it.

01 / Diagnostic

Current-state assessment

Cluster version, add-ons, deprecated APIs in use, and specific risks — before anything is touched.

02 / Plan

Technical upgrade document

Version-by-version path, proposed change windows, and a rollback plan for every step.

03 / Execution

Controlled upgrade

Control plane and node groups, outside peak hours, with validation checkpoints at every step.

04 / Validation

Close-out and handover

Active monitoring for 48–72 hours post-upgrade, a final report, and runbook handover to your team.

Why Macías Tech

Production Experience, Not Theory

This is what we've executed on real, production infrastructure — at scale, in organizations with demanding compliance requirements.

AWS accounts managed in production for a regional tourism company

1.30 → 1.36

consecutive EKS upgrades executed on live production environments

PCI DSS

technical support across cloud infrastructure compliance audits

6+ years

in cloud infrastructure: Globant, Accenture, Global Hitss, Acciona IT, CVC Corp

Also in development: Terraform & Terragrunt (IaC) AWS Cost Optimization (FinOps) RDS → EC2 Database Migrations On-Prem Kubernetes (RKE2 / Rancher)

Get Started

Does your EKS cluster need an upgrade?

Send us your cluster's current version and we'll respond within 24 hours on whether an initial assessment makes sense.

Email info@maciastechcompany.com

or connect on LinkedIn · maciastechcompany.com