Ubuntu on Amazon Elastic Kubernetes Service (EKS)

Canonical and Amazon work together to make Ubuntu worker nodes available for Amazon’s Elastic Kubernetes Services (EKS). This fully-managed service makes it easy to use Kubernetes on AWS, without being an expert in managing Kubernetes clusters.

These images are customised specifically for the EKS service, and are not intended as general OS images. To deploy an EKS cluster, follow the EKS user guide .

Latest changes

20230927: Add 1.28 amis wth serial 20230926.

20230922

Add 1.23, 1.24, 1.25, 1.26 and 1.27 amis with serial 20230922 to address #1982107 and #2034002

20230804

Add 1.24, 1.25, 1.26 and 1.27 amis with serial 20230804. Add 1.23 amis with serial 20230802.

20230623

Add 1.27 amis with serial 20230622. Add 1.23, 1.24, 1.25 and 1.26 amis with serial 20230623.

20230517

Add 1.26, 1.25, 1.24, 1.23 and 1.22 amis with serial 20230517, to address #2017782 and #2012689

20230424

Add 1.26 amis with serial 20230424.

20230420

Add 1.25, 1.24, 1.23 and 1.22 amis with serial 20230420.

20230328

Add 1.25, 1.24, 1.23 and 1.22 amis with serial 20230328.

20230322

Add 1.25, 1.24, 1.23 and 1.22 amis with serial 20230322.

20230315

Add 1.25, 1.24, 1.23 and 1.22 amis with serial 20230315, to address #2011408

20230303

Add 1.25, 1.24, 1.23 and 1.22 amis with serial 20230303.

20230224

Add 1.25 amis with serial 20230224.

20230131

Add 1.24, 1.23, 1.22 and 1.21 platform amis with serial 20230131, to address #2003926

20230118

Add 1.24, 1.23, 1.22 and 1.21 platform amis with serial 20230118, to address #2002659

20230114

Add 1.24, 1.23 platform amis with serial 20230114 and 1.22 and 1.21 platform amis with serial 20230113. Those include updated versions for kubelet and kubectl.

20221208

Add 1.24, 1.23, 1.22 and 1.21 platform amis with serial 20221208.1. Those include updated versions for kubelet and kubectl (1.24.7, 1.23.13, 1.22.16 and 1.21.14).

20221206

Add 1.24, 1.23, 1.22 and 1.21 platform amis with serial 20221206.1.

20221111

EKS 1.20 is EOL so drop those AMIs.

20221104

Add 1.23, 1.22, 1.21 and 1.20 platform amis with serial 20221104.

20221018

Add 1.23, 1.22, 1.21 and 1.20 platform amis with serial 20221018, to address CVE-2022-2602

20221014

Add 1.23, 1.22, 1.21 and 1.20 platform amis with serial 20221014.

20221011

Add 1.23, 1.22, 1.21 and 1.20 platform amis with serial 20221011.

20220921

Add 1.23, 1.22, 1.21 and 1.20 platform amis with serial 20220921.

20220913

Add 1.23, 1.22, 1.21 and 1.20 platform amis with serial 20220913.

20220830

EKS 1.19 is EOL so drop those AMIs.

20220822

Add 1.23 amis with serial 20220822.2.

20220810

Add 1.22, 1.21, 1.20 and 1.19 platform amis with serial 20220810.

20220718

Add 1.22, 1.21, 1.20 and 1.19 platform amis with serial 20220718.

20220713

Add 1.22, 1.21, 1.20 and 1.19 platform amis with serial 20220713.

20220623

Add 1.22, 1.21, 1.20 and 1.19 platform amis with serial 20220623.

20220617

Add 1.22, 1.21, 1.20 and 1.19 platform amis with serial 20220617.

20220522

Add 1.22, 1.21, 1.20 and 1.19 platform amis with serial 20220522.

20220518.1

Add 1.22, 1.21, 1.20 and 1.19 platform amis with serial 20220518.1. For images using docker, log rotation is setup now ( #1971765 )

20220503

Add 1.22, 1.21, 1.20 and 1.19 platform amis with serial 20220503.

20220419.1

Add 1.22, 1.21, 1.20 and 1.19 platform amis with serial 20220419.1. Pause container is now configured via --pod-infra-container-image kubelet option for both dockershim and containerd container runtimes ( #1968830 ).

20220406

Add 1.22 platform AMI with serial 20220406. All AMIs for EKS 1.22 will use containerd as Kubernetes container runtime instead of dockershim. Also EKS 1.18 is EOL so drop it.

20220404

Add 1.21, 1.20, 1.19 and 1.18 platform amis with serial 20220404.

20220402

Add 1.21, 1.20, 1.19 and 1.18 platform amis with serial 20220402.

20220325

Add 1.21, 1.20, 1.19 and 1.18 platform amis with serial 20220325.

20220323

Add 1.21, 1.20, 1.19 and 1.18 platform amis with serial 20220323.

20220308

Add 1.21, 1.20, 1.19 and 1.18 platform amis with serial 20220308, to address CVE-2022-0847 , CVE-2022-0001 and CVE-2022-23960 .

20220304

Add 1.21, 1.20, 1.19 and 1.18 platform amis with serial 20220303.

20220222

Add 1.21, 1.20, 1.19 and 1.18 platform amis with serial 20220221.1. The EKS related snaps switched to core20.

20220118

Add 1.21, 1.20, 1.19 and 1.18 platform amis with serial 20220118, for CVE-2022-0185 .

20220110.2/20220111

Add 1.21 and 1.20 platform amis with serial 20220110.2, 1.19 and 1.18 platform amis with serial 20220111, for CVE-2021-4204 .

20220107

Add 1.21, 1.20, 1.19 and 1.8 platform amis with serial 20220107.

20211124

EKS 1.17 is now EOL, removed images from page

20211005

Add 1.21, 1.20, 1.19 and 1.18 platform amis with serial 20211005 and 1.17 platform amis with serial 20211004 for CVE-2021-41103 .

20211001

EKS 1.16 is now EOL, removed images from page

20210823

Add 1.21 platform amis with serial 20210823.

20210823

Add 1.20 platform amis with serial 20210823. This includes updated versions (1.20.7) of kubelet and kubectl.

20210720

Address numerous kernel and systemd CVEs.

20210623/20210623.1

Add 1.20, 1.19 and 1.18 platform amis with serial 20210623 and 1.17 and 1.16 platform amis with serial 20210623.1 for CVE-2021-3600 and CVE-2021-3609.

20210618

Add 1.20 platform amis with serial 20210618. This adds back the CNI plugins. See LP:#1932116

20210609

Add 1.20 platform amis with serial 20210609

20210608

Add 1.17 and 1.18 platform amis with serial 20210608. This includes updated versions (1.17.17 and 1.18.16) of kubelet and kubectl.

20210517

EKS 1.15 is now EOL, removed images from page

20210426

Add 1.15, 1.16 and 1.17 platform amis with serial 20210426. This includes a fix when Metadata version is set to V2 only (token required). See LP:#1925487

20210423

Add 1.18 & 1.19 platform amis with serial 20210423.1. This includes a fix when Metadata version is set to V2 only (token required). See LP:#1925487

20210419

Add 1.19 platform amis with serial 20210419. This includes updated versions (1.19.8) of kubelet and kubectl.

20210416

Updates to EKS AMIs for all Kubernetes versions for CVE-2021-3493, CVE-2021-3492 and CVE-2021-29154.

20210413

Add 1.19 platform amis with serial 20210409. This includes updated versions (1.19.6) of kubelet and kubectl.

20210217

Add 1.19 platform amis with serial 20210211.

20210127

Update all images with fixes for cloud-init key handling issue. See the cloud-init changelog in launchpad for specific details on the fix.

20210108

Update all images with the latest docker.io and containerd from archive

20210107

EKS 1.14 is now EOL, removed images from page

20201211

Updates to EKS AMIs for Kubernetes 1.18 due to RAID 10 kernel regression

20201130

Updates to EKS AMIs for Kubernetes 1.18 for CVE-2020-15257

20201015

Updates to EKS AMIs for Kubernetes 1.18 for CVE-2020-15157

Show worker node images for: Kubernetes

1.28

1.27

1.26

1.25

1.24

1.23

Region	Use this or later image
Africa (Capetown) (af-south-1)	ami-0579816d07c67446a _amd64 ami-0616336fed96d164f _arm64
Asia Pacific (Hong Kong) (ap-east-1)	ami-0d47c19c6e3d570d6 _amd64 ami-0f2fe17c80454fc31 _arm64
Asia Pacific (Tokyo) (ap-northeast-1)	ami-0c0c64f81366bd03a _amd64 ami-0965dc8a06656d2ba _arm64
Asia Pacific (Seoul) (ap-northeast-2)	ami-0f0aeca5dd66f8ad0 _amd64 ami-0cf86c2ae1c63509a _arm64
Asia Pacific (Osaka-Local) (ap-northeast-3)	ami-0a8e6797b0c7e4f0a _amd64 ami-085338bfa775cf951 _arm64
Asia Pacific (Mumbai) (ap-south-1)	ami-0560abedc8c6967b0 _amd64 ami-042981f8455a291b7 _arm64
Asia Pacific (Hyderabad) (ap-south-2)	ami-07189e10fbc98fdf0 _amd64 ami-01b2051ad06b2aea4 _arm64
Asia Pacific (Singapore) (ap-southeast-1)	ami-07e86819a44f8f98c _amd64 ami-091e2a82da0afec8c _arm64
Asia Pacific (Sydney) (ap-southeast-2)	ami-0a96a97b5ba63b0f4 _amd64 ami-0dad6eac2e430274b _arm64
Asia Pacific (Jakarta) (ap-southeast-3)	ami-0663775aa40a6987b _amd64 ami-00545164fac20c374 _arm64
Asia Pacific (Melbourne) (ap-southeast-4)	ami-009106a172e7c4124 _amd64 ami-0a80ceeddebe5f3f5 _arm64
Canada (Central) (ca-central-1)	ami-06df12452b5e24a8d _amd64 ami-0cbaba5664cfc094b _arm64
EU (Frankfurt) (eu-central-1)	ami-03673776fa897dfc3 _amd64 ami-0a21d8bbf3f7551d8 _arm64
EU (Zurich) (eu-central-2)	ami-0ff2184132b737ad3 _amd64 ami-0f5449d98a3bb24ee _arm64
EU (Stockholm) (eu-north-1)	ami-08a74e86f208fe1e6 _amd64 ami-01dcd02a5bae251c5 _arm64
EU (Milan) (eu-south-1)	ami-0d7c070fbe4290cd2 _amd64 ami-06c6ccdc342eae2af _arm64
EU (Spain) (eu-south-2)	ami-06030fb9ebc032b73 _amd64 ami-04dc4e5e2fa80c82e _arm64
EU (Ireland) (eu-west-1)	ami-0f06f922184e65880 _amd64 ami-017a5c239cdcd6612 _arm64
EU (London) (eu-west-2)	ami-07d895cf5b3c0dca0 _amd64 ami-080525d59ddf87181 _arm64
EU (Paris) (eu-west-3)	ami-008b919c7799c96e5 _amd64 ami-04c3396538f740135 _arm64
Middle East (Israel) (il-central-1)	ami-0f481958849858b50 _amd64 ami-070d9b38827456f9b _arm64
Middle East (UAE) (me-central-1)	ami-09fd26d0393758b8c _amd64 ami-05d6abb99007cd145 _arm64
Middle East (Bahrain) (me-south-1)	ami-0bca9f2e5afd3c20e _amd64 ami-0ecebeddba5a9a6bf _arm64
South America (São Paulo) (sa-east-1)	ami-04c5aa82681469e9d _amd64 ami-050f44a2dbf03085c _arm64
US East (Virginia) (us-east-1)	ami-0f57736eef8483bce _amd64 ami-06ebab805796d802e _arm64
US East (Ohio) (us-east-2)	ami-0d9ec2930add3de7d _amd64 ami-05ec4258881b9f913 _arm64
US West (N. California) (us-west-1)	ami-085b13c06d5bef786 _amd64 ami-097040f1cd2933a5c _arm64
US West (Oregon) (us-west-2)	ami-064f1694d279d08bc _amd64 ami-0f2dc0a89619695b8 _arm64

Kubernetes 1.28

The latest Ubuntu worker node AMIs for Kubernetes 1.28 (N.B. EKS may not be available in some of these regions, check the list of current EKS regions ):

Important: EKS images that support Kubernetes 1.28 use the default amazon-eks-nodegroup.yaml , as specified in the AWS EKS Console Getting Started Guide . To use Ubuntu EKS images with the nodegroup template in Step 3: Launch and Configure Amazon EKS Worker Nodes, click the 'Launch Workers' link for your your region and Kubernetes release version, and enter the Ubuntu AMI ID for your region, listed on this page, into the field labeled 'NodeImageId'.