Share via

Pods Not Being Evicted From AKS Cluster

SEAN MCGURK 0 Reputation points
2025-08-13T08:05:59.7633333+00:00

I have an AKS cluster that has pods scheduled on it by means of the following helmsman command:

helmsman --keep-untracked-releases --debug --target release-name -f ./state_definition.toml

Once this completes, the application is deployed successfully to the cluster and 2 new pods are created but the existing pods for the application are not evicted by the scheduler

kubernetes version 1.31.1

Can anyone suggest a good starting point for beginning to look at this problem?

Azure Kubernetes Service
Azure Kubernetes Service
An Azure service that provides serverless Kubernetes, an integrated continuous integration and continuous delivery experience, and enterprise-grade security and governance.
0 comments

5 answers

Sort by: Most helpful
Most helpful Newest Oldest
  1. Akram Kathimi 1,831 Reputation points Microsoft Employee
    2025-08-13T08:48:43.5766667+00:00

    Hi @SEAN MCGURK ,

    Thank you for posting this question.

    • Start by verifying how the application is deployed. Check the workload type Inspect whether the application is managed by a Deployment, StatefulSet, or DaemonSet.
    • If you find multiple Deployments for the same app, the upgrade may have created a new Deployment instead of updating the existing one. This usually happens if the name or release labels changed.
    • If there’s only one Deployment, check the ReplicaSets. If you see multiple ReplicaSets with active pods, the old pods belong to an older ReplicaSet that hasn’t been scaled down. Check the events to see why the old pods are not being removed.

    Please Accept the answer if the information helped you. This will help us and others in the community as well.

  2. Akram Kathimi 1,831 Reputation points Microsoft Employee
    2025-08-13T11:21:02.4233333+00:00

    Hi @SEAN MCGURK ,

    From the describe deplyment output, we can see that the deployemnt does recognize the older replicaset as one of its own:

    Conditions:
  Type           Status  Reason
  ----           ------  ------
  Progressing    True    NewReplicaSetAvailable
  Available      True    MinimumReplicasAvailable
OldReplicaSets:  <none>
NewReplicaSet:   sso-svc-deployment-74b8cb4ffb (2/2 replicas created)
Events:          <none>

    The same thing is seen when checking the annotations: deployment.kubernetes.io/revision: 1

    This indicates that the deployment is only on its 1st revision, and didnt get any updates.

    It looks like the older replicaset belongs to an older deployment with the same name.

    To resolve the issue, delete the older replicaset sso-svc-deployment-6d548674b8.

    After that, try to redeploy the helm chart to see if the same issue occurs again, if it does, you would need to troubleshoot why this behavior is happening.

    0 comments
  3. SEAN MCGURK 0 Reputation points
    2025-08-13T11:56:27.48+00:00

    So I have:

    1. Deleted the replicaset(s)
    2. Re-deployed the application (re-created the deployment)

    And the second replicaset has now gone away but more pods have been added

    If I describe one of the (old) pods I get:

    Name:             sso-svc-deployment-6d548674b8-qd8k8


...


Status:           Running
IP:               10.xxx.xxx.xx 
IPs:   
  IP:           10.xxx.xxx.xx 
Controlled By:  ReplicaSet/sso-svc-deployment-6d548674b8

    But this replicaset no longer exists on the cluster - it has been replaced by a newer replicaset so these look like 'orphaned' pods that are still running on the cluster

    0 comments
  4. Akram Kathimi 1,831 Reputation points Microsoft Employee
    2025-08-13T12:32:56.99+00:00

    @SEAN MCGURK this looks like an issue that occurs when pods are not being terminated. Checking the deployment, this might be caused because of the host path mounted volume.

    Is the issue occurring with other deployments in the cluster? is it possible to remove this mount from the deployment as a test?

    btw, to force delete the pod you can use kubectl delete pod <> -n <> --force --grace-period=0

    0 comments
  5. SEAN MCGURK 0 Reputation points
    2025-08-13T17:59:33.0866667+00:00

    It seems like this is a known issue with Helm/Kubernetes.

    See: https://github.com/helm/helm/issues/2096

    The solution is therefore modify your deployment so that the chart name and chart version are no longer included as a label on the deployment

    0 comments

Your answer

Answers can be marked as Accepted Answers by the question author, which helps users to know the answer solved the author's problem.