Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Update Release Notes February 2024 #162

Merged
merged 2 commits into from
Feb 14, 2024
Merged

Update Release Notes February 2024 #162

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
2 commits
Select commit Hold shift + click to select a range
e8cad57
update release-notes/v1.XX.X.md
dereknola Feb 14, 2024
25163c5
Remove Chart Versions Tables from release notes
dereknola Feb 14, 2024
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
71 changes: 63 additions & 8 deletions docs/release-notes/v1.26.X.md
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -8,10 +8,11 @@ hide_table_of_contents: true
Before upgrading from earlier releases, be sure to read the Kubernetes [Urgent Upgrade Notes](https://github.com/kubernetes/kubernetes/blob/master/CHANGELOG/CHANGELOG-1.26.md#urgent-upgrade-notes).
:::

| Version | Release date | rke2-cilium | rke2-canal | rke2-calico | rke2-calico-crd | rke2-coredns | rke2-ingress-nginx | rke2-metrics-server | rancher-vsphere-csi | Canal (Default) | Calico | Cilium | Multus |
| Version | Release date | Kubernetes | Etcd | Containerd | Runc | Metrics-server | CoreDNS | Ingress-Nginx | Helm-controller | Canal (Default) | Calico | Cilium | Multus |
| ----- | ----- | ----- | ----- | ----- | ----- | ----- | ----- | ----- | ----- | ----- | ----- | ----- | ----- |
| [v1.26.12+rke2r1](v1.26.X.md#release-v12612rke2r1) | Dec 26 2023| [1.14.400](https://github.com/rancher/rke2-charts/raw/main/assets/rke2-cilium/rke2-cilium-1.14.400.tgz) | [v3.26.3-build2023110900](https://github.com/rancher/rke2-charts/raw/main/assets/rke2-canal/rke2-canal-v3.26.3-build2023110900.tgz) | [v3.26.300](https://github.com/rancher/rke2-charts/raw/main/assets/rke2-calico/rke2-calico-v3.26.300.tgz) | [v3.26.300](https://github.com/rancher/rke2-charts/raw/main/assets/rke2-calico/rke2-calico-crd-v3.26.300.tgz) | [1.24.006](https://github.com/rancher/rke2-charts/raw/main/assets/rke2-coredns/rke2-coredns-1.24.006.tgz) | [4.8.200](https://github.com/rancher/rke2-charts/raw/main/assets/rke2-ingress-nginx/rke2-ingress-nginx-4.8.200.tgz) | [2.11.100-build2023051510](https://github.com/rancher/rke2-charts/raw/main/assets/rke2-metrics-server/rke2-metrics-server-2.11.100-build2023051510.tgz) | [3.0.1-rancher101](https://github.com/rancher/rke2-charts/raw/main/assets/rancher-vsphere-csi/rancher-vsphere-csi-3.0.1-rancher101.tgz) | [Flannel v0.23.0](https://github.com/flannel-io/flannel/releases/tag/v0.23.0)<br/>[Calico v3.26.3](https://docs.tigera.io/calico/latest/release-notes/#v3.26) | [v3.26.3](https://docs.tigera.io/calico/latest/release-notes/#v3.26) | [v1.14.4](https://github.com/cilium/cilium/releases/tag/v1.14.4) | [v4.0.2](https://github.com/k8snetworkplumbingwg/multus-cni/releases/tag/v4.0.2) |
| [v1.26.11+rke2r1](v1.26.X.md#release-v12611rke2r1) | Dec 05 2023| [1.14.400](https://github.com/rancher/rke2-charts/raw/main/assets/rke2-cilium/rke2-cilium-1.14.400.tgz) | [v3.26.3-build2023110900](https://github.com/rancher/rke2-charts/raw/main/assets/rke2-canal/rke2-canal-v3.26.3-build2023110900.tgz) | [v3.26.300](https://github.com/rancher/rke2-charts/raw/main/assets/rke2-calico/rke2-calico-v3.26.300.tgz) | [v3.26.300](https://github.com/rancher/rke2-charts/raw/main/assets/rke2-calico/rke2-calico-crd-v3.26.300.tgz) | [1.24.006](https://github.com/rancher/rke2-charts/raw/main/assets/rke2-coredns/rke2-coredns-1.24.006.tgz) | [4.8.200](https://github.com/rancher/rke2-charts/raw/main/assets/rke2-ingress-nginx/rke2-ingress-nginx-4.8.200.tgz) | [2.11.100-build2023051510](https://github.com/rancher/rke2-charts/raw/main/assets/rke2-metrics-server/rke2-metrics-server-2.11.100-build2023051510.tgz) | [3.0.1-rancher101](https://github.com/rancher/rke2-charts/raw/main/assets/rancher-vsphere-csi/rancher-vsphere-csi-3.0.1-rancher101.tgz) | [Flannel v0.23.0](https://github.com/flannel-io/flannel/releases/tag/v0.23.0)<br/>[Calico v3.26.3](https://docs.tigera.io/calico/latest/release-notes/#v3.26) | [v3.26.3](https://docs.tigera.io/calico/latest/release-notes/#v3.26) | [v1.14.4](https://github.com/cilium/cilium/releases/tag/v1.14.4) | [v4.0.2](https://github.com/k8snetworkplumbingwg/multus-cni/releases/tag/v4.0.2) |
| [v1.26.13+rke2r1](v1.26.X.md#release-v12613rke2r1) | Feb 06 2024| [v1.26.13](https://github.com/kubernetes/kubernetes/blob/master/CHANGELOG/CHANGELOG-1.26.md#v12613) | [v3.5.9-k3s1](https://github.com/k3s-io/etcd/releases/tag/v3.5.9-k3s1) | [v1.7.11-k3s2](https://github.com/k3s-io/containerd/releases/tag/v1.7.11-k3s2) | [v1.1.12](https://github.com/opencontainers/runc/releases/tag/v1.1.12) | [v0.6.3](https://github.com/kubernetes-sigs/metrics-server/releases/tag/v0.6.3) | [v1.10.1](https://github.com/coredns/coredns/releases/tag/v1.10.1) | [nginx-1.9.3-hardened1](https://github.com/rancher/ingress-nginx/releases/tag/nginx-1.9.3-hardened1) | [v0.15.8](https://github.com/k3s-io/helm-controller/releases/tag/v0.15.8) | [Flannel v0.23.0](https://github.com/flannel-io/flannel/releases/tag/v0.23.0)<br/>[Calico v3.26.3](https://docs.tigera.io/calico/latest/release-notes/#v3.26) | [v3.26.3](https://docs.tigera.io/calico/latest/release-notes/#v3.26) | [v1.14.4](https://github.com/cilium/cilium/releases/tag/v1.14.4) | [v4.0.2](https://github.com/k8snetworkplumbingwg/multus-cni/releases/tag/v4.0.2) |
| [v1.26.12+rke2r1](v1.26.X.md#release-v12612rke2r1) | Dec 26 2023| [v1.26.12](https://github.com/kubernetes/kubernetes/blob/master/CHANGELOG/CHANGELOG-1.26.md#v12612) | [v3.5.9-k3s1](https://github.com/k3s-io/etcd/releases/tag/v3.5.9-k3s1) | [v1.7.11-k3s2](https://github.com/k3s-io/containerd/releases/tag/v1.7.11-k3s2) | [v1.1.10](https://github.com/opencontainers/runc/releases/tag/v1.1.10) | [v0.6.3](https://github.com/kubernetes-sigs/metrics-server/releases/tag/v0.6.3) | [v1.10.1](https://github.com/coredns/coredns/releases/tag/v1.10.1) | [nginx-1.9.3-hardened1](https://github.com/rancher/ingress-nginx/releases/tag/nginx-1.9.3-hardened1) | [v0.15.4](https://github.com/k3s-io/helm-controller/releases/tag/v0.15.4) | [Flannel v0.23.0](https://github.com/flannel-io/flannel/releases/tag/v0.23.0)<br/>[Calico v3.26.3](https://docs.tigera.io/calico/latest/release-notes/#v3.26) | [v3.26.3](https://docs.tigera.io/calico/latest/release-notes/#v3.26) | [v1.14.4](https://github.com/cilium/cilium/releases/tag/v1.14.4) | [v4.0.2](https://github.com/k8snetworkplumbingwg/multus-cni/releases/tag/v4.0.2) |
| [v1.26.11+rke2r1](v1.26.X.md#release-v12611rke2r1) | Dec 05 2023| [v1.26.11](https://github.com/kubernetes/kubernetes/blob/master/CHANGELOG/CHANGELOG-1.26.md#v12611) | [v3.5.9-k3s1](https://github.com/k3s-io/etcd/releases/tag/v3.5.9-k3s1) | [v1.7.7-k3s1](https://github.com/k3s-io/containerd/releases/tag/v1.7.7-k3s1) | [v1.1.8](https://github.com/opencontainers/runc/releases/tag/v1.1.8) | [v0.6.3](https://github.com/kubernetes-sigs/metrics-server/releases/tag/v0.6.3) | [v1.10.1](https://github.com/coredns/coredns/releases/tag/v1.10.1) | [nginx-1.9.3-hardened1](https://github.com/rancher/ingress-nginx/releases/tag/nginx-1.9.3-hardened1) | [v0.15.4](https://github.com/k3s-io/helm-controller/releases/tag/v0.15.4) | [Flannel v0.23.0](https://github.com/flannel-io/flannel/releases/tag/v0.23.0)<br/>[Calico v3.26.3](https://docs.tigera.io/calico/latest/release-notes/#v3.26) | [v3.26.3](https://docs.tigera.io/calico/latest/release-notes/#v3.26) | [v1.14.4](https://github.com/cilium/cilium/releases/tag/v1.14.4) | [v4.0.2](https://github.com/k8snetworkplumbingwg/multus-cni/releases/tag/v4.0.2) |
| [v1.26.10+rke2r2](v1.26.X.md#release-v12610rke2r2) | Nov 08 2023| [v1.26.10](https://github.com/kubernetes/kubernetes/blob/master/CHANGELOG/CHANGELOG-1.26.md#v12610) | [v3.5.9-k3s1](https://github.com/k3s-io/etcd/releases/tag/v3.5.9-k3s1) | [v1.7.7-k3s1](https://github.com/k3s-io/containerd/releases/tag/v1.7.7-k3s1) | [v1.1.8](https://github.com/opencontainers/runc/releases/tag/v1.1.8) | [v0.6.3](https://github.com/kubernetes-sigs/metrics-server/releases/tag/v0.6.3) | [v1.10.1](https://github.com/coredns/coredns/releases/tag/v1.10.1) | [4.8.2](https://github.com/kubernetes/ingress-nginx/releases/tag/helm-chart-4.8.2) | [v0.15.4](https://github.com/k3s-io/helm-controller/releases/tag/v0.15.4) | [Flannel v0.22.1](https://github.com/flannel-io/flannel/releases/tag/v0.22.1)<br/>[Calico v3.26.1](https://docs.tigera.io/calico/latest/release-notes/#v3.26) | [v3.26.1](https://docs.tigera.io/calico/latest/release-notes/#v3.26) | [v1.14.2](https://github.com/cilium/cilium/releases/tag/v1.14.2) | [v4.0.2](https://github.com/k8snetworkplumbingwg/multus-cni/releases/tag/v4.0.2) |
| [v1.26.10+rke2r1](v1.26.X.md#release-v12610rke2r1) | Oct 31 2023| [v1.26.10](https://github.com/kubernetes/kubernetes/blob/master/CHANGELOG/CHANGELOG-1.26.md#v12610) | [v3.5.9-k3s1](https://github.com/k3s-io/etcd/releases/tag/v3.5.9-k3s1) | [v1.7.7-k3s1](https://github.com/k3s-io/containerd/releases/tag/v1.7.7-k3s1) | [v1.1.8](https://github.com/opencontainers/runc/releases/tag/v1.1.8) | [v0.6.3](https://github.com/kubernetes-sigs/metrics-server/releases/tag/v0.6.3) | [v1.10.1](https://github.com/coredns/coredns/releases/tag/v1.10.1) | [4.8.2](https://github.com/kubernetes/ingress-nginx/releases/tag/helm-chart-4.8.2) | [v0.15.4](https://github.com/k3s-io/helm-controller/releases/tag/v0.15.4) | [Flannel v0.22.1](https://github.com/flannel-io/flannel/releases/tag/v0.22.1)<br/>[Calico v3.26.1](https://docs.tigera.io/calico/latest/release-notes/#v3.26) | [v3.26.1](https://docs.tigera.io/calico/latest/release-notes/#v3.26) | [v1.14.2](https://github.com/cilium/cilium/releases/tag/v1.14.2) | [v4.0.2](https://github.com/k8snetworkplumbingwg/multus-cni/releases/tag/v4.0.2) |
| [v1.26.9+rke2r1](v1.26.X.md#release-v1269rke2r1) | Sep 18 2023| [v1.26.9](https://github.com/kubernetes/kubernetes/blob/master/CHANGELOG/CHANGELOG-1.26.md#v1269) | [v3.5.9-k3s1](https://github.com/k3s-io/etcd/releases/tag/v3.5.9-k3s1) | [v1.7.3-k3s1](https://github.com/k3s-io/containerd/releases/tag/v1.7.3-k3s1) | [v1.1.8](https://github.com/opencontainers/runc/releases/tag/v1.1.8) | [v0.6.3](https://github.com/kubernetes-sigs/metrics-server/releases/tag/v0.6.3) | [v1.10.1](https://github.com/coredns/coredns/releases/tag/v1.10.1) | [4.6.1](https://github.com/kubernetes/ingress-nginx/releases/tag/helm-chart-4.6.1) | [v0.15.4](https://github.com/k3s-io/helm-controller/releases/tag/v0.15.4) | [Flannel v0.22.1](https://github.com/flannel-io/flannel/releases/tag/v0.22.1)<br/>[Calico v3.26.1](https://docs.tigera.io/calico/latest/release-notes/#v3.26) | [v3.26.1](https://docs.tigera.io/calico/latest/release-notes/#v3.26) | [v1.14.1](https://github.com/cilium/cilium/releases/tag/v1.14.1) | [v4.0.2](https://github.com/k8snetworkplumbingwg/multus-cni/releases/tag/v4.0.2) |
Expand All @@ -28,6 +29,44 @@ Before upgrading from earlier releases, be sure to read the Kubernetes [Urgent U

<br />

## Release [v1.26.13+rke2r1](https://github.com/rancher/rke2/releases/tag/v1.26.13+rke2r1)
<!-- v1.26.13+rke2r1 -->

This release updates Kubernetes to v1.26.13.

:::warning Important Notes


Addresses the runc CVE: [CVE-2024-21626](https://nvd.nist.gov/vuln/detail/CVE-2024-21626) by updating runc to v1.1.12.

If your server (control-plane) nodes were not started with the `--token` CLI flag or config file key, a randomized token was generated during initial cluster startup. This key is used both for joining new nodes to the cluster, and for encrypting cluster bootstrap data within the datastore. Ensure that you retain a copy of this token, as is required when restoring from backup.

You may retrieve the token value from any server already joined to the cluster:
```bash
cat /var/lib/rancher/rke2/server/token
```


:::

### Changes since v1.26.12+rke2r1:

* Use dl.k8s.io for getting kubectl [(#5179)](https://github.com/rancher/rke2/pull/5179)
* Ensure charts directory exists in Windows runtime image [(#5185)](https://github.com/rancher/rke2/pull/5185)
* Bump versions of different components [(#5170)](https://github.com/rancher/rke2/pull/5170)
* Update coredns chart to fix bug [(#5202)](https://github.com/rancher/rke2/pull/5202)
* Update multus chart to add optional dhcp daemonset [(#5212)](https://github.com/rancher/rke2/pull/5212)
* Add e2e test about dnscache [(#5228)](https://github.com/rancher/rke2/pull/5228)
* Update rke2-whereabouts to v0.6.3 and bump rke2-multus parent chart [(#5246)](https://github.com/rancher/rke2/pull/5246)
* Bump sriov image build versions [(#5257)](https://github.com/rancher/rke2/pull/5257)
* Enable arm64 based images for calico, multus and harvester [(#5267)](https://github.com/rancher/rke2/pull/5267)
* Improve kube-proxy and calico logging in Windows [(#5286)](https://github.com/rancher/rke2/pull/5286)
* Bump k3s for v1.26 [(#5271)](https://github.com/rancher/rke2/pull/5271)
* Update to 1.26.13 [(#5293)](https://github.com/rancher/rke2/pull/5293)
* Update base image [(#5308)](https://github.com/rancher/rke2/pull/5308)
* Bump K3s and runc versions for v1.26 [(#5352)](https://github.com/rancher/rke2/pull/5352)

-----
## Release [v1.26.12+rke2r1](https://github.com/rancher/rke2/releases/tag/v1.26.12+rke2r1)
<!-- v1.26.12+rke2r1 -->

Expand Down Expand Up @@ -75,7 +114,8 @@ cat /var/lib/rancher/rke2/server/token

This release updates Kubernetes to v1.26.11.

**Important Notes**
:::warning Important Notes


This release includes a version of ingress-nginx affected by [CVE-2023-5043](https://github.com/kubernetes/ingress-nginx/issues/10571) and [CVE-2023-5044](https://github.com/kubernetes/ingress-nginx/issues/10572). Ingress administrators should set the --enable-annotation-validation flag to enforce restrictions on the contents of ingress-nginx annotation fields.

Expand All @@ -86,6 +126,9 @@ You may retrieve the token value from any server already joined to the cluster:
cat /var/lib/rancher/rke2/server/token
```


:::

### Changes since v1.26.10+rke2r2:

* Add chart validation tests [(#5003)](https://github.com/rancher/rke2/pull/5003)
Expand Down Expand Up @@ -130,7 +173,8 @@ cat /var/lib/rancher/rke2/server/token

This release fixes an issue with identifying additional container runtimes.

**Important Notes**
:::warning Important Notes


This release includes a version of ingress-nginx affected by [CVE-2023-5043](https://github.com/kubernetes/ingress-nginx/issues/10571) and [CVE-2023-5044](https://github.com/kubernetes/ingress-nginx/issues/10572). Ingress administrators should set the --enable-annotation-validation flag to enforce restrictions on the contents of ingress-nginx annotation fields.

Expand All @@ -141,6 +185,9 @@ You may retrieve the token value from any server already joined to the cluster:
cat /var/lib/rancher/rke2/server/token
```


:::

### Changes since v1.26.10+rke2r1:

* Bump k3s, include container runtime fix [(#4981)](https://github.com/rancher/rke2/pull/4981)
Expand All @@ -153,7 +200,8 @@ cat /var/lib/rancher/rke2/server/token

This release updates Kubernetes to v1.26.10.

**Important Notes**
:::warning Important Notes


This release includes a version of ingress-nginx affected by [CVE-2023-5043](https://github.com/kubernetes/ingress-nginx/issues/10571) and [CVE-2023-5044](https://github.com/kubernetes/ingress-nginx/issues/10572). Ingress administrators should set the --enable-annotation-validation flag to enforce restrictions on the contents of ingress-nginx annotation fields.

Expand All @@ -164,6 +212,9 @@ You may retrieve the token value from any server already joined to the cluster:
cat /var/lib/rancher/rke2/server/token
```


:::

### Changes since v1.26.9+rke2r1:

* Add a time.Sleep in calico-win to avoid polluting the logs [(#4792)](https://github.com/rancher/rke2/pull/4792)
Expand All @@ -173,7 +224,7 @@ cat /var/lib/rancher/rke2/server/token
* Mirrored pause backport [(#4827)](https://github.com/rancher/rke2/pull/4827)
* Write pod-manifests as 0600 in cis mode [(#4839)](https://github.com/rancher/rke2/pull/4839)
* Bumping k3s [(#4863)](https://github.com/rancher/rke2/pull/4863)
* Filter release branchs [(#4858)](https://github.com/rancher/rke2/pull/4858)
* Filter release branches [(#4858)](https://github.com/rancher/rke2/pull/4858)
* Update charts to have ipFamilyPolicy: PreferDualStack as default [(#4846)](https://github.com/rancher/rke2/pull/4846)
* Bump K3s, Cilium, Token Rotation support [(#4870)](https://github.com/rancher/rke2/pull/4870)
* Bump containerd to v1.7.7+k3s1 [(#4881)](https://github.com/rancher/rke2/pull/4881)
Expand Down Expand Up @@ -218,7 +269,8 @@ cat /var/lib/rancher/rke2/server/token

This release updates Kubernetes to v1.26.8, and fixes a number of issues.

**Important Notes**
:::warning Important Notes


* ⚠️ This release includes support for remediating CVE-2023-32186, a potential Denial of Service attack vector on RKE2 servers. See https://github.com/rancher/rke2/security/advisories/GHSA-p45j-vfv5-wprq for more information, including mandatory steps necessary to harden clusters against this vulnerability.

Expand All @@ -229,6 +281,9 @@ This release updates Kubernetes to v1.26.8, and fixes a number of issues.
cat /var/lib/rancher/rke2/server/token
```


:::

### Changes since v1.26.7+rke2r1:

* Sync Felix and calico-node datastore [(#4576)](https://github.com/rancher/rke2/pull/4576)
Expand Down
Loading
Loading