Warning: We’ve identified a critical bug in this release.
The bug can lead to objects being removed unexpectedly from K3s's database. When this occurs, these objects will no longer be available in the Kubernetes API. See k3s-io/kine#61 for more details.
We recommend that you do not use this release. If your cluster is already on this release, please upgrade to v1.19.3+k3s3.
This release provides improvements since the previous release of Kubernetes v1.19.3 in K3s v1.19.3+k3s1.
Major changes since v1.19.3+k3s1:
- Improved support for EL8-based systems (#2184)
- Improve efficiency and reliability of Kine database compaction (#1311)
When using SQLite or an external SQL datastore, this may cause a one-time delay in startup of the first node upgraded to this release. You can monitor creation of the new indexes by searching your logs for the messagesConfiguring database table schema and indexes, this may take a moment...andDatabase tables and indexes are up to date. - Improve stability of managed etcd when adding/removing/restarting cluster members (#2249, #2399, #2413)
- Managed etcd no longer communicates using external IP addresses when K3s is started with
--node-external-ip(#2448) - Improve stability when upgrading K3s on systems with slow disk IO (#2349)
- install.sh (get.k3s.io) now automatically adds a Yum repo and installs the k3s-selinux package and dependencies on EL7/EL8-like systems (#2408)
This can be disabled by exportingINSTALL_K3S_SKIP_SELINUX_RPM=trueorINSTALL_K3S_SKIP_DOWNLOAD=true(the latter skips all downloads, including the K3s binary).
Embedded Component Versions
Versions for components not listed below have not changed since the previous release.
| Component | Version |
|---|---|
| SQLite | 3.33.0 |
Known Issues
- As of this release, we are no longer providing RPMs as release artifacts. RPMs and the K3s Yum repo were not well-publicized offerings, and will require some refactoring to our CI pipeline before we can bring them back again.
- When using managed etcd, nodes that are deleted from the cluster, or fail partway through joining the cluster, cannot be automatically rejoined without manual intervention. You may see one of the following errors in the logs on the joining node:
If you see these messages, follow the instructions to clean up the node's copy of the etcd database before rejoining the node. This will be handled automatically in a future release.node has been delete from the cluster. Backup and delete ${datadir}/server/db if you like to rejoin the node etcd stopped - if this node was removed from the cluster, you must backup and delete /var/lib/rancher/k3s/server/db/etcd before rejoining - We've been working through issues in our experimental SELinux support in order to promote it to stable. We expect to promote it in a future v1.19 release. Currently, we've identified a few known issues in in this area:
- Unable to run Envoy proxy with SELinux enforcing #2240
- Upgrades of systems that have SELinux support turned on will not function correctly unless additional steps are taken:
- Enablement of SELinux in embedded containerd is no longer automatic. Prior to the v1.19 release line, K3s would auto-detect whether SELinux MCS label support should be enabled. You must now explicitly turn it on by supplying the
--selinuxflag. Because of this change, the--disable-selinuxflag has been deprecated (and it is an error to specify both). See the docs for details.
- Enablement of SELinux in embedded containerd is no longer automatic. Prior to the v1.19 release line, K3s would auto-detect whether SELinux MCS label support should be enabled. You must now explicitly turn it on by supplying the
Helpful Links
As always, we welcome and appreciate feedback from our community of users. Please feel free to:
- Open issues here
- Join our Slack channel
- Check out our documentation for guidance on how to get started or to dive deep into K3s.