k3s-io/k3s v1.28.3+k3s1

on GitHub

This release updates Kubernetes to v1.28.3, and fixes a number of issues.

For more details on what's new, see the Kubernetes release notes.

Changes since v1.28.2+k3s1:

• Fix error reporting (#8250)
• Add context to flannel errors (#8284)
• Update channel, September patch release (#8397)
• Add missing link to drone in documentation (#8295)
• Include the interface name in the error message (#8346)
• Add extraArgs to vpn provider (#8354)
  • Allow to pass extra args to the vpn provider
• Disable HTTP on main etcd client port (#8402)
  • Embedded etcd no longer serves http requests on the client port, only grpc. This addresses a performance issue that could cause watch stream starvation under load. For more information, see etcd-io/etcd#15402
• Server token rotation (#8215)
• Fix issues with etcd member removal after reset (#8392)
  • Fixed an issue that could cause k3s to attempt to remove members from the etcd cluster immediately following a cluster-reset/restore, if they were queued for removal at the time the snapshot was taken.
• Fix gofmt error (#8439)
• Added advertise address integration test (#8344)
• Added cluster reset from non bootstrap nodes on snapshot restore e2e test (#8292)
• Fix .github regex to skip drone runs on gh action bumps (#8433)
• Added error when cluster reset while using server flag (#8385)
  • The user will receive a error when --cluster-reset with the --server flag
• Update kube-router (#8423)
  • Update kube-router to v2.0.0-rc7 to fix performance issues
• Add SHA256 signatures of the install script (#8312)
  • • Add SHA256 signatures of the install script.
• Add --image-service-endpoint flag (#8279)
  • Add --image-service-endpoint flag to specify an external image service socket.
• Don't ignore assets in home dir if system assets exist (#8458)
• Pass SystemdCgroup setting through to nvidia runtime options (#8470)
  • Fixed issue that would cause pods using nvidia container runtime to be killed after a few seconds, when using newer versions of nvidia-container-toolkit.
• Improve release docs - updated (#8414)
• Take IPFamily precedence based on order (#8460)
• Fix spellcheck problem (boostrap ==> bootstrap) (#8507)
• Network defaults are duplicated, remove one (#8523)
• Fix slemicro check for selinux (#8526)
• Update install.sh.sha256sum (#8566)
• System agent push tags fix (#8568)
• Fixed tailscale node IP dualstack mode in case of IPv4 only node (#8524)
• Server Token Rotation (#8265)
  • Users can now rotate the server token using k3s token rotate -t <OLD_TOKEN> --new-token <NEW_TOKEN>. After command succeeds, all server nodes must be restarted with the new token.
• E2E Domain Drone Cleanup (#8579)
• Bump containerd to v1.7.7-k3s1 (#8604)
• Bump busybox to v1.36.1 (#8602)
• Migrate to using custom resource to store etcd snapshot metadata (#8064)
• Switch build target from main.go to a package. (#8342)
• Use IPv6 in case is the first configured IP with dualstack (#8581)
• Bump traefik, golang.org/x/net, google.golang.org/grpc (#8624)
• Update kube-router package in build script (#8630)
• Add etcd-only/control-plane-only server test and fix control-plane-only server crash (#8638)
• Use version.Program not K3s in token rotate logs (#8653)
• [Windows Port (#7259)
• Fix CloudDualStackNodeIPs feature-gate inconsistency (#8667)
• Re-enable etcd endpoint auto-sync (#8675)
• Manually requeue configmap reconcile when no nodes have reconciled snapshots (#8683)
• Update to v1.28.3 and Go to v1.20.10 (#8682)
• Fix s3 snapshot restore (#8729)

Embedded Component Versions

Helpful Links

As always, we welcome and appreciate feedback from our community of users. Please feel free to:

• Open issues here
• Join our Slack channel
• Check out our documentation for guidance on how to get started or to dive deep into K3s.
• Read how you can contribute here