This release updates Kubernetes to v1.28.4, and fixes a number of issues.
For more details on what's new, see the Kubernetes release notes.
Changes since v1.28.3+k3s2:
- Update channels latest to v1.27.7+k3s2 (#8799)
- Add etcd status condition (#8724)
- Now the user can see the etcd status from each node in a simple way
- ADR for etcd status (#8355)
- Wasm shims detection (#8751)
- Automatic discovery of WebAssembly runtimes
- Add warning for removal of multiclustercidr flag (#8758)
- Improve dualStack log (#8798)
- Optimize: Simplify and clean up Dockerfile (#8244)
- Add: timezone info in image (#8764)
-
- New timezone info in Docker image allows the use of
spec.timeZonein CronJobs
- New timezone info in Docker image allows the use of
-
- Bump kine to fix nats, postgres, and watch issues (#8778)
- Bumped kine to v0.11.0 to resolve issues with postgres and NATS, fix performance of watch channels under heavy load, and improve compatibility with the reference implementation.
- QoS-class resource configuration (#8726)
- Containerd may now be configured to use rdt or blockio configuration by defining
rdt_config.yamlorblockio_config.yamlfiles.
- Containerd may now be configured to use rdt or blockio configuration by defining
- Add agent flag disable-apiserver-lb (#8717)
- Add agent flag disable-apiserver-lb, agent will not start load balance proxy.
- Force umount for NFS mount (like with longhorn) (#8521)
- General updates to README (#8786)
- Fix wrong warning from restorecon in install script (#8871)
- Fix issue with snapshot metadata configmap (#8835)
- Omit snapshot list configmap entries for snapshots without extra metadata
- Skip initial datastore reconcile during cluster-reset (#8861)
- Tweaked order of ingress IPs in ServiceLB (#8711)
- Improved ingress IP ordering from ServiceLB
- Disable helm CRD installation for disable-helm-controller (#8702)
- More improves for K3s patch release docs (#8800)
- Update install.sh sha256sum (#8885)
- Add jitter to client config retry to avoid hammering servers when they are starting up (#8863)
- Handle nil pointer when runtime core is not ready in etcd (#8886)
- Bump dynamiclistener; reduce snapshot controller log spew (#8894)
- Bumped dynamiclistener to address a race condition that could cause a server to fail to sync its certificates into the Kubernetes secret
- Reduced etcd snapshot log spam during initial cluster startup
- Remove depends_on for e2e step; fix cert rotate e2e (#8906)
- Fix etcd snapshot S3 issues (#8926)
- Don't apply S3 retention if S3 client failed to initialize
- Don't request metadata when listing S3 snapshots
- Print key instead of file path in snapshot metadata log message
- Update to v1.28.4 and Go to v1.20.11 (#8920)
- Remove s390x steps temporarily since runners are disabled (#8983)
- Remove s390x from manifest (#8998)
Embedded Component Versions
| Component | Version |
|---|---|
| Kubernetes | v1.28.4 |
| Kine | v0.11.0 |
| SQLite | 3.42.0 |
| Etcd | v3.5.9-k3s1 |
| Containerd | v1.7.7-k3s1 |
| Runc | v1.1.8 |
| Flannel | v0.22.2 |
| Metrics-server | v0.6.3 |
| Traefik | v2.10.5 |
| CoreDNS | v1.10.1 |
| Helm-controller | v0.15.4 |
| Local-path-provisioner | v0.0.24 |
Helpful Links
As always, we welcome and appreciate feedback from our community of users. Please feel free to:
- Open issues here
- Join our Slack channel
- Check out our documentation for guidance on how to get started or to dive deep into K3s.
- Read how you can contribute here