Release v1.1.2

Rancher Kubernetes Engine (RKE) is a CNCF-certified Kubernetes distribution that runs entirely within Docker containers. It works on bare-metal and virtualized servers. With RKE, the installation and operation of Kubernetes is both simplified and easily automated, and it’s entirely independent of the operating system and platform you’re running.

Addressing CVEs

• Added new Kubernetes versions with updated system images to address the following k8s CVEs [#2099]:
  • CVE-2020-8555: kube-controller-manager SSRF
  • CVE-2020-10749: IPv4 only clusters susceptible to MitM attacks via IPv6 rogue router advertisements
• Updated Nginx to the latest version [Rancher #26957]

Known Major Issues

• In clusters where cloud_provider is configured, and either address or internal_address does not contain a valid IP address (e.g. hostname or FQDN), kube-proxy will fail to start. [#1725]

Kubernetes Versions

Each version of RKE has a specific list of supported Kubernetes versions. If you want to use a different version than listed below, you will need to update Kubernetes using the system images option in your cluster.yml.

New Images in 1.17.6-rancher2-1, v1.16.10-rancher2-1, 1.15.12-rancher2-2

Updated Hyperkube Image based on k8s versions

• rancher/hyperkube:v1.17.6-rancher2
• rancher/hyperkube:v1.16.10-rancher2
• rancher/hyperkube:v1.15.12-rancher2

Updated CNI Plugins

Other Updated System Images

NGINX updated to 0.32.0

• rancher/nginx-0.32.0-rancher1