This release updates Kubernetes to v1.20.15, fixes a number of minor issues, and includes security updates.
Important Note
If your server (control-plane) nodes were not started with the --token CLI flag or config file key, a randomized token was generated during initial cluster startup. This key is used both for joining new nodes to the cluster, and for encrypting cluster bootstrap data within the datastore. Ensure that you retain a copy of this token, as is required when restoring from backup.
You may retrieve the token value from any server already joined to the cluster:
cat /var/lib/rancher/rke2/server/tokenChanges since v1.20.14+rke2r2:
- [release-1.20] Update etcd and k3s (#2369)
- [release-1.20] Update RKE2 k8s version for January release (#2372)
Packaged Component Versions
| Component | Version |
|---|---|
| Kubernetes | v1.20.15 |
| Etcd | v3.4.18-k3s1 |
| Containerd | v1.4.12-k3s1 |
| Runc | v1.0.3 |
| CNI Plugins | v0.9.1 |
| Metrics-server | v0.5.0 |
| CoreDNS | v1.8.5 |
| Ingress-Nginx | 4.0.3 |
| Helm-controller | v0.11.7 |
Available CNIs
| Component | Version | FIPS Compliant |
|---|---|---|
| Canal (Default) | Flannel v0.13.0-rancher1 Calico v3.13.3 | Yes |
| Calico | v3.19.2 | No |
| Cilium | v1.9.604 | No |
| Multus | v3.7.1 | No |
Known Issues
- #1447 - When restoring RKE2 from backup to a new node, you should ensure that all pods are stopped following the initial restore:
curl -sfL https://get.rke2.io | sudo INSTALL_RKE2_VERSION=v1.20.15+rke2r1
rke2 server \
--cluster-reset \
--cluster-reset-restore-path=<PATH-TO-SNAPSHOT> --token <token used in the original cluster>
rke2-killall.sh
systemctl enable rke2-server
systemctl start rke2-serverHelpful Links
As always, we welcome and appreciate feedback from our community of users. Please feel free to:
- Open issues here
- Join our Slack channel
- Check out our documentation for guidance on how to get started.