This release is RKE2's first in the v1.20 line. This release updates Kubernetes to v1.20.4
For more details on what's new, see the Kubernetes release notes. If you are coming from v1.19 or earlier, it is recommended that you read the Urgent Upgrade Notes.
Upgrade Notes
If you installed RKE2 from RPMs (default on RHEL-based distributions), you will need to either re-run the installer, or edit /etc/yum.repos.d/rancher-rke2.repo to point at the latest/1.20 or stable/1.20 channel (depending on how quickly you would like to receive new releases) in order to update RKE2 via yum.
Changes since v1.19.8+rke2r1
- Upgrade Kubernetes to v1.20.4 (#740)
- Packaged components will now come back immediately when they are removed from the --disable list. Previously, they would not come back until RKE2 was upgraded. (#729)
- Arguments passed to Kubernetes components via the --kube-*-arg flags (--kube-apiserver-arg, --kube-scheduler-arg, etc) now override the RKE2 defaults. (#724)
- Airgap tarballs can now be used alongside the --system-default-registry flag. Images loaded from tarballs will appear to come from the default registry. (#683)
- RKE2 honors registries.yaml settings for mirroring, authentication, and TLS configuration when loading core images, including the runtime bootstrap image. (#710)
- The RKE2 agent's client load-balancer now binds to static ports, instead of randomly selecting ports on startup. This resolves an issue that would cause the kube-proxy pod to lose its connection to the apiserver when RKE2 was restarted. (#573)
- RKE2 supports loading images from compressed tarballs; the rke2-images tarball artifacts no longer need to be decompressed after downloading. (#755)
- RKE2 release artifacts now include a rke2-image tarball compressed with zstandard. Zstandard produces archives that are significantly smaller, and faster to decompress. (#755)
- RKE2 now installs to /opt/rke2 on hosts where /usr/local is readonly or a dedicated mount point. (#737 / #742)
Packaged Component Versions
| Component | Version |
|---|---|
| Kubernetes | v1.20.4 |
| Etcd | v3.4.13-k3s1 |
| Containerd | v1.4.3-k3s3 |
| Runc | v1.0.0-rc93 |
| CNI Plugins | v0.8.7 |
| Flannel | v0.13.0-rancher1 |
| Calico | v3.13.3 |
| Metrics-server | v0.3.6 |
| CoreDNS | v1.6.9 |
| Ingress-Nginx | v1.36.3 |
| Helm-controller | v0.8.4 |
Known Issues
- #692 - RKE does not write audit logs, regardless of the audit policy in place.
- #690 - There is a bug in containerd concerning SELinux volume relabelling. This issue may manifest as Rancher not being able to start on RKE2 clusters with SELinux enabled.
These will be addressed in an upcoming release.
Helpful Links
As always, we welcome and appreciate feedback from our community of users. Please feel free to:
- Open issues here
- Join our Slack channel
- Check out our documentation for guidance on how to get started.