Notice

This release is affected by a bug (#1052) with the --cluster-reset flag which causes a goroutine panic when attempting to reset the etcd cluster membership. It is required to upgrade to v1.20.7+rke2r2 if you intend to leverage etcd cluster reset or etcd restore functionality.

This release updates Kubernetes to v1.20.7
For more details on what's new, see the Kubernetes release notes.

Upgrade Notes

If you installed RKE2 from RPMs (default on RHEL-based distributions), you will need to either re-run the installer, or edit /etc/yum.repos.d/rancher-rke2.repo to point at the latest/1.20 or stable/1.20 channel (depending on how quickly you would like to receive new releases) in order to update RKE2 via yum.

Changes since v1.20.6+rke2r1

• Upgrade Kubernetes to v1.20.7 (#951)
• Upgrade containerd to v1.4.4-k3s2 (#1031)
• Fixes (CVE-2021-30465) runc 1.0.0-rc94 and earlier are vulnerable to a symlink exchange attack (#980).
• Add support for --cni=canal|cilium. (#997)
• Add support for --cloud-provider=vsphere. (#997)
• Add support for passing through cluster configuration to HelmChart manifests. (#997)
• Make --system-default-registry a server flag that is propagated to agents. (#997)
• Fix for installations on networks lacking DNS for nodes (#1028)

Packaged Component Versions

Known Issues

• #692 - RKE does not write audit logs, regardless of the audit policy in place.
• #786 - NetworkManager interferes with network related components. If your node has NetworkManager installed and enabled, please refere to Rke2 Docs for a workaround.

These will be addressed in an upcoming release.

Helpful Links

As always, we welcome and appreciate feedback from our community of users. Please feel free to:

• Open issues here
• Join our Slack channel
• Check out our documentation for guidance on how to get started.