This release updates Kubernetes to v1.21.6, fixes a number of minor issues, and includes an update to ingress-nginx that resolves CVE-2021-25742.
For more details on what's new, see the Kubernetes release notes.
Changes since v1.21.5+rke2r2
- Update Kubernetes to v1.21.6 (#2060)
- The ingress-nginx helm chart has been upgraded to version 4.0.3. (#1941)
This resolves CVE-2021-25742. - Servers will no longer occasionally create duplicate static pods during upgrades. (#1967)
- Servers will no longer join etcd clusters until the new member is more prepared to do so. (#1990)
- Flannel's vxlan backend now generates its own MAC addresses, preventing systemd 242+ from changing them unexpectedly. (#2006)
- The rke2-coredns chart has been updated to ensure that multiple etcd pods are not scheduled on the same node. (#2033)
- Cluster member addresses are now updated when resetting/restoring etcd via
--cluster-reset
. (#2030) - The
rke2 etcd-snapshot
subcommand now honors config file settings. (#2030)
Packaged Component Versions
Component | Version |
---|---|
Kubernetes | v1.21.6 |
Etcd | v3.4.13-k3s1 |
Containerd | v1.4.11-k3s1 |
Runc | v1.0.2 |
CNI Plugins | v0.8.7 |
Metrics-server | v0.3.6 |
CoreDNS | v1.8.5 |
Ingress-Nginx | 4.0.3 |
Helm-controller | v0.10.8 |
Available CNIs
Component | Version | FIPS Compliant |
---|---|---|
Canal (Default) | Flannel v0.15.1 Calico v3.20.1 | Yes |
Calico | v3.19.2 | No |
Cilium | v1.10.4 | No |
Multus | v3.7.1 | No |
Known Issues
- #1447 - When restoring RKE2 from backup to a new node, you should ensure that all pods are stopped following the initial restore:
curl -sfL https://get.rke2.io | sudo INSTALL_RKE2_VERSION=v1.21.6+rke2r1
rke2 server \
--cluster-reset \
--cluster-reset-restore-path=<PATH-TO-SNAPSHOT> --token <token used in the original cluster>
rke2-killall.sh
systemctl enable rke2-server
systemctl start rke2-server
Helpful Links
As always, we welcome and appreciate feedback from our community of users. Please feel free to:
- Open issues here
- Join our Slack channel
- Check out our documentation for guidance on how to get started.