This release fixes an issue with identifying additional container runtimes.
Important Notes
This release includes a version of ingress-nginx affected by CVE-2023-5043 and CVE-2023-5044. Ingress administrators should set the --enable-annotation-validation flag to enforce restrictions on the contents of ingress-nginx annotation fields.
If your server (control-plane) nodes were not started with the --token
CLI flag or config file key, a randomized token was generated during initial cluster startup. This key is used both for joining new nodes to the cluster, and for encrypting cluster bootstrap data within the datastore. Ensure that you retain a copy of this token, as is required when restoring from backup.
You may retrieve the token value from any server already joined to the cluster:
cat /var/lib/rancher/rke2/server/token
Changes since v1.28.3+rke2r1:
- Update stable channel to v1.26.10+rke2r1 (#4977)
- Bump k3s, include container runtime fix (#4979)
- Fixed an issue with identifying additional container runtimes
- Update hardened kubernetes image (#4988)
Packaged Component Versions
Component | Version |
---|---|
Kubernetes | v1.28.3 |
Etcd | v3.5.9-k3s1 |
Containerd | v1.7.7-k3s1 |
Runc | v1.1.8 |
Metrics-server | v0.6.3 |
CoreDNS | v1.10.1 |
Ingress-Nginx | 4.8.2 |
Helm-controller | v0.15.4 |
Available CNIs
Component | Version | FIPS Compliant |
---|---|---|
Canal (Default) | Flannel v0.22.1 Calico v3.26.1 | Yes |
Calico | v3.26.1 | No |
Cilium | v1.14.2 | No |
Multus | v4.0.2 | No |
Helpful Links
As always, we welcome and appreciate feedback from our community of users. Please feel free to:
- Open issues here
- Join our Slack channel
- Check out our documentation for guidance on how to get started.