Upgrade for security concerns, v1.19.11+k8e1
This release updates Kubernetes to v1.19.11
Changes since v1.19.10+k8e1:
- Upgrade Kubernetes to v1.19.11
- Fix for sysctl errors with kernel 5.12.2 or newer
- Fixes (CVE-2021-30465) runc 1.0.0-rc94 and earlier are vulnerable to a symlink exchange attack
Known Issues
- There is a regression that may cause issues with deleting nodes due to finalizers not being removed. If you observe a node is stuck for some time and is not being deleted you can describe the node to see if any finalizers remain. If there are any finalizers, you can work around this issue by running the following command to remove the finalizers:
# replace <nodename> with the name of the node
kubectl get node -o name <nodename> | xargs -i kubectl patch {} -p '{"metadata":{"finalizers":[]}}' --type=merge
Embedded Component Versions
| Component | Version |
|---|---|
| Kubernetes | v1.19.11 |
| SQLite | 3.33.0 |
| Etcd | v3.4.13-k3s3 |
| Containerd | v1.4.4-k3s1 |
| Runc | v1.0.0-rc95 |
| Flannel | v0.12.0-k3s1 |
| Metrics-server | v0.3.6 |
| Traefik | 1.7.19 |
| CoreDNS | v1.6.9 |
| Helm-controller | v0.8.3 |
| Local-path-provisioner | v0.0.14 |
sha256sum
root# sha256sum k8e
6ab212ab956e2cd75dbd2499e89a1076a1bc6ef82b1255d63d09feb9914c8b0f k8e
root# ./k8e -v
k8e version v1.19.11+k8e1 (0a41bd87)