Skip to content

chore(deps): update dependency k3s-io/k3s to v1.29.2+k3s1

Stackspin-renovate Bot requested to merge renovate/k3s-io-k3s-1.x into main

This MR contains the following updates:

Package Update Change
k3s-io/k3s minor v1.28.2+k3s1 -> v1.29.2+k3s1

Release Notes

k3s-io/k3s (k3s-io/k3s)

v1.29.2+k3s1: v1.29.2+k3s1

Compare Source

This release updates Kubernetes to v1.29.2, and fixes a number of issues.

For more details on what's new, see the Kubernetes release notes.

Changes since v1.29.1+k3s2:

  • Bump Local Path Provisioner version (#​8953)
  • Add ability to install K3s MR Artifact from GitHub (#​9185)
    • Adds INSTALL_K3S_PR option to install a build of K3s from any open MR with CI approval
  • Bump Trivy version (#​9237)
  • Bump codecov/codecov-action from 3 to 4 (#​9353)
  • Update stable channel (#​9388)
  • Fix snapshot reconcile retry (#​9318)
  • Add check for etcd-snapshot-dir and fix panic in Walk (#​9317)
  • Bump CNI plugins to v1.4.0 (#​9249)
  • Fix issue with coredns node hosts controller (#​9354)
    • Fixed issue that could cause coredns pods to fail to start when the embedded helm controller is disabled, due to the configmap not being updated with node hosts entries.
  • Fix on-demand snapshots on ipv6-only nodes (#​9247)
  • Bump flannel version (#​9395)
    • Bumped flannel to v0.24.2
  • Build: Align drone base images (#​8959)
  • Changed how lastHeartBeatTime works in the etcd condition (#​9263)
  • Runtimes refactor using exec.LookPath (#​9311)
    • Directories containing runtimes need to be included in the $PATH environment variable for effective runtime detection.
  • Bump cri-dockerd to fix compat with Docker Engine 25 (#​9290)
  • Add codcov secret for integration tests on Push (#​9422)
  • Allow executors to define containerd and cridockerd behavior (#​9184)
  • Update Kube-router to v2.0.1 (#​9396)
  • : Test_UnitApplyContainerdQoSClassConfigFileIfPresent (Created) (#​8945)
  • Readd k3s secrets-encrypt rotate-keys with correct support for KMSv2 GA (#​9340)
  • Fix iptables check when sbin isn't in user PATH (#​9344)
  • Don't create NodePasswordValidationFailed event if agent is disabled (#​9312)
    • The NodePasswordValidationFailed Events will no longer be emitted, if the agent is disabled.
  • Expose rootless state dir under ~/.rancher/k3s/rootless (#​9308)
    • When running k3s in rootless mode, expose rootlesskit's state directory as ~/.rancher/k3s/rootless
  • Expose rootless containerd socket directories for external access (#​9309)
    • Mount k3s rootless containerd & cri-dockerd socket directories to $XDG_RUNTIME_DIR/k3s/containerd and $XDG_RUNTIME_DIR/k3s/cri-dockerd respectively.
  • Bump kine and set NotifyInterval to what the apiserver expects (#​9349)
  • Update Kubernetes to v1.29.2 (#​9493)
  • Fix drone publish for arm (#​9503)
  • Remove failing Drone step (#​9517)
  • Restore original order of agent startup functions (#​9539)
  • Fix netpol startup when flannel is disabled (#​9571)

Embedded Component Versions

Component Version
Kubernetes v1.29.2
Kine v0.11.4
SQLite 3.44.0
Etcd v3.5.9-k3s1
Containerd v1.7.11-k3s2
Runc v1.1.12-k3s1
Flannel v0.24.2
Metrics-server v0.6.3
Traefik v2.10.5
CoreDNS v1.10.1
Helm-controller v0.15.8
Local-path-provisioner v0.0.26

Helpful Links

As always, we welcome and appreciate feedback from our community of users. Please feel free to:

v1.29.1+k3s1: v1.29.1+k3s1

Compare Source

This release updates Kubernetes to v1.29.1, and fixes a number of issues.

For more details on what's new, see the Kubernetes release notes.

Changes since v1.29.0+k3s1:

  • Bump Sonobuoy version (#​8910)
  • Bump actions/setup-go from 4 to 5 (#​9036)
  • Chore: Update Code of Conduct to Redirect to CNCF CoC (#​9104)
    • NONE
  • Update stable channel to v1.28.5+k3s1 and add v1.29 channel (#​9110)
  • Added support for env *_PROXY variables for agent loadbalancer (#​9070)
    • HTTP_PROXY, HTTPS_PROXY and NO_PROXY environment variables are now taken into account by the agent loadbalancer if K3S_AGENT_HTTP_PROXY_ALLOWED env variable is set to true.
    • This however doesn't affect local requests as the function used prevents that: https://pkg.go.dev/net/http#ProxyFromEnvironment.
  • Add a retry around updating a secrets-encrypt node annotations (#​9039)
  • Silence SELinux warning on INSTALL_K3S_SKIP_SELINUX_RPM (#​8703)
  • Add ServiceLB support for PodHostIPs FeatureGate (#​8917)
  • Added support for env *_PROXY variables for agent loadbalancer (#​9118)
  • Redirect error stream to null when checking nm-cloud systemd unit (#​8815)
    • Remove confusing "nm-cloud-setup.service: No such file or directory" journalctl log
  • Dockerfile.dapper: set $HOME properly (#​9090)
  • Add system-agent-installer-k3s step to GA release instructions (#​9153)
  • Fix install script checksum (#​9159)
  • Fix the OTHER etcd snapshot s3 log message that prints the wrong variable (#​8944)
  • Handle logging flags when parsing kube-proxy args (#​8916)
  • Fix nil map in full snapshot configmap reconcile (#​9049)
  • Add support for containerd cri registry config_path (#​8973)
  • Add more paths to crun runtime detection (#​9086)
  • Add runtime checking of golang version (#​9054)
  • Fix OS PRETTY_NAME on tagged releases (#​9062)
  • Print error when downloading file error inside install script (#​6874)
  • Wait for cloud-provider taint to be gone before starting the netpol controller (#​9076)
  • Bump Trivy version (#​8812)
  • Use ipFamilyPolicy: RequireDualStack for dual-stack kube-dns (#​8984)
  • Handle etcd status condition when node is not ready and disable etcd (#​9084)
  • Update s3 e2e test (#​9025)
  • Add e2e startup test for rootless k3s (#​8383)
  • Add spegel distributed registry mirror (#​8977)
  • Bump quic-go for CVE-2023-49295 (#​9208)
  • Enable network policy controller metrics (#​9195)
    • Kube-router network policy controller metrics are now exposed via the default node metrics endpoint
  • Fix nonexistent dependency repositories (#​9213)
  • Move proxy dialer out of init() and fix crash when using K3S_AGENT_HTTP_PROXY_ALLOWED=true (#​9219)
  • Error getting node in setEtcdStatusCondition (#​9210)
  • Update to v1.29.1 and Go 1.21.6 (#​9259)

Embedded Component Versions

Component Version
Kubernetes v1.29.1
Kine v0.11.0
SQLite 3.42.0
Etcd v3.5.9-k3s1
Containerd v1.7.11-k3s2
Runc v1.1.10
Flannel v0.24.0
Metrics-server v0.6.3
Traefik v2.10.5
CoreDNS v1.10.1
Helm-controller v0.15.4
Local-path-provisioner v0.0.24

Helpful Links

As always, we welcome and appreciate feedback from our community of users. Please feel free to:

v1.29.1+k3s2: v1.29.1+k3s2

Compare Source

This release updates Kubernetes to v1.29.1, and fixes a number of issues.

For more details on what's new, see the Kubernetes release notes.

Important Notes

Addresses the runc CVE: CVE-2024-21626 by updating runc to v1.1.12.

Changes since v1.29.0+k3s1:

  • Bump Sonobuoy version (#​8910)
  • Bump actions/setup-go from 4 to 5 (#​9036)
  • Chore: Update Code of Conduct to Redirect to CNCF CoC (#​9104)
    • NONE
  • Update stable channel to v1.28.5+k3s1 and add v1.29 channel (#​9110)
  • Added support for env *_PROXY variables for agent loadbalancer (#​9070)
    • HTTP_PROXY, HTTPS_PROXY and NO_PROXY environment variables are now taken into account by the agent loadbalancer if K3S_AGENT_HTTP_PROXY_ALLOWED env variable is set to true.
    • This however doesn't affect local requests as the function used prevents that: https://pkg.go.dev/net/http#ProxyFromEnvironment.
  • Add a retry around updating a secrets-encrypt node annotations (#​9039)
  • Silence SELinux warning on INSTALL_K3S_SKIP_SELINUX_RPM (#​8703)
  • Add ServiceLB support for PodHostIPs FeatureGate (#​8917)
  • Added support for env *_PROXY variables for agent loadbalancer (#​9118)
  • Redirect error stream to null when checking nm-cloud systemd unit (#​8815)
    • Remove confusing "nm-cloud-setup.service: No such file or directory" journalctl log
  • Dockerfile.dapper: set $HOME properly (#​9090)
  • Add system-agent-installer-k3s step to GA release instructions (#​9153)
  • Fix install script checksum (#​9159)
  • Fix the OTHER etcd snapshot s3 log message that prints the wrong variable (#​8944)
  • Handle logging flags when parsing kube-proxy args (#​8916)
  • Fix nil map in full snapshot configmap reconcile (#​9049)
  • Add support for containerd cri registry config_path (#​8973)
  • Add more paths to crun runtime detection (#​9086)
  • Add runtime checking of golang version (#​9054)
  • Fix OS PRETTY_NAME on tagged releases (#​9062)
  • Print error when downloading file error inside install script (#​6874)
  • Wait for cloud-provider taint to be gone before starting the netpol controller (#​9076)
  • Bump Trivy version (#​8812)
  • Use ipFamilyPolicy: RequireDualStack for dual-stack kube-dns (#​8984)
  • Handle etcd status condition when node is not ready and disable etcd (#​9084)
  • Update s3 e2e test (#​9025)
  • Add e2e startup test for rootless k3s (#​8383)
  • Add spegel distributed registry mirror (#​8977)
  • Bump quic-go for CVE-2023-49295 (#​9208)
  • Enable network policy controller metrics (#​9195)
    • Kube-router network policy controller metrics are now exposed via the default node metrics endpoint
  • Fix nonexistent dependency repositories (#​9213)
  • Move proxy dialer out of init() and fix crash when using K3S_AGENT_HTTP_PROXY_ALLOWED=true (#​9219)
  • Error getting node in setEtcdStatusCondition (#​9210)
  • Update to v1.29.1 and Go 1.21.6 (#​9259)
  • New stale action (#​9278)
  • Fix handling of bare hostname or IP as endpoint address in registries.yaml (#​9323)
  • Bump runc to v1.1.12 and helm-controller to v0.15.7 (#​9332)
  • Bump helm-controller to fix issue with ChartContent (#​9345)

Embedded Component Versions

Component Version
Kubernetes v1.29.1
Kine v0.11.0
SQLite 3.42.0
Etcd v3.5.9-k3s1
Containerd v1.7.11-k3s2
Runc v1.1.12-k3s1
Flannel v0.24.0
Metrics-server v0.6.3
Traefik v2.10.5
CoreDNS v1.10.1
Helm-controller v0.15.8
Local-path-provisioner v0.0.24

Helpful Links

As always, we welcome and appreciate feedback from our community of users. Please feel free to:

v1.29.0+k3s1: v1.29.0+k3s1

Compare Source

This release is K3S's first in the v1.29 line. This release updates Kubernetes to v1.29.0.

Before upgrading from earlier releases, be sure to read the Kubernetes Urgent Upgrade Notes.

️ IMPORTANT: This release removes the expiremental rotate-keys subcommand due to changes in Kubernetes upstream for KMSv2, the subcommand should be added back in future releases.

️ IMPORTANT: This release also removes the multi-cluster-cidr flag, since the support for this alpha feature has been removed completely from Kubernetes upstream, this flag should be removed from the configuration before upgrade.

Changes since v1.28.4+k3s2:

  • Fix overlapping address range (#​8913)
  • Modify CONTRIBUTING.md guide (#​8954)
  • Nov 2023 stable channel update (#​9022)
  • Default runtime and runtime classes for wasm/nvidia/crun (#​8936)
    • Added runtime classes for wasm/nvidia/crun
    • Added default runtime flag for containerd
  • Bump containerd/runc to v1.7.10-k3s1/v1.1.10 (#​8962)
  • Allow setting default-runtime on servers (#​9027)
  • Bump containerd to v1.7.11 (#​9040)
  • Remove GA feature-gates (#​8970)
  • Only publish to code_cov on merged E2E builds (#​9051)
  • Update Kubernetes to v1.29.0+k3s1 (#​9052)
  • Update flannel to v0.24.0 and remove multiclustercidr flag (#​9075)
  • Remove rotate-keys subcommand (#​9079)

Embedded Component Versions

Component Version
Kubernetes v1.29.0
Kine v0.11.0
SQLite 3.42.0
Etcd v3.5.9-k3s1
Containerd v1.7.11-k3s2
Runc v1.1.10
Flannel v0.24.0
Metrics-server v0.6.3
Traefik v2.10.5
CoreDNS v1.10.1
Helm-controller v0.15.4
Local-path-provisioner v0.0.24

Helpful Links

As always, we welcome and appreciate feedback from our community of users. Please feel free to:

v1.28.8+k3s1: v1.28.8+k3s1

Compare Source

This release updates Kubernetes to v1.28.8, and fixes a number of issues.

For more details on what's new, see the Kubernetes release notes.

Changes since v1.28.7+k3s1:

  • Add an integration test for flannel-backend=none (#​9608)
  • Install and Unit test backports (#​9641)
  • Update klipper-lb image version (#​9605)
  • Chore(deps): Remediating CVE-2023-45142 CVE-2023-48795 (#​9647)
  • Adjust first node-ip based on configured clusterCIDR (#​9631)
  • Improve tailscale e2e test (#​9653)
  • Backports for 2024-03 release cycle (#​9669)
    • Fix: use correct wasm shims names
    • The embedded flannel cni-plugin binary is now built and versioned separate from the rest of the cni plugins and the embedded flannel controller.
    • Bump spegel to v0.0.18-k3s3
    • Adds wildcard registry support
    • Fixes issue with excessive CPU utilization while waiting for containerd to start
    • Add env var to allow spegel mirroring of latest tag
    • Tweak netpol node wait logs
    • Fix coredns NodeHosts on dual-stack clusters
    • Bump helm-controller/klipper-helm versions
    • Fix snapshot prune
    • Fix issue with etcd node name missing hostname
    • Rootless mode should also bind service nodePort to host for LoadBalancer type, matching UX of rootful mode.
    • To enable raw output for the check-config subcommand, you may now set NO_COLOR=1
    • Fix additional corner cases in registries handling
    • Bump metrics-server to v0.7.0
    • K3s will now warn and suppress duplicate entries in the mirror endpoint list for a registry. Containerd does not support listing the same endpoint multiple times as a mirror for a single upstream registry.
  • Docker and E2E Test Backports (#​9707)
  • Fix wildcard entry upstream fallback (#​9733)
  • Update to v1.28.8-k3s1 and Go 1.21.8 (#​9746)

Embedded Component Versions

Component Version
Kubernetes v1.28.8
Kine v0.11.4
SQLite 3.44.0
Etcd v3.5.9-k3s1
Containerd v1.7.11-k3s2
Runc v1.1.12-k3s1
Flannel v0.24.2
Metrics-server v0.7.0
Traefik v2.10.5
CoreDNS v1.10.1
Helm-controller v0.15.9
Local-path-provisioner v0.0.26

Helpful Links

As always, we welcome and appreciate feedback from our community of users. Please feel free to:

v1.28.7+k3s1: v1.28.7+k3s1

Compare Source

This release updates Kubernetes to v1.28.7, and fixes a number of issues.

For more details on what's new, see the Kubernetes release notes.

Changes since v1.28.6+k3s2:

  • Chore: bump Local Path Provisioner version (#​9426)
  • Bump cri-dockerd to fix compat with Docker Engine 25 (#​9293)
  • Auto Dependency Bump (#​9419)
  • Runtimes refactor using exec.LookPath (#​9431)
    • Directories containing runtimes need to be included in the $PATH environment variable for effective runtime detection.
  • Changed how lastHeartBeatTime works in the etcd condition (#​9424)
  • Bump Flannel v0.24.2 + remove multiclustercidr (#​9401)
  • Allow executors to define containerd and docker behavior (#​9254)
  • Update Kube-router to v2.0.1 (#​9404)
  • Backports for 2024-02 release cycle (#​9462)
  • Enable longer http timeout requests (#​9444)
  • Test_UnitApplyContainerdQoSClassConfigFileIfPresent (#​9440)
  • Support MR testing installs (#​9469)
  • Update Kubernetes to v1.28.7 (#​9492)
  • Fix drone publish for arm (#​9508)
  • Remove failing Drone step (#​9516)
  • Restore original order of agent startup functions (#​9545)
  • Fix netpol startup when flannel is disabled (#​9578)

Embedded Component Versions

Component Version
Kubernetes v1.28.7
Kine v0.11.4
SQLite 3.44.0
Etcd v3.5.9-k3s1
Containerd v1.7.11-k3s2
Runc v1.1.12-k3s1
Flannel v0.24.2
Metrics-server v0.6.3
Traefik v2.10.5
CoreDNS v1.10.1
Helm-controller v0.15.8
Local-path-provisioner v0.0.26

Helpful Links

As always, we welcome and appreciate feedback from our community of users. Please feel free to:

v1.28.6+k3s1: v1.28.6+k3s1

Compare Source

This release updates Kubernetes to v1.28.6, and fixes a number of issues.

For more details on what's new, see the Kubernetes release notes.

Changes since v1.28.5+k3s1:

  • Add a retry around updating a secrets-encrypt node annotations (#​9125)
  • Wait for taint to be gone in the node before starting the netpol controller (#​9175)
  • Etcd condition (#​9181)
  • Backports for 2024-01 (#​9203)
  • Pin opa version for missing dependency chain (#​9216)
  • Added support for env *_PROXY variables for agent loadbalancer (#​9206)
  • Etcd node is nil (#​9228)
  • Update to v1.28.6 and Go 1.20.13 (#​9260)
  • Use ipFamilyPolicy: RequireDualStack for dual-stack kube-dns (#​9269)

Embedded Component Versions

Component Version
Kubernetes v1.28.6
Kine v0.11.0
SQLite 3.42.0
Etcd v3.5.9-k3s1
Containerd v1.7.11-k3s2
Runc v1.1.10
Flannel v0.22.2
Metrics-server v0.6.3
Traefik v2.10.5
CoreDNS v1.10.1
Helm-controller v0.15.4
Local-path-provisioner v0.0.24

Helpful Links

As always, we welcome and appreciate feedback from our community of users. Please feel free to:

v1.28.6+k3s2: v1.28.6+k3s2

Compare Source

This release updates Kubernetes to v1.28.6, and fixes a number of issues.

For more details on what's new, see the Kubernetes release notes.

Important Notes

Addresses the runc CVE: CVE-2024-21626 by updating runc to v1.1.12.

Changes since v1.28.5+k3s1:

  • Add a retry around updating a secrets-encrypt node annotations (#​9125)
  • Wait for taint to be gone in the node before starting the netpol controller (#​9175)
  • Etcd condition (#​9181)
  • Backports for 2024-01 (#​9203)
  • Pin opa version for missing dependency chain (#​9216)
  • Added support for env *_PROXY variables for agent loadbalancer (#​9206)
  • Etcd node is nil (#​9228)
  • Update to v1.28.6 and Go 1.20.13 (#​9260)
  • Use ipFamilyPolicy: RequireDualStack for dual-stack kube-dns (#​9269)
  • Backports for 2024-01 k3s2 (#​9336)
    • Bump runc to v1.1.12 and helm-controller to v0.15.7
    • Fix handling of bare hostname or IP as endpoint address in registries.yaml
  • Bump helm-controller to fix issue with ChartContent (#​9346)

Embedded Component Versions

Component Version
Kubernetes v1.28.6
Kine v0.11.0
SQLite 3.42.0
Etcd v3.5.9-k3s1
Containerd v1.7.11-k3s2
Runc v1.1.12-k3s1
Flannel v0.22.2
Metrics-server v0.6.3
Traefik v2.10.5
CoreDNS v1.10.1
Helm-controller v0.15.8
Local-path-provisioner v0.0.24

Helpful Links

As always, we welcome and appreciate feedback from our community of users. Please feel free to:

v1.28.5+k3s1: v1.28.5+k3s1

Compare Source

This release updates Kubernetes to v1.28.5, and fixes a number of issues.

For more details on what's new, see the Kubernetes release notes.

Changes since v1.28.4+k3s1:

  • Remove s390x steps temporarily since runners are disabled (#​8983)
  • Remove s390x from manifest (#​8998)
  • Fix overlapping address range (#​8913)
  • Modify CONTRIBUTING.md guide (#​8954)
  • Nov 2023 stable channel update (#​9022)
  • Default runtime and runtime classes for wasm/nvidia/crun (#​8936)
    • Added runtime classes for wasm/nvidia/crun
    • Added default runtime flag for containerd
  • Bump containerd/runc to v1.7.10-k3s1/v1.1.10 (#​8962)
  • Allow setting default-runtime on servers (#​9027)
  • Bump containerd to v1.7.11 (#​9040)
  • Update to v1.28.5-k3s1 (#​9081)

Embedded Component Versions

Component Version
Kubernetes v1.28.5
Kine v0.11.0
SQLite 3.42.0
Etcd v3.5.9-k3s1
Containerd v1.7.11-k3s2
Runc v1.1.10
Flannel v0.22.2
Metrics-server v0.6.3
Traefik v2.10.5
CoreDNS v1.10.1
Helm-controller v0.15.4
Local-path-provisioner v0.0.24

Helpful Links

As always, we welcome and appreciate feedback from our community of users. Please feel free to:

v1.28.4+k3s1: v1.28.4+k3s1

Compare Source

Due to CI issues, v1.28.4+k3s1 should not be used. Please use v1.28.4+k3s2.

v1.28.4+k3s2: v1.28.4+k3s2

Compare Source

This release updates Kubernetes to v1.28.4, and fixes a number of issues.

For more details on what's new, see the Kubernetes release notes.

Changes since v1.28.3+k3s2:

  • Update channels latest to v1.27.7+k3s2 (#​8799)
  • Add etcd status condition (#​8724)
    • Now the user can see the etcd status from each node in a simple way
  • ADR for etcd status (#​8355)
  • Wasm shims detection (#​8751)
    • Automatic discovery of WebAssembly runtimes
  • Add warning for removal of multiclustercidr flag (#​8758)
  • Improve dualStack log (#​8798)
  • Optimize: Simplify and clean up Dockerfile (#​8244)
  • Add: timezone info in image (#​8764)
      • New timezone info in Docker image allows the use of spec.timeZone in CronJobs
  • Bump kine to fix nats, postgres, and watch issues (#​8778)
    • Bumped kine to v0.11.0 to resolve issues with postgres and NATS, fix performance of watch channels under heavy load, and improve compatibility with the reference implementation.
  • QoS-class resource configuration (#​8726)
    • Containerd may now be configured to use rdt or blockio configuration by defining rdt_config.yaml or blockio_config.yaml files.
  • Add agent flag disable-apiserver-lb (#​8717)
    • Add agent flag disable-apiserver-lb, agent will not start load balance proxy.
  • Force umount for NFS mount (like with longhorn) (#​8521)
  • General updates to README (#​8786)
  • Fix wrong warning from restorecon in install script (#​8871)
  • Fix issue with snapshot metadata configmap (#​8835)
    • Omit snapshot list configmap entries for snapshots without extra metadata
  • Skip initial datastore reconcile during cluster-reset (#​8861)
  • Tweaked order of ingress IPs in ServiceLB (#​8711)
    • Improved ingress IP ordering from ServiceLB
  • Disable helm CRD installation for disable-helm-controller (#​8702)
  • More improves for K3s patch release docs (#​8800)
  • Update install.sh sha256sum (#​8885)
  • Add jitter to client config retry to avoid hammering servers when they are starting up (#​8863)
  • Handle nil pointer when runtime core is not ready in etcd (#​8886)
  • Bump dynamiclistener; reduce snapshot controller log spew (#​8894)
    • Bumped dynamiclistener to address a race condition that could cause a server to fail to sync its certificates into the Kubernetes secret
    • Reduced etcd snapshot log spam during initial cluster startup
  • Remove depends_on for e2e step; fix cert rotate e2e (#​8906)
  • Fix etcd snapshot S3 issues (#​8926)
    • Don't apply S3 retention if S3 client failed to initialize
    • Don't request metadata when listing S3 snapshots
    • Print key instead of file path in snapshot metadata log message
  • Update to v1.28.4 and Go to v1.20.11 (#​8920)
  • Remove s390x steps temporarily since runners are disabled (#​8983)
  • Remove s390x from manifest (#​8998)

Embedded Component Versions

Component Version
Kubernetes v1.28.4
Kine v0.11.0
SQLite 3.42.0
Etcd v3.5.9-k3s1
Containerd v1.7.7-k3s1
Runc v1.1.8
Flannel v0.22.2
Metrics-server v0.6.3
Traefik v2.10.5
CoreDNS v1.10.1
Helm-controller v0.15.4
Local-path-provisioner v0.0.24

Helpful Links

As always, we welcome and appreciate feedback from our community of users. Please feel free to:

v1.28.3+k3s1: v1.28.3+k3s1

Compare Source

This release updates Kubernetes to v1.28.3, and fixes a number of issues.

For more details on what's new, see the Kubernetes release notes.

Changes since v1.28.2+k3s1:

  • Fix error reporting (#​8250)
  • Add context to flannel errors (#​8284)
  • Update channel, September patch release (#​8397)
  • Add missing link to drone in documentation (#​8295)
  • Include the interface name in the error message (#​8346)
  • Add extraArgs to vpn provider (#​8354)
    • Allow to pass extra args to the vpn provider
  • Disable HTTP on main etcd client port (#​8402)
    • Embedded etcd no longer serves http requests on the client port, only grpc. This addresses a performance issue that could cause watch stream starvation under load. For more information, see https://github.com/etcd-io/etcd/issues/15402
  • Server token rotation (#​8215)
  • Fix issues with etcd member removal after reset (#​8392)
    • Fixed an issue that could cause k3s to attempt to remove members from the etcd cluster immediately following a cluster-reset/restore, if they were queued for removal at the time the snapshot was taken.
  • Fix gofmt error (#​8439)
  • Added advertise address integration test (#​8344)
  • Added cluster reset from non bootstrap nodes on snapshot restore e2e test (#​8292)
  • Fix .github regex to skip drone runs on gh action bumps (#​8433)
  • Added error when cluster reset while using server flag (#​8385)
    • The user will receive a error when --cluster-reset with the --server flag
  • Update kube-router (#​8423)
    • Update kube-router to v2.0.0-rc7 to fix performance issues
  • Add SHA256 signatures of the install script (#​8312)
      • Add SHA256 signatures of the install script.
  • Add --image-service-endpoint flag (#​8279)
    • Add --image-service-endpoint flag to specify an external image service socket.
  • Don't ignore assets in home dir if system assets exist (#​8458)
  • Pass SystemdCgroup setting through to nvidia runtime options (#​8470)
    • Fixed issue that would cause pods using nvidia container runtime to be killed after a few seconds, when using newer versions of nvidia-container-toolkit.
  • Improve release docs - updated (#​8414)
  • Take IPFamily precedence based on order (#​8460)
  • Fix spellcheck problem (#​8507)
  • Network defaults are duplicated, remove one (#​8523)
  • Fix slemicro check for selinux (#​8526)
  • Update install.sh.sha256sum (#​8566)
  • System agent push tags fix (#​8568)
  • Fixed tailscale node IP dualstack mode in case of IPv4 only node (#​8524)
  • Server Token Rotation (#​8265)
    • Users can now rotate the server token using k3s token rotate -t <OLD_TOKEN> --new-token <NEW_TOKEN>. After command succeeds, all server nodes must be restarted with the new token.
  • E2E Domain Drone Cleanup (#​8579)
  • Bump containerd to v1.7.7-k3s1 (#​8604)
  • Bump busybox to v1.36.1 (#​8602)
  • Migrate to using custom resource to store etcd snapshot metadata (#​8064)
  • Switch build target from main.go to a package. (#​8342)
  • Use IPv6 in case is the first configured IP with dualstack (#​8581)
  • Bump traefik, golang.org/x/net, google.golang.org/grpc (#​8624)
  • Update kube-router package in build script (#​8630)
  • Add etcd-only/control-plane-only server test and fix control-plane-only server crash (#​8638)
  • Use version.Program not K3s in token rotate logs (#​8653)
  • [Windows Port (#​7259)
  • Fix CloudDualStackNodeIPs feature-gate inconsistency (#​8667)
  • Re-enable etcd endpoint auto-sync (#​8675)
  • Manually requeue configmap reconcile when no nodes have reconciled snapshots (#​8683)
  • Update to v1.28.3 and Go to v1.20.10 (#​8682)
  • Fix s3 snapshot restore (#​8729)

Embedded Component Versions

Component Version
Kubernetes v1.28.3
Kine v0.10.3
SQLite 3.42.0
Etcd v3.5.9-k3s1
Containerd v1.7.7-k3s1
Runc v1.1.8
Flannel v0.22.2
Metrics-server v0.6.3
Traefik v2.10.5
CoreDNS v1.10.1
Helm-controller v0.15.4
Local-path-provisioner v0.0.24

Helpful Links

As always, we welcome and appreciate feedback from our community of users. Please feel free to:

v1.28.3+k3s2: v1.28.3+k3s2

Compare Source

This release updates Kubernetes to v1.28.3, and fixes a number of issues.

For more details on what's new, see the Kubernetes release notes.

Changes since v1.28.3+k3s1:

  • Restore selinux context systemd unit file (#​8593)
  • Update channel to v1.27.7+k3s1 (#​8753)
  • Bump Sonobuoy version (#​8710)
  • Bump Trivy version (#​8739)
  • Fix: Access outer scope .SystemdCgroup (#​8761)
    • Fixed failing to start with nvidia-container-runtime
  • Upgrade traefik chart to v25.0.0 (#​8771)
  • Update traefik to fix registry value (#​8792)
  • Don't use iptables-save/iptables-restore if it will corrupt rules (#​8795)

Embedded Component Versions

Component Version
Kubernetes v1.28.3
Kine v0.10.3
SQLite 3.42.0
Etcd v3.5.9-k3s1
Containerd v1.7.7-k3s1
Runc v1.1.8
Flannel v0.22.2
Metrics-server v0.6.3
Traefik v2.10.5
CoreDNS v1.10.1
Helm-controller v0.15.4
Local-path-provisioner v0.0.24

Helpful Links

As always, we welcome and appreciate feedback from our community of users. Please feel free to:

Configuration

📅 Schedule: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined).

🚦 Automerge: Enabled.

Rebasing: Whenever MR becomes conflicted, or you tick the rebase/retry checkbox.

🔕 Ignore: Close this MR and you won't be reminded about this update again.

  • If you want to rebase/retry this MR, check this box

This MR has been generated by Renovate Bot.

Merge request reports