Skip to content

v1.27.2+k3s1
Compare
Choose a tag to compare
@briandowns briandowns released this 26 May 22:13
· 424 commits to master since this release
v1.27.2+k3s1
213d7ad
This commit was created on GitHub.com and signed with GitHub’s verified signature. The key has expired.
GPG key ID: 4AEE18F83AFDEB23
Expired
Learn about vigilant mode.

This release updates Kubernetes to v1.27.2, and fixes a number of issues.

For more details on what's new, see the Kubernetes release notes.

Changes since v1.27.1+k3s1:

  • Ensure that klog verbosity is set to the same level as logrus (#7303)
  • Create CRDs with schema (#7308)
    • Fixed an issue where Addon, HelmChart, and HelmChartConfig CRDs were created without structural schema, allowing the creation of custom resources of these types with invalid content.
  • Bump k3s-root for aarch64 page size fix (#7364)
    • K3s once again supports aarch64 nodes with page size > 4k
  • Bump Runc and Containerd (#7339)
  • Add integration tests for etc-snapshot server flags and refactor /tests/integration/integration.go/K3sStartServer (#7300)
  • Bump traefik to v2.9.10 / chart 21.2.0 (#7324)
    • The packaged Traefik version has been bumped to v2.9.10 / chart 21.2.0
  • Add longhorn storage test (#6445)
  • Improve error message when CLI wrapper Exec fails (#7373)
    • K3s now prints a more meaningful error when attempting to run from a filesystem mounted noexec.
  • Fix issues with --disable-agent and --egress-selector-mode=pod|cluster (#7331)
    • Servers started with the (experimental) --disable-agent flag no longer attempt to run the tunnel authorizer agent component.
    • Fixed an regression that prevented the pod and cluster egress-selector modes from working properly.
  • Retry cluster join on "too many learners" error (#7351)
    • K3s now retries the cluster join operation when receiving a "too many learners" error from etcd. This most frequently occurred when attempting to add multiple servers at the same time.
  • Fix MemberList error handling and incorrect etcd-arg passthrough (#7371)
    • K3s now correctly passes through etcd-args to the temporary etcd that is used to extract cluster bootstrap data when restarting managed etcd nodes.
    • K3s now properly handles errors obtaining the current etcd cluster member list when a new server is joining the managed etcd cluster.
  • Bump Trivy version (#7383)
  • Handle multiple arguments with StringSlice flags (#7380)
  • Add v1.27 channel (#7387)
  • Enable FindString to search dotD config files (#7323)
  • Migrate netutil methods into /util/net.go (#7422)
  • Local-storage: Fix permission (#7217)
  • Bump cni plugins to v1.2.0-k3s1 (#7425)
    • The bundled CNI plugins have been upgraded to v1.2.0-k3s1. The bandwidth and firewall plugins are now included in the bundle.
  • Add dependabot label and reviewer (#7423)
  • E2E: Startup test cleanup + RunCommand Enhancement (#7388)
  • Fail to validate server tokens that use bootstrap id/secret format (#7389)
    • K3s now exits with a proper error message when the server token uses a bootstrap token id.secret format.
  • Fix token startup test (#7442)
  • Bump kine to v0.10.1 (#7414)
    • The embedded kine version has been bumped to v0.10.1. This replaces the legacy lib/pq postgres driver with pgx.
  • Add kube-* server flags integration tests (#7416)
  • Add support for -cover + integration test code coverage (#7415)
  • Bump kube-router version to fix a bug when a port name is used (#7454)
  • Consistently use constant-time comparison of password hashes instead of bare password strings (#7455)
  • Bump containerd to v1.7.0 and move back into multicall binary (#7418)
    • The embedded containerd version has been bumped to v1.7.0-k3s1, and has been reintegrated into the main k3s binary for a significant savings in release artifact size.
  • Adding PITS and Getdeck Beiboot as adopters thanks to Schille and Miw… (#7524)
  • Bump helm-controller version for repo auth/ca support (#7525)
    • The embedded Helm controller now supports authenticating to chart repositories via credentials stored in a Secret, as well as passing repo CAs via ConfigMap.
  • Bump containerd/runc to v1.7.1-k3s1/v1.1.7 (#7533)
    • The bundled containerd and runc versions have been bumped to v1.7.1-k3s1/v1.1.7
  • Wrap error stating that it is coming from netpol (#7539)
  • Add Rotation certification Check, remove func to restart agents (#7097)
  • Bump alpine from 3.17 to 3.18 in /package (#7550)
  • Bump alpine from 3.17 to 3.18 in /conformance (#7551)
  • Add '-all' flag to apply to inactive systemd units (#7567)
  • Update to v1.27.2-k3s1 (#7575)
  • Fix iptables rules clean during upgrade (#7591)
  • Pin emicklei/go-restful to v3.9.0 (#7597)
  • Add el9 selinux rpm (#7443)
  • Revert "Add el9 selinux rpm (#7443)" (#7608)

Embedded Component Versions

Component Version
Kubernetes v1.27.2
Kine v0.10.1
SQLite 3.39.2
Etcd v3.5.7-k3s1
Containerd v1.7.1-k3s1
Runc v1.1.7
Flannel v0.21.4
Metrics-server v0.6.2
Traefik v2.9.10
CoreDNS v1.10.1
Helm-controller v0.14.0
Local-path-provisioner v0.0.24

Helpful Links

As always, we welcome and appreciate feedback from our community of users. Please feel free to:

Assets 23