Skip to content

Releases: kubermatic/kubeone

v1.6.0-rc.3

23 Feb 18:19
@kubermatic-bot kubermatic-bot
v1.6.0-rc.3
This tag was signed with the committer’s verified signature.
xmudrii Marko Mudrinić
SSH Key Fingerprint: iAbMxOsFU75aNCTDnrphBxbYFUFBqDOE6rHOStTuLN8 Learn about vigilant mode.
1d8ef56
This commit was created on GitHub.com and signed with GitHub’s verified signature. The key has expired.
GPG key ID: 4AEE18F83AFDEB23
Expired
Learn about vigilant mode.
Compare
Choose a tag to compare
v1.6.0-rc.3 Pre-release
Pre-release

This is the second release candidate for the upcoming KubeOne 1.6 minor release. For more information about changes in this minor release, please read the v1.6.0 changelog.

Assets 7
Loading

v1.6.0-rc.1

20 Feb 16:59
@kubermatic-bot kubermatic-bot
v1.6.0-rc.1
This tag was signed with the committer’s verified signature.
xmudrii Marko Mudrinić
SSH Key Fingerprint: iAbMxOsFU75aNCTDnrphBxbYFUFBqDOE6rHOStTuLN8 Learn about vigilant mode.
697ab56
This commit was created on GitHub.com and signed with GitHub’s verified signature. The key has expired.
GPG key ID: 4AEE18F83AFDEB23
Expired
Learn about vigilant mode.
Compare
Choose a tag to compare
v1.6.0-rc.1 Pre-release
Pre-release

This is the first release candidate for the upcoming KubeOne 1.6 minor release. For more information about changes in this minor release, please read the v1.6.0 changelog.

Assets 7
Loading

v1.5.6

27 Jan 13:05
@kubermatic-bot kubermatic-bot
v1.5.6
This tag was signed with the committer’s verified signature.
xmudrii Marko Mudrinić
GPG key ID: F15730C52ACE0E9D
Learn about vigilant mode.
3569071
This commit was created on GitHub.com and signed with GitHub’s verified signature. The key has expired.
GPG key ID: 4AEE18F83AFDEB23
Expired
Learn about vigilant mode.
Compare
Choose a tag to compare
v1.5.6

Changelog since v1.5.5

Changes by Kind

Feature

  • Update kubernetes-cni to v1.2.0 and cri-tools to v1.26.0. This fixes an issue with installing/updating packages when trying to install Kubernetes v1.26.1, v1.25.6, v1.24.10, and v1.23.16 (#2608, @xmudrii)

Checksums

SHA256 checksums can be found in the kubeone_1.5.6_checksums.txt file.

Assets 7
Loading

v1.5.5

17 Jan 10:34
@kubermatic-bot kubermatic-bot
v1.5.5
This tag was signed with the committer’s verified signature.
xmudrii Marko Mudrinić
GPG key ID: F15730C52ACE0E9D
Learn about vigilant mode.
99303c6
This commit was created on GitHub.com and signed with GitHub’s verified signature. The key has expired.
GPG key ID: 4AEE18F83AFDEB23
Expired
Learn about vigilant mode.
Compare
Choose a tag to compare
v1.5.5

Changelog since v1.5.4

Changes by Kind

Feature

  • Update Terraform provider for VMware Cloud Director to v3.8.1 (#2584, @ahmedwaleedmalik)
  • Add support for insecure HTTPS connection to the VMware Cloud Director API in example Terraform configs (#2584, @ahmedwaleedmalik)

Bug or Regression

  • Fix AMI filter for CentOS 7 in Terraform configs for AWS (#2559, @xmudrii)
  • Fix an issue where custom CA bundle was not being propagated to machine-controller-webhook (#2587, @kubermatic-bot)
  • Remove the leftover /tmp/k1-etc-environment file. This fixes an issue with kubeone apply failing if the username is changed (#2563, @kubermatic-bot)
  • Run kubeadm with increased verbosity unconditionally. This only changes the behavior if KubeOne is run without the verbose flag but kubeadm fails, in which case kubeadm is going to print more information about the issue (#2565, @kubermatic-bot)

Checksums

SHA256 checksums can be found in the kubeone_1.5.5_checksums.txt file.

Assets 7
Loading

v1.4.13

17 Jan 10:22
@kubermatic-bot kubermatic-bot
v1.4.13
This tag was signed with the committer’s verified signature.
xmudrii Marko Mudrinić
GPG key ID: F15730C52ACE0E9D
Learn about vigilant mode.
9511606
This commit was created on GitHub.com and signed with GitHub’s verified signature. The key has expired.
GPG key ID: 4AEE18F83AFDEB23
Expired
Learn about vigilant mode.
Compare
Choose a tag to compare
v1.4.13

Changelog since v1.4.12

Changes by Kind

Bug or Regression

  • Fix an issue where custom CA bundle was not being propagated to machine-controller-webhook (#2589, @kubermatic-bot)
  • Remove the leftover /tmp/k1-etc-environment file. This fixes an issue with kubeone apply failing if the username is changed (#2564, @kubermatic-bot)
  • Run kubeadm with increased verbosity unconditionally. This only changes the behavior if KubeOne is run without the verbose flag but kubeadm fails, in which case kubeadm is going to print more information about the issue (#2566, @kubermatic-bot)

Checksums

SHA256 checksums can be found in the kubeone_1.4.13_checksums.txt file.

Assets 7
Loading

v1.5.4

12 Dec 09:44
@kubermatic-bot kubermatic-bot
v1.5.4
d814bd9
This commit was created on GitHub.com and signed with GitHub’s verified signature. The key has expired.
GPG key ID: 4AEE18F83AFDEB23
Expired
Learn about vigilant mode.
Compare
Choose a tag to compare
v1.5.4

Important Registry Change Information

In November, we announced that we are changing all image references from k8s.gcr.io to registry.k8s.io to keep up with the latest upstream changes. This patch release includes this change. Please ensure that any mirrors you use are able to host registry.k8s.io and/or that firewall rules are going to allow access to registry.k8s.io to pull images before upgrading to this KubeOne patch release.

The December Kubernetes patch releases (1.25.5, 1.24.9, 1.23.15, and 1.22.17) are enforcing registry.k8s.io by default. Please keep this in mind if you're using an older KubeOne patch release with the latest Kubernetes patch releases. We strongly advise that you use KubeOne v1.5.4 or newer with the latest Kubernetes patch releases.

Changelog since v1.5.3

Changes by Kind

API Change

  • Image references are changed from k8s.gcr.io to registry.k8s.io. This is done to keep up with the latest upstream changes. Please ensure that any mirrors you use are able to host registry.k8s.io and/or that firewall rules are going to allow access to registry.k8s.io to pull images before applying the next KubeOne patch releases. (#2505, @xmudrii)

Feature

Bug or Regression

Assets 7
Loading

v1.4.12

12 Dec 09:47
@kubermatic-bot kubermatic-bot
v1.4.12
79f00f7
This commit was created on GitHub.com and signed with GitHub’s verified signature. The key has expired.
GPG key ID: 4AEE18F83AFDEB23
Expired
Learn about vigilant mode.
Compare
Choose a tag to compare
v1.4.12

Important Registry Change Information

In November, we announced that we are changing all image references from k8s.gcr.io to registry.k8s.io to keep up with the latest upstream changes. This patch release includes this change. Please ensure that any mirrors you use are able to host registry.k8s.io and/or that firewall rules are going to allow access to registry.k8s.io to pull images before upgrading to this KubeOne patch release.

The December Kubernetes patch releases (1.25.5, 1.24.9, 1.23.15, and 1.22.17) are enforcing registry.k8s.io by default. Please keep this in mind if you're using an older KubeOne patch release with the latest Kubernetes patch releases. We strongly advise that you use KubeOne v1.5.4 or newer with the latest Kubernetes patch releases.

Changelog since v1.4.11

Changes by Kind

API Change

  • Image references are changed from k8s.gcr.io to registry.k8s.io. This is done to keep up with the latest upstream changes. Please ensure that any mirrors you use are able to host registry.k8s.io and/or that firewall rules are going to allow access to registry.k8s.io to pull images before applying the next KubeOne patch releases. (#2508, @xmudrii)

Feature

Bug or Regression

  • Fix a panic (NPE) when determining if it is safe to repair a cluster when there's no kubelet or kubelet systemd unit on the node (#2496, @kubermatic-bot)
  • Use the pause image from registry.k8s.io for all Kubernetes releases (#2530, @xmudrii)
Assets 7
Loading

v1.5.3

11 Nov 15:23
@kubermatic-bot kubermatic-bot
v1.5.3
This tag was signed with the committer’s verified signature.
xmudrii Marko Mudrinić
GPG key ID: F15730C52ACE0E9D
Learn about vigilant mode.
47ecb11
This commit was created on GitHub.com and signed with GitHub’s verified signature. The key has expired.
GPG key ID: 4AEE18F83AFDEB23
Expired
Learn about vigilant mode.
Compare
Choose a tag to compare
v1.5.3

Important Registry Change Information

For the next series of KubeOne and KKP patch releases, image references will move from k8s.gcr.io to registry.k8s.io. This will be done to keep up with the latest upstream changes. Please ensure that any mirrors you use are able to host registry.k8s.io and/or that firewall rules are going to allow access to registry.k8s.io to pull images before applying the next KubeOne patch releases. This is not included in this patch release but just a notification of future changes.

Important Security Information

Kubernetes releases prior to 1.25.4, 1.24.8, 1.23.14, and 1.22.16 are affected by two Medium CVEs in kube-apiserver: CVE-2022-3162 (Unauthorized read of Custom Resources) and CVE-2022-3294 (Node address isn't always verified when proxying). We strongly recommend upgrading to 1.25.4, 1.24.8, 1.23.14, or 1.22.16 as soon as possible.

Changelog since v1.5.2

Changes by Kind

API Change

  • .cloudProvider.csiConfig is now a mandatory field for vSphere clusters using the external cloud provider (.cloudProvider.external: true). .cloudProvider.csiConfig can be specified even if the in-tree provider is used, but the provided CSIConfig is ignored in such cases (a warning about this is printed) (#2447, @kubermatic-bot)

Feature

  • Add allow_insecure variable (default false) to Terraform configs for vSphere. The value of this variable is propagated to the MachineDeployment template in output.tf (#2449, @xmudrii)
  • Add a new addon parameter called HubbleIPv6 (true/false, default: true) for Cilium CNI used to enable/disable Hubble UI listening on an IPv6 interface (#2451, @kubermatic-bot)
  • Update OpenStack CCM and CSI to v1.24.5 and v1.22.2 (#2445, @xmudrii)
  • Update etcd to 3.5.5 or use the version provided by kubeadm if it's newer (#2443, @kubermatic-bot)

Other (Cleanup or Flake)

  • Expose machine-controller metrics port (8080/TCP), so Prometheus ServiceMonitor can be used for scraping (#2439, @kubermatic-bot)
  • Make volume size for worker nodes configurable in Terraform configs for AWS (50 GB by default) (#2450, @xmudrii)

Chore

  • Rename generate-internal-groups Make target to update-codegen (#2450, @xmudrii)
  • KubeOne is now built using Go 1.19.3 (#2462, @xmudrii)
  • The kubeone-e2e image is moved from Docker Hub to Quay (quay.io/kubermatic/kubeone-e2e) (#2464, @xmudrii)

Checksums

SHA256 checksums can be found in the kubeone_1.5.3_checksums.txt file.

Assets 7
Loading

v1.4.11

11 Nov 15:10
@kubermatic-bot kubermatic-bot
v1.4.11
This tag was signed with the committer’s verified signature.
xmudrii Marko Mudrinić
GPG key ID: F15730C52ACE0E9D
Learn about vigilant mode.
066988a
This commit was created on GitHub.com and signed with GitHub’s verified signature. The key has expired.
GPG key ID: 4AEE18F83AFDEB23
Expired
Learn about vigilant mode.
Compare
Choose a tag to compare
v1.4.11

Important Registry Change Information

For the next series of KubeOne and KKP patch releases, image references will move from k8s.gcr.io to registry.k8s.io. This will be done to keep up with the latest upstream changes. Please ensure that any mirrors you use are able to host registry.k8s.io and/or that firewall rules are going to allow access to registry.k8s.io to pull images before applying the next KubeOne patch releases. This is not included in this patch release but just a notification of future changes.

Important Security Information

Kubernetes releases prior to 1.25.4, 1.24.8, 1.23.14, and 1.22.16 are affected by two Medium CVEs in kube-apiserver: CVE-2022-3162 (Unauthorized read of Custom Resources) and CVE-2022-3294 (Node address isn't always verified when proxying). We strongly recommend upgrading to 1.25.4, 1.24.8, 1.23.14, or 1.22.16 as soon as possible.

Changelog since v1.4.10

Changes by Kind

Feature

  • Update etcd to 3.5.5 for Kubernetes 1.22+ clusters or use the version provided by kubeadm if it's newer (#2444, @xmudrii)

Other (Cleanup or Flake)

  • Expose machine-controller metrics port (8080/TCP), so Prometheus ServiceMonitor can be used for scraping (#2440, @kubermatic-bot)

Chore

  • KubeOne is now built using Go 1.18.8 (#2465, @xmudrii)
  • The kubeone-e2e image is moved from Docker Hub to Quay (quay.io/kubermatic/kubeone-e2e) (#2465, @xmudrii)

Checksums

SHA256 checksums can be found in the kubeone_1.4.11_checksums.txt file.

Assets 7
Loading

v1.5.2

20 Oct 16:06
@kubermatic-bot kubermatic-bot
v1.5.2
This tag was signed with the committer’s verified signature.
xmudrii Marko Mudrinić
GPG key ID: F15730C52ACE0E9D
Learn about vigilant mode.
9135e47
This commit was created on GitHub.com and signed with GitHub’s verified signature. The key has expired.
GPG key ID: 4AEE18F83AFDEB23
Expired
Learn about vigilant mode.
Compare
Choose a tag to compare
v1.5.2

Changes by Kind

Feature

Updates

Checksums

SHA256 checksums can be found in the kubeone_1.5.2_checksums.txt file.

Assets 7
Loading