Skip to content

Release v1.0.11
Compare
Choose a tag to compare
@rancherio-gh-m rancherio-gh-m released this 16 Jul 23:31
· 535 commits to master since this release
v1.0.11
3a302d0
This commit was created on GitHub.com and signed with GitHub’s verified signature. The key has expired.
GPG key ID: 4AEE18F83AFDEB23
Expired
Learn about vigilant mode.

Release v1.0.11

Rancher Kubernetes Engine (RKE) is a CNCF-certified Kubernetes distribution that runs entirely within Docker containers. It works on bare-metal and virtualized servers. With RKE, the installation and operation of Kubernetes is both simplified and easily automated, and it’s entirely independent of the operating system and platform you’re running.

Enhancements

  • Introduced new Kubernetes images (v1.16.13-rancher1-1 and v1.17.9-rancher1-1) to address following CVEs:
  1. CVE-2020-8557 - Node disk DOS by writing to container /etc/hosts
  2. CVE-2020-8558 - Node setting allows for neighboring hosts to bypass localhost boundary
  3. CVE-2020-8559 - Privilege escalation from compromised node to cluster

Known Major Issues

  • In clusters where cloud_provider is configured, and either address or internal_address does not contain a valid IP address (e.g. hostname or FQDN), kube-proxy will fail to start. [#1725]

Kubernetes Versions

Each version of RKE has a specific list of supported Kubernetes versions. If you want to use a different version than listed below, you will need to update Kubernetes using the system images option in your cluster.yml.

Kubernetes version
v1.17.9-rancher1-1
v1.16.13-rancher1-1
v1.15.12-rancher2-3

New Images in v1.17.9-rancher1-1, 1.16.13-rancher1-1

Updated Hyperkube Image based on k8s versions

  • rancher/hyperkube:v1.17.9-rancher1
  • rancher/hyperkube:v1.16.13-rancher1
Assets 9
Loading