flux2-gitops
flux2-gitops copied to clipboard
chore(deps): update dependency k3s-io/k3s to v1.29.4+k3s1
This PR contains the following updates:
Package | Update | Change |
---|---|---|
k3s-io/k3s | minor | v1.28.9+k3s1 -> v1.29.4+k3s1 |
Release Notes
k3s-io/k3s (k3s-io/k3s)
v1.29.4+k3s1
: v1.29.4+k3s1
This release updates Kubernetes to v1.29.4, and fixes a number of issues.
For more details on what's new, see the Kubernetes release notes.
Changes since v1.29.3+k3s1:
- Send error response if member list cannot be retrieved (#9722)
- Respect cloud-provider fields set by kubelet (#9721)
- The k3s stub cloud provider now respects the kubelet's requested provider-id, instance type, and topology labels
- Fix error when image has already been pulled (#9770)
- Add a new error when kine is with disable apiserver or disable etcd (#9766)
- Bump k3s-root to v0.13.0 (#9718)
- Use ubuntu latest for better golang caching keys (#9711)
- Bump Trivy version (#9780)
- Move to ubuntu 23.10 for E2E tests (#9755)
- Update channel server (#9808)
- Add /etc/passwd and /etc/group to k3s docker image (#9784)
- Fix etcd snapshot reconcile for agentless servers (#9809)
- Add health-check support to loadbalancer (#9757)
- Add tls for kine (#9572)
- Kine is now able to use TLS
- Transition from deprecated pointer library to ptr (#9801)
- Remove old pinned dependencies (#9806)
- Several E2E Matrix improvments (#9802)
- Add certificate expiry check, events, and metrics (#9772)
- Add updatecli policy to update k3s-root (#9844)
- Bump Trivy version (#9840)
- Add workaround for containerd hosts.toml bug when passing config for default registry endpoint (#9853)
- Fix: agent volume in example docker compose (#9838)
- Bump spegel to v0.0.20-k3s1 (#9863)
- Add supervisor cert/key to rotate list (#9832)
- Add quotes to avoid useless updatecli updates (#9877)
- Bump containerd and cri-dockerd (#9886)
- The embedded containerd has been bumped to v1.7.15
- The embedded cri-dockerd has been bumped to v0.3.12
- Move etcd snapshot management CLI to request/response (#9816)
- The
k3s etcd-snapshot
command has been reworked for improved consistency. All snapshots operations are now performed by the server process, with the CLI acting as a client to initiate and report results. As a side effect, the CLI is now less noisy when managing snapshots.
- The
- Improve etcd load-balancer startup behavior (#9883)
- Actually fix agent certificate rotation (#9902)
- Bump latest to v1.29.3+k3s1 (#9909)
- Update packaged manifests (#9920)
- Traefik has been bumped to v2.10.7.
- Traefik pod annotations are now set properly in the default chart values.
- The system-default-registry value now supports RFC2732 IPv6 literals.
- The local-path provisioner now defaults to creating
local
volumes, instead ofhostPath
.
- Allow Local path provisioner to read helper logs (#9835)
- Update kube-router to v2.1.0 (#9926)
- Match setup-go caching key in GitHub Actions (#9890)
- Add startup testlet on preloaded images (#9941)
- Update to v1.29.4-k3s1 and Go 1.21.9 (#9960)
- Fix on-demand snapshots timing out; not honoring folder (#9984)
- Make
/db/info
available anonymously from localhost (#10001)
Embedded Component Versions
Component | Version |
---|---|
Kubernetes | v1.29.4 |
Kine | v0.11.7 |
SQLite | 3.44.0 |
Etcd | v3.5.9-k3s1 |
Containerd | v1.7.15-k3s1 |
Runc | v1.1.12 |
Flannel | v0.24.2 |
Metrics-server | v0.7.0 |
Traefik | v2.10.7 |
CoreDNS | v1.10.1 |
Helm-controller | v0.15.9 |
Local-path-provisioner | v0.0.26 |
Helpful Links
As always, we welcome and appreciate feedback from our community of users. Please feel free to:
- Open issues here
- Join our Slack channel
- Check out our documentation for guidance on how to get started or to dive deep into K3s.
- Read how you can contribute here
v1.29.3+k3s1
: v1.29.3+k3s1
This release updates Kubernetes to v1.29.3, and fixes a number of issues.
For more details on what's new, see the Kubernetes release notes.
Changes since v1.29.2+k3s1:
- Testing ADR (#9562)
- Unit Testing Matrix and Actions bump (#9479)
- Update install test OS matrix (#9480)
- Update klipper-lb image version (#9488)
- Add an integration test for flannel-backend=none (#9582)
- Better GitHub CI caching strategy for golang (#9495)
- Correct formatting of GH PR sha256sum artifact (#9472)
- Rootless mode also bind service nodePort to host for LoadBalancer type (#9512)
- Rootless mode should also bind service nodePort to host for LoadBalancer type, matching UX of rootful mode.
- Fix coredns NodeHosts on dual-stack clusters (#9584)
- Tweak netpol node wait logs (#9581)
- Fix issue with etcd node name missing hostname (#9522)
- Bump helm-controller/klipper-helm versions (#9595)
- Update stable channel to v1.28.7+k3s1 (#9615)
- Reenable Install and Snapshotter Testing (#9601)
- Move docker tests into tests folder (#9555)
- Fix setup-go typo (#9634)
- Fix additional corner cases in registries handling (#9556)
- Fix snapshot prune (#9502)
- Use and version flannel/cni-plugin properly (#9635)
- The embedded flannel cni-plugin binary is now built and versioned separate from the rest of the cni plugins and the embedded flannel controller.
- Bump spegel (#9599)
- Bump spegel to v0.0.18-k3s3
- Adds wildcard registry support
- Fixes issue with excessive CPU utilization while waiting for containerd to start
- Add env var to allow spegel mirroring of latest tag
- Chore(deps): Remediating CVEs found by trivy; CVE-2023-45142 on otelrestful and CVE-2023-48795 on golang.org/x/crypto (#9513)
- Fix: use correct wasm shims names (#9519)
- Fix wildcard with embbeded registry test (#9649)
- Disable color outputs using
NO_COLOR
env var (#9357)- To enable raw output for the
check-config
subcommand, you may now set NO_COLOR=1
- To enable raw output for the
- Improve tailscale e2e test (#9586)
- Adjust first node-ip based on configured clusterCIDR (#9520)
- Bump Trivy version (#9528)
- Include flannel version in flannel cni plugin version (#9648)
- The flannel controller version is now reported as build metadata on the flannel cni plugin version.
- Enable E2E tests on GitHub Actions (#9660)
- Bump metrics-server to v0.7.0 (#9673)
- Bump upload and download actions to v4 (#9666)
- Warn and suppress duplicate registry mirror endpoints (#9697)
- K3s will now warn and suppress duplicate entries in the mirror endpoint list for a registry. Containerd does not support listing the same endpoint multiple times as a mirror for a single upstream registry.
- Remove repetitive words (#9671)
- Run Subset of Docker tests in GitHub Actions (#9698)
- Fix wildcard entry upstream fallback (#9729)
- Update to v1.29.3-k3s1 and Go 1.21.8 (#9747)
Embedded Component Versions
Component | Version |
---|---|
Kubernetes | v1.29.3 |
Kine | v0.11.4 |
SQLite | 3.44.0 |
Etcd | v3.5.9-k3s1 |
Containerd | v1.7.11-k3s2 |
Runc | v1.1.12-k3s1 |
Flannel | v0.24.2 |
Metrics-server | v0.7.0 |
Traefik | v2.10.5 |
CoreDNS | v1.10.1 |
Helm-controller | v0.15.9 |
Local-path-provisioner | v0.0.26 |
Helpful Links
As always, we welcome and appreciate feedback from our community of users. Please feel free to:
- Open issues here
- Join our Slack channel
- Check out our documentation for guidance on how to get started or to dive deep into K3s.
- Read how you can contribute here
v1.29.2+k3s1
: v1.29.2+k3s1
This release updates Kubernetes to v1.29.2, and fixes a number of issues.
For more details on what's new, see the Kubernetes release notes.
Changes since v1.29.1+k3s2:
- Bump Local Path Provisioner version (#8953)
- Add ability to install K3s PR Artifact from GitHub (#9185)
- Adds
INSTALL_K3S_PR
option to install a build of K3s from any open PR with CI approval
- Adds
- Bump Trivy version (#9237)
- Bump codecov/codecov-action from 3 to 4 (#9353)
- Update stable channel (#9388)
- Fix snapshot reconcile retry (#9318)
- Add check for etcd-snapshot-dir and fix panic in Walk (#9317)
- Bump CNI plugins to v1.4.0 (#9249)
- Fix issue with coredns node hosts controller (#9354)
- Fixed issue that could cause coredns pods to fail to start when the embedded helm controller is disabled, due to the configmap not being updated with node hosts entries.
- Fix on-demand snapshots on ipv6-only nodes (#9247)
- Bump flannel version (#9395)
- Bumped flannel to v0.24.2
- Build: Align drone base images (#8959)
- Changed how lastHeartBeatTime works in the etcd condition (#9263)
- Runtimes refactor using exec.LookPath (#9311)
- Directories containing runtimes need to be included in the $PATH environment variable for effective runtime detection.
- Bump cri-dockerd to fix compat with Docker Engine 25 (#9290)
- Add codcov secret for integration tests on Push (#9422)
- Allow executors to define
containerd
andcridockerd
behavior (#9184) - Update Kube-router to v2.0.1 (#9396)
- : Test_UnitApplyContainerdQoSClassConfigFileIfPresent (Created) (#8945)
- Readd
k3s secrets-encrypt rotate-keys
with correct support for KMSv2 GA (#9340) - Fix iptables check when sbin isn't in user PATH (#9344)
- Don't create NodePasswordValidationFailed event if agent is disabled (#9312)
- The
NodePasswordValidationFailed
Events will no longer be emitted, if the agent is disabled.
- The
- Expose rootless state dir under ~/.rancher/k3s/rootless (#9308)
- When running k3s in rootless mode, expose rootlesskit's state directory as
~/.rancher/k3s/rootless
- When running k3s in rootless mode, expose rootlesskit's state directory as
- Expose rootless containerd socket directories for external access (#9309)
- Mount k3s rootless containerd & cri-dockerd socket directories to
$XDG_RUNTIME_DIR/k3s/containerd
and$XDG_RUNTIME_DIR/k3s/cri-dockerd
respectively.
- Mount k3s rootless containerd & cri-dockerd socket directories to
- Bump kine and set NotifyInterval to what the apiserver expects (#9349)
- Update Kubernetes to v1.29.2 (#9493)
- Fix drone publish for arm (#9503)
- Remove failing Drone step (#9517)
- Restore original order of agent startup functions (#9539)
- Fix netpol startup when flannel is disabled (#9571)
Embedded Component Versions
Component | Version |
---|---|
Kubernetes | v1.29.2 |
Kine | v0.11.4 |
SQLite | 3.44.0 |
Etcd | v3.5.9-k3s1 |
Containerd | v1.7.11-k3s2 |
Runc | v1.1.12-k3s1 |
Flannel | v0.24.2 |
Metrics-server | v0.6.3 |
Traefik | v2.10.5 |
CoreDNS | v1.10.1 |
Helm-controller | v0.15.8 |
Local-path-provisioner | v0.0.26 |
Helpful Links
As always, we welcome and appreciate feedback from our community of users. Please feel free to:
- Open issues here
- Join our Slack channel
- Check out our documentation for guidance on how to get started or to dive deep into K3s.
- Read how you can contribute here
v1.29.1+k3s1
: v1.29.1+k3s1
This release updates Kubernetes to v1.29.1, and fixes a number of issues.
For more details on what's new, see the Kubernetes release notes.
Changes since v1.29.0+k3s1:
- Bump Sonobuoy version (#8910)
- Bump actions/setup-go from 4 to 5 (#9036)
- Chore: Update Code of Conduct to Redirect to CNCF CoC (#9104)
- NONE
- Update stable channel to v1.28.5+k3s1 and add v1.29 channel (#9110)
- Added support for env *_PROXY variables for agent loadbalancer (#9070)
- HTTP_PROXY, HTTPS_PROXY and NO_PROXY environment variables are now taken into account by the agent loadbalancer if K3S_AGENT_HTTP_PROXY_ALLOWED env variable is set to true.
- This however doesn't affect local requests as the function used prevents that: https://pkg.go.dev/net/http#ProxyFromEnvironment.
- Add a retry around updating a secrets-encrypt node annotations (#9039)
- Silence SELinux warning on INSTALL_K3S_SKIP_SELINUX_RPM (#8703)
- Add ServiceLB support for PodHostIPs FeatureGate (#8917)
- Added support for env *_PROXY variables for agent loadbalancer (#9118)
- Redirect error stream to null when checking nm-cloud systemd unit (#8815)
- Remove confusing "nm-cloud-setup.service: No such file or directory" journalctl log
- Dockerfile.dapper: set $HOME properly (#9090)
- Add system-agent-installer-k3s step to GA release instructions (#9153)
- Fix install script checksum (#9159)
- Fix the OTHER etcd snapshot s3 log message that prints the wrong variable (#8944)
- Handle logging flags when parsing kube-proxy args (#8916)
- Fix nil map in full snapshot configmap reconcile (#9049)
- Add support for containerd cri registry config_path (#8973)
- Add more paths to crun runtime detection (#9086)
- Add runtime checking of golang version (#9054)
- Fix OS PRETTY_NAME on tagged releases (#9062)
- Print error when downloading file error inside install script (#6874)
- Wait for cloud-provider taint to be gone before starting the netpol controller (#9076)
- Bump Trivy version (#8812)
- Use
ipFamilyPolicy: RequireDualStack
for dual-stack kube-dns (#8984) - Handle etcd status condition when node is not ready and disable etcd (#9084)
- Update s3 e2e test (#9025)
- Add e2e startup test for rootless k3s (#8383)
- Add spegel distributed registry mirror (#8977)
- Bump quic-go for CVE-2023-49295 (#9208)
- Enable network policy controller metrics (#9195)
- Kube-router network policy controller metrics are now exposed via the default node metrics endpoint
- Fix nonexistent dependency repositories (#9213)
- Move proxy dialer out of init() and fix crash when using
K3S_AGENT_HTTP_PROXY_ALLOWED=true
(#9219) - Error getting node in setEtcdStatusCondition (#9210)
- Update to v1.29.1 and Go 1.21.6 (#9259)
Embedded Component Versions
Component | Version |
---|---|
Kubernetes | v1.29.1 |
Kine | v0.11.0 |
SQLite | 3.42.0 |
Etcd | v3.5.9-k3s1 |
Containerd | v1.7.11-k3s2 |
Runc | v1.1.10 |
Flannel | v0.24.0 |
Metrics-server | v0.6.3 |
Traefik | v2.10.5 |
CoreDNS | v1.10.1 |
Helm-controller | v0.15.4 |
Local-path-provisioner | v0.0.24 |
Helpful Links
As always, we welcome and appreciate feedback from our community of users. Please feel free to:
- Open issues here
- Join our Slack channel
- Check out our documentation for guidance on how to get started or to dive deep into K3s.
- Read how you can contribute here
v1.29.1+k3s2
: v1.29.1+k3s2
This release updates Kubernetes to v1.29.1, and fixes a number of issues.
For more details on what's new, see the Kubernetes release notes.
Changes since v1.29.0+k3s1:
- Bump Sonobuoy version (#8910)
- Bump actions/setup-go from 4 to 5 (#9036)
- Chore: Update Code of Conduct to Redirect to CNCF CoC (#9104)
- NONE
- Update stable channel to v1.28.5+k3s1 and add v1.29 channel (#9110)
- Added support for env *_PROXY variables for agent loadbalancer (#9070)
- HTTP_PROXY, HTTPS_PROXY and NO_PROXY environment variables are now taken into account by the agent loadbalancer if K3S_AGENT_HTTP_PROXY_ALLOWED env variable is set to true.
- This however doesn't affect local requests as the function used prevents that: https://pkg.go.dev/net/http#ProxyFromEnvironment.
- Add a retry around updating a secrets-encrypt node annotations (#9039)
- Silence SELinux warning on INSTALL_K3S_SKIP_SELINUX_RPM (#8703)
- Add ServiceLB support for PodHostIPs FeatureGate (#8917)
- Added support for env *_PROXY variables for agent loadbalancer (#9118)
- Redirect error stream to null when checking nm-cloud systemd unit (#8815)
- Remove confusing "nm-cloud-setup.service: No such file or directory" journalctl log
- Dockerfile.dapper: set $HOME properly (#9090)
- Add system-agent-installer-k3s step to GA release instructions (#9153)
- Fix install script checksum (#9159)
- Fix the OTHER etcd snapshot s3 log message that prints the wrong variable (#8944)
- Handle logging flags when parsing kube-proxy args (#8916)
- Fix nil map in full snapshot configmap reconcile (#9049)
- Add support for containerd cri registry config_path (#8973)
- Add more paths to crun runtime detection (#9086)
- Add runtime checking of golang version (#9054)
- Fix OS PRETTY_NAME on tagged releases (#9062)
- Print error when downloading file error inside install script (#6874)
- Wait for cloud-provider taint to be gone before starting the netpol controller (#9076)
- Bump Trivy version (#8812)
- Use
ipFamilyPolicy: RequireDualStack
for dual-stack kube-dns (#8984) - Handle etcd status condition when node is not ready and disable etcd (#9084)
- Update s3 e2e test (#9025)
- Add e2e startup test for rootless k3s (#8383)
- Add spegel distributed registry mirror (#8977)
- Bump quic-go for CVE-2023-49295 (#9208)
- Enable network policy controller metrics (#9195)
- Kube-router network policy controller metrics are now exposed via the default node metrics endpoint
- Fix nonexistent dependency repositories (#9213)
- Move proxy dialer out of init() and fix crash when using
K3S_AGENT_HTTP_PROXY_ALLOWED=true
(#9219) - Error getting node in setEtcdStatusCondition (#9210)
- Update to v1.29.1 and Go 1.21.6 (#9259)
- New stale action (#9278)
- Fix handling of bare hostname or IP as endpoint address in registries.yaml (#9323)
- Bump runc to v1.1.12 and helm-controller to v0.15.7 (#9332)
- Bump helm-controller to fix issue with ChartContent (#9345)
Embedded Component Versions
Component | Version |
---|---|
Kubernetes | v1.29.1 |
Kine | v0.11.0 |
SQLite | 3.42.0 |
Etcd | v3.5.9-k3s1 |
Containerd | v1.7.11-k3s2 |
Runc | v1.1.12-k3s1 |
Flannel | v0.24.0 |
Metrics-server | v0.6.3 |
Traefik | v2.10.5 |
CoreDNS | v1.10.1 |
Helm-controller | v0.15.8 |
Local-path-provisioner | v0.0.24 |
Helpful Links
As always, we welcome and appreciate feedback from our community of users. Please feel free to:
- Open issues here
- Join our Slack channel
- Check out our documentation for guidance on how to get started or to dive deep into K3s.
- Read how you can contribute here
v1.29.0+k3s1
: v1.29.0+k3s1
This release is K3S's first in the v1.29 line. This release updates Kubernetes to v1.29.0.
Before upgrading from earlier releases, be sure to read the Kubernetes Urgent Upgrade Notes.
⚠️ IMPORTANT: This release removes the expiremental rotate-keys
subcommand due to changes in Kubernetes upstream for KMSv2, the subcommand should be added back in future releases.
⚠️ IMPORTANT: This release also removes the multi-cluster-cidr
flag, since the support for this alpha feature has been removed completely from Kubernetes upstream, this flag should be removed from the configuration before upgrade.
Changes since v1.28.4+k3s2:
- Fix overlapping address range (#8913)
- Modify CONTRIBUTING.md guide (#8954)
- Nov 2023 stable channel update (#9022)
- Default runtime and runtime classes for wasm/nvidia/crun (#8936)
- Added runtime classes for wasm/nvidia/crun
- Added default runtime flag for containerd
- Bump containerd/runc to v1.7.10-k3s1/v1.1.10 (#8962)
- Allow setting default-runtime on servers (#9027)
- Bump containerd to v1.7.11 (#9040)
- Remove GA feature-gates (#8970)
- Only publish to code_cov on merged E2E builds (#9051)
- Update Kubernetes to v1.29.0+k3s1 (#9052)
- Update flannel to v0.24.0 and remove multiclustercidr flag (#9075)
- Remove rotate-keys subcommand (#9079)
Embedded Component Versions
Component | Version |
---|---|
Kubernetes | v1.29.0 |
Kine | v0.11.0 |
SQLite | 3.42.0 |
Etcd | v3.5.9-k3s1 |
Containerd | v1.7.11-k3s2 |
Runc | v1.1.10 |
Flannel | v0.24.0 |
Metrics-server | v0.6.3 |
Traefik | v2.10.5 |
CoreDNS | v1.10.1 |
Helm-controller | v0.15.4 |
Local-path-provisioner | v0.0.24 |
Helpful Links
As always, we welcome and appreciate feedback from our community of users. Please feel free to:
- Open issues here
- Join our Slack channel
- Check out our documentation for guidance on how to get started or to dive deep into K3s.
- Read how you can contribute here
Configuration
📅 Schedule: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined).
🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.
♻ Rebasing: Whenever PR is behind base branch, or you tick the rebase/retry checkbox.
🔕 Ignore: Close this PR and you won't be reminded about this update again.
- [ ] If you want to rebase/retry this PR, check this box
This PR has been generated by Mend Renovate. View repository job log here.