Releases: kubermatic/kubermatic
Releases · kubermatic/kubermatic
v2.23.5
Bugfixes
- Correctly validate Hetzner API response for server type while calculating resource requirements and for networks while validating cloud spec (#12716)
Updates
- Update nginx-ingress-controller to v1.9.3 (fixes CVE-2023-44487, HTTP/2 rapid reset attack) (#12714)
- Update to Go 1.20.10 (#12698)
- Update to OSM v1.3.3 (#12710)
- Add Cilium 1.13.7 as supported CNI version, deprecate cilium version 1.13.6 as it's impacted by CVE-2023-39347, CVE-2023-41333 (Moderate Severity), CVE-2023-41332 (Low Severity) (#12695)
- Update to
quay.io/kubermatic/util:2.3.1as helper image (includes curl version patched against CVE-2023-38545 and CVE-2023-38546) (#12733)
New Feature
- Introduce
DisableAdminKubeconfigflag inKubermaticSettingsto disable the admin kubeconfig feature from dashboard (#12679)
v2.22.8
Bugfixes
- Correctly validate Hetzner API response for server type while calculating resource requirements and for networks while validating cloud spec (#12716)
- Fix vSphere cluster validation: If a Cluster uses a custom datastore, the Seed's default datastore should not be validated (#12655)
Updates
New Feature
- Introduce
DisableAdminKubeconfigflag inKubermaticSettingsto disable the admin kubeconfig feature from dashboard (#12682)
v2.21.13
v2.23.4
v2.23.3
Supported Kubernetes Versions
- Add support for Kubernetes 1.25.14, 1.26.9 and 1.27.6 (#12639)
- Set default Kubernetes version to 1.26.9 (#12639)
Bugfixes
- Add missing cluster-autoscaler release for user clusters using Kubernetes 1.27 (#12597)
- Fix always defaulting allowed node port IP ranges for user clusters to 0.0.0.0/0 and ::/0, even when a more specific IP range was given (#12589)
- Mark MLA Grafana dashboards as non-editable as they are managed by KKP (#12627)
- MLA Grafana Kubernetes dashboards won't repeatedly ask to be saved (#12614)
Updates
- Update
d3fk/s3cmdto version (latest "arch-stable") withfb4c4dcfhash (#12644) - Update to Go 1.20.8 (#12642)
- Add Cilium 1.13.6 as supported CNI version and deprecate older versions 1.13.3 and 1.13.4 for security reasons (GHSA-pvgm-7jpg-pw5g, GHSA-69vr-g55c-v2v4, GHSA-mc6h-6j9x-v3gq, GHSA-7mhv-gr67-hq55) (#12635)
- Update Vertical Pod Autoscaler to 0.14 (compatible with Kubernetes 1.25+) (#12611)
v2.22.7
Supported Kubernetes Versions
- Add support for Kubernetes 1.25.14 and 1.26.9 (#12641)
- Set default Kubernetes version to 1.25.14 (#12641)
Bugfixes
- Fix always defaulting allowed node port IP ranges for user clusters to 0.0.0.0/0 and ::/0, even when a more specific IP range was given (#12589)
- Migration logic for
kubermatic.io/initial-machinedeployment-requestannotation no longer checks for dynamic kubelet configuration, a feature unavailable in Kubernetes 1.24+. This caused cluster templates that enabled it previously to fail migration (#12624)
Updates
v2.23.2
Bugfixes
- Add missing images from envoy-agent DaemonSet in Tunneling expose strategy when running
kubermatic-installer mirror-images(#12537) - Fix an issue in the kubermatic-installer mirror-images command, which led to failure on the mla-consul chart (#12513)
- Fix an issue in the kubermatic-installer mirror-images command, which led to failure on the mla-consul chart (#12518)
- Fix an issue where IPv6 IPs were being ignored when determining the address of a user cluster (#12511)
- Fix reconcile loop for
seed-proxy-tokenSecret on Kubernetes 1.27 (#12566) - Mark all canal CRDs with
preserveUnknownFields: false(#12549) - MLA: fixes configuration live reload for monitoring-agent and logging-agent (#12507)
- MLA: fixes for the kubernetes overview dashboard in grafana (#12520)
- The kube_service_labels metric was not scraped with all expected labels, due to a change in labels on the kube-state-metrics service. The related scraping config was adapted accordingly (#12551)
- VSphere: Fix a bug where datastore cluster value was not being propagated to the CSI driver (#12474)
Updates
- Update machine-controller to v1.57.3 and OSM to v1.3.2 (#12577)
- Update metering to v1.0.4 with increased namespace report generation performance and prometheus to v2.37.9 (#12546)
- Update operating-system-manager (OSM) to v1.3.1 (#12564)
- Update telemetry-agent to v0.4.1 (#12572)
New Feature
- Support for configuring the dex theme via values file (#12560)
v2.22.6
Bugfixes
- Add missing images from envoy-agent DaemonSet in Tunneling expose strategy when running
kubermatic-installer mirror-images(#12537) - Fix an issue in the kubermatic-installer mirror-images command, which led to failure on the mla-consul chart (#12519)
- Fix reconcile loop for
seed-proxy-tokenSecret on Kubernetes 1.27 (#12567) - Mark all canal CRDs with
preserveUnknownFields: false(#12548) - MLA: fixes configuration live reload for monitoring-agent and logging-agent (#12507)
- MLA: fixes for the kubernetes overview dashboard in grafana (#12520)
Updates
v2.21.12
v2.23.1
Features
- Made Prometheus helm chart extensible so that external metric storage solutions like Thanos can be easily integrated for seed long-term monitoring (#12469)
Bugfixes
- Fix default url configuration of blackbox exporter (#12412)
- Hetzner CSI: recreate CSIDriver to allow upgrade from 1.6.0 to 2.2.0 (#12432)
- Replace
iratewithratefor node cpu usage graphs (#12427) - The Kubermatic Installer will now validate the existing Minio filesystem before attempting a
kubermatic-seedstack installation (#12493)
Updates
- Update to Go 1.20.6 (#12502)
- Update Cilium CNI to 1.13.4, marking 1.13.0 as deprecated but kept 1.13.3 because 1.13.4 breaks IPSec support (#12478)
- Update machine-controller to v1.57.1 (#12492)