Rancher Release v2.4.13

Release v2.4.13

Important

  • Kubernetes 1.18 is now the default version [#25117] - Kubernetes 1.18 is now the default version. Whenever upgrading to any Kubernetes version, please review the Kubernetes release notes for any breaking changes.
  • Users using a single Docker container install - Etcd in the Docker container has been upgraded from 3.3 to 3.4, therefore you must take a backup before upgrading in order to be able to roll back to a v2.3.x release. You will not be able to rollback without this backup.

  • Users using node pools with RHEL/CentOS nodes [#18065]: The default storage driver for RHEL/CentOS nodes has been updated to overlay2. If your node template does not specify a storage driver, any new node will be provisioned using the new updated default (overlay) instead of the old default (devicemapper). If you need to keep using devicemapper as your storage driver option, edit your node template to explicitly set the storage driver as `devicemapper.

  • Users running Windows clusters [#25582] - Windows has launched a security patch as of Feb 11. Before upgrading, please update your nodes to include this security patch, otherwise your upgrade will fail until the patch is applied.

  • Rancher launched clusters require additional 500MB space - By default, Rancher launched clusters have enabled audit logging on the cluster.

  • Rancher launched Kubernetes clusters behavior of upgrades have changed [#23897] - Worker nodes are now upgraded in batches. Please refer to the RKE documentation about how to upgrade clusters without downtime for applications.

  • Restrict Kubernetes versions in Rancher helm chart to versions less than 1.20.0 [#30746] - This restriction was added to prevent Rancher from being installed on incompatible versions of Kubernetes.

Versions

Please refer to the README for latest and stable versions.

Please review our version documentation for more details on versioning and tagging conventions.

Enhancements

  • Updated to use v1.18.15-rancher1-1 and v1.17.17-rancher1-1
  • Allow for rancher-agent image to be pulled from cluster private registry. [#26366]
  • Add support for configuring OpenLDAP with StartTLS [#29810]
  • Add option in the UI to use StartTLS for OpenLDAP [#30348]
  • Fixed Logging support for clusters with Windows Server SAC 1909 nodes and for clusters with Windows Server LTSC 2019 nodes. [#30279]
  • Logging system chart upgraded to version 0.2.3 [#30569]
  • Added disableMountSubPath option to Prometheus operator for monitoring system chart [#29149]
  • Added filter option for requests to get a template so that only version links compatible with cluster are returned. [#30497]
  • Added new Rancher external DNS system chart. [#30186]
  • Enable support for limiting Kubernetes versions of system charts. [#29647]

Major Bugs Fixed Since v2.4.12

  • Fixed issue with Rancher server pods crashing. [#28293]

Minor Bugs Fixed Since v2.4.12

  • Fixed confd build issue to support Huawei Arm server. [#30678 PR]
  • Added retry on conflict for errors encountered while enabling monitoring. [#30290]
  • Fixed an issue where EC2 instances failed to start when using Amazon Linux. [#21648]
  • Properly remove vSphere vCenter server entries. [#27306]
  • Fixed Logging v1 connection reset by peer error for AKS clusters. [#30618]
  • Fixed UI issue where node template values were not changing while switching cloud credentials for vSphere. [#30074]
  • Rancher’s Istio installation now includes missing helm chart template for setting resource limits and requests on Istio sidecar containers with annotations. [#28950]

Air Gap Installations and Upgrades

In v2.4.0, an air gap installation no longer requires mirroring the systems chart git repo. Please follow the directions on how to install Rancher to use the packaged systems chart.

Known Major Issues

  • When using monitoring with persistent storage for Grafana enabled, upgrading monitoring causes the pod to fail to start. Workaround steps are provided in the issue. [#27450]
  • When using monitoring, upgrading Kubernetes versions removes the “API Server Request Rate” metric [#27267]
  • When a new chart version is added to a helm 3 catalog, the upgrade process can default to helm 2, causing an api error. Workaround in issue. [27252]

Versions

Images

  • rancher/rancher:v2.4.13
  • rancher/rancher-agent:v2.4.13

Tools

Kubernetes

Upgrades and Rollbacks

Rancher supports both upgrade and rollback. Please note the version you would like to upgrade or rollback to change the Rancher version.

Please be aware that upon an upgrade to v2.3.0+, any edits to a Rancher launched Kubernetes cluster will cause all system components to restart due to added tolerations to Kubernetes system components. Plan accordingly.

Recent changes to cert-manager require an upgrade if you have an HA install of Rancher using self-signed certificates. If you are using cert-manager older than v0.9.1, please see the documentation on how to upgrade cert-manager.

Important: When rolling back, we are expecting you to rollback to the state at the time of your upgrade. Any changes post upgrade would not be reflected.