3.4.11

(2022-08-18)

Components

What’s new

  • [FIELD-4910] MKE support bundles now include bridge network information.

  • [FIELD-5109] Improved the logging messages for the backup command.

  • [FIELD-5138] Added the ability to specify the etcd storage size limit by using the new etcd_storage_quota parameter in the MKE configuration file.

Addressed issues

  • [FIELD-5094] Fixed an issue wherein ucp-metrics erroneously logged the "unexpected end of JSON input" error.

  • [FIELD-4947] Fixed an issue wherein encrypted networks created with the CLI were represented as unencrypted in the web UI. Specifically, the Encrypted Communications field on the network Overview page incorrectly displayed a false value.

Security information

  • Updated to the following middleware component versions to resolve vulnerabilities in MKE:

    • Golang 1.18.5 [FIELD-5177]

    • Go-restful 3.8.0 [FIELD-5085]

  • Updated Interlock to version 3.3.6. This release mitigates multiple vulnerabilities and introduces updates to the following base images:

    • NGINX 1.23.0-alpine [MKE-8888]

    • Alpine Linux 3.16.0 [MKE-8943]

    • Golang 1.18.3-alpine3.16 [MKE-8943]

Known issues

  • Use of Node Feature Discovery (NFD) Pods can result in a crash loop in Linux systems that run MCR 20.10.8 and earlier (For details, see moby/moby#42836).

    Workaround:

    Update MCR to version 20.10.9 or later.

  • Kube-proxy in IPVS mode is inoperable when running MKE on kernel version 5.11 or later. A workaround solution is available upon request.