Addressed issues¶
Issues addressed in the MKE 3.6.5 release include:
[MKE-9743] Fixed non-compliance of
bind-address
configuration inucp-kube-scheduler
container.Kubernetes scheduler now binds to 127.0.0.1 by default. Admins can return binding capability to all available network interfaces by configurating the new
kube_scheduler_bind_to_all
setting undercluster_config
in the MKE configuration file.[MKE-9742] Fixed controls 1.1.32 and 1.1.34 in the built-in CIS benchmark (and removed control 1.1.6 from the control list) to resolve non-compliance of the following configurations in
ucp-kube-api-server
container:insecure-port
authorization-mode/Node
encryption-provider-config
[MKE-9746] Fixed controls 2.1.1-2.1.4 and 2.1.10 in the built-in CIS benchmark to resolve non-compliance of the following configurations in the
ucp-kubelet
container:anonymous-auth
authorization-mode
client-ca-file
read-only-port
tls-cert-file
tls-private-key-file
[FIELD-6221] Fixed an issue wherein the
cri-dockerd
binary was not updated following upgrade.[FIELD-6126] Fixed a memory leak in the
ucp-cluster-agent
container.[FIELD-6104] Fixed an issue wherein
cri-dockerd
continued to use the olducp-pause
image following upgrade.[FIELD-5931] Fixed an issue wherein LDAP sync occasionally failed after replacing manager nodes.
[FIELD-6210] Addressed an issue wherein CPU usage increased significantly in docker daemon following upgrade to MKE 3.6.
Note
FIELD-6210 was appended to the MKE 3.6.5 release notes on 2023-07-19.
[MKE-10017] Fixed an issue wherein
ucp-pause
containers were not carried forward during MKE upgrade.Note
MKE-10017 was appended to the MKE 3.6.5 release notes on 2023-08-16.