Skip to content

Addressed issues#

Issues addressed in the MKE 4k 4.1.2 release include:

Upgrade and Migration#

  • CA certs are now saved as local files during upgrade from MKE 3.
  • The upgrade process now ensures that MKE 3 containers are stopped/killed.
  • Block MKE 3 upgrade if hardware does not meet minimum hardware requirements.
  • Block MKE 3 upgrade if the cluster is not ready.
  • Handling of registry flags in non-airgapped upgrades.

Security, Authentication, and Access Control#

  • No blank strings for ucpauthz.
  • Dex reconciles when a sensitive field is updated.
  • Fix empty login address.
  • dex-http-server can get bindpw from a secret.
  • Fixed an issue wherein nil checks prevented LDAP values in dex-http-server.
  • Proper handling of certs that are PEM bundles.
  • Addition of usernameClaim to OIDC configuration.
  • Rework the values methods for dex-http-server.
  • Move of ucpauthz helm chart to mke namespace.
  • Change of ucpauthz extension namespace for child clusters.
  • Users can now configure the ucpauthz admission controller so that there are no users who are exempt by default.
  • ucpauthz default exempt users configuration.

CLI (mkectl)#

  • mkectl output is truncated in error case.
  • The logs in airgap installations are now prevented from listing commands.
  • Error message for redundant extra parameters.
  • Invocation with sudo must be a command.
  • Allow the setting kubeconfig through an environment variable.
  • Failures always result in the removal of kubeconfig.
  • Trim runner name to 32 characters.

Network#

  • Networking verification uses its own namespace.
  • Namespace for networking verification is immediately deleted.
  • Namespace used for networking checks is always cleaned and is made to fail if it cannot be cleaned up.
  • Removal of kube-router CNI.

Cluster Operations, etcd, and Maintenance#

  • Retry of updateNodeLabels is now performed, as necessary.
  • Backup taken now, even if cluster validation fails.
  • Backup specification nil check in analytics.

Infrastructure and Providers#

  • Reconfiguration of default k0rdent providers.
  • bitnamilegacy replaces bitnami in the mirroring script.
  • Addition of missing tolerations for k0rdent-ui and techsupportController.

Support and Troubleshooting#

  • Handling of hangs/timeouts in support dump code.
  • Collection of MKE 4k Pods logs.
  • An actionable error message is now emitted when encryption configuration is not found.
  • Fixed an issue wherein panics occurred in pre-checks.
  • Addition of MKE API descriptions and clean up MkeChildConfig API from unused/deprecated properties.

MKE 4k Dashboard#

Organization and Team Management#

  • Group members now display in Members tab for Org/Team.
  • Listing of Grants applied to Orgs/Teams.
  • Disable org/team ldap config when ldap is disabled globally
  • TypeError when adding local user to new organization

User Management and LDAP#

  • Display LDAP users in the Users table.
  • Group members from all groups now display in the All Users list.
  • LDAP members are no longer fetched in the Users table when LDAP is disabled.
  • Corrected a bug that presented for LDAP configuration labels.

Node and Cluster Views#

  • Fixed an issue wherein the "Oops!" page presented consistently for some Node pages.
  • Corrected a bug that occurred whenever the same file was selected twice for upload.

General UI/UX#

  • Addition of bottom margin for the last text area.
  • Org names are now passed to team endpoints.