v1.32.11+rke2r3

RKE2 v1.34 Upgrade Warning Changes since v1.32.11+rke2r1: Charts Versions Packaged Component Versions Available CNIs Helpful Links This release updates Kubernetes to v1.32.11. Important Note If your server (control-plane) nodes were not started with the --token CLI flag or config file key, a randomized token was generated during initial cluster startup. This key is used both for joining new nodes to the cluster, and for encrypting cluster bootstrap data within the datastore. Ensure that you retain a copy of this token, as is required when restoring from backup. --token You may retrieve the token value from any server already joined to the cluster: cat /var/lib/rancher/rke2/server/token This warning targets users who perform upgrades by adding new nodes to the cluster, and removing old ones. If your etcd cluster membership is and has been consistent across versions, you should NOT be affected by this issue. RKE2 v1.34 and higher include etcd 3.6. Maintainers of the etcd project have indicated that there no safe path from etcd 3.5 to 3.6 except by upgrading to v3.5.26 first. In mid December, the project released an announcement indicating that there is NO safe path from etcd 3.5 to 3.6 except by upgrading to v3.5.26 first. Failure to do so can cause the cluster to report “zombie members” (etcd nodes that were removed from the cluster some time ago) re-appearing and joining database consensus, ultimately causing the cluster to lose quorum. This updated blog post contradicts previous announcements on this topic , which indicated that it was safe to upgrade from v3.5.20+ as long as nodes had been restarted at least once, to reconcile membership lists across internal storage layers. The January releases of RKE2 v1.32 and v1.33 will include etcd v3.5.26.