copyright | lastupdated | keywords | subcollection | ||
---|---|---|---|---|---|
|
2019-06-19 |
kubernetes, iks, nginx, ingress controller |
containers |
{:new_window: target="_blank"} {:shortdesc: .shortdesc} {:screen: .screen} {:pre: .pre} {:table: .aria-labeledby="caption"} {:codeblock: .codeblock} {:tip: .tip} {:note: .note} {:important: .important} {:deprecated: .deprecated} {:download: .download} {:preview: .preview}
{: #cluster-add-ons-changelog}
Your {{site.data.keyword.containerlong}} cluster comes with components, such as the Fluentd and Ingress ALB components, that are updated automatically by IBM. You can also disable automatic updates for some components and manually update them separately from the master and worker nodes. Refer to the tables in the following sections for a summary of changes for each version. {: shortdesc}
For more information about managing updates for Fluentd and Ingress ALBs, see Updating cluster components.
{: #alb_changelog}
View build version changes for Ingress application load balancers (ALBs) in your {{site.data.keyword.containerlong_notm}} clusters. {:shortdesc}
When the Ingress ALB component is updated, the nginx-ingress
and ingress-auth
containers in all ALB pods are updated to the latest build version. By default, automatic updates to the component are enabled, but you can disable automatic updates and manually update the component. For more information, see Updating the Ingress application load balancer.
Refer to the following table for a summary of changes for each build of the Ingress ALB component.
`nginx-ingress` / `ingress-auth` build | Release date | Non-disruptive changes | Disruptive changes |
---|---|---|---|
473 / 331 | 18 June 2019 |
|
- |
470 / 330 | 07 June 2019 | Fixes Berkeley DB vulnerabilities for [CVE-2019-8457 ![External link icon](../icons/launch-glyph.svg "External link icon")](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-8457). | - |
470 / 329 | 06 June 2019 | Fixes Berkeley DB vulnerabilities for [CVE-2019-8457 ![External link icon](../icons/launch-glyph.svg "External link icon")](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-8457). | - |
467 / 329 | 03 June 2019 | Fixes GnuTLS vulnerabilities for [CVE-2019-3829 ![External link icon](../icons/launch-glyph.svg "External link icon")](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-3829), [CVE-2019-3836 ![External link icon](../icons/launch-glyph.svg "External link icon")](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-3836), [CVE-2019-3893 ![External link icon](../icons/launch-glyph.svg "External link icon")](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-3893), [CVE-2018-10844 ![External link icon](../icons/launch-glyph.svg "External link icon")](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-10845), [CVE-2018-10845 ![External link icon](../icons/launch-glyph.svg "External link icon")](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-10844), and [CVE-2018-10846 ![External link icon](../icons/launch-glyph.svg "External link icon")](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-10846). | - |
462 / 329 | 28 May 2019 | Fixes cURL vulnerabilities for [CVE-2019-5435 ![External link icon](../icons/launch-glyph.svg "External link icon")](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5435) and [CVE-2019-5436 ![External link icon](../icons/launch-glyph.svg "External link icon")](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5436). | - |
457 / 329 | 23 May 2019 | Fixes Go vulnerabilities for [CVE-2019-11841 ![External link icon](../icons/launch-glyph.svg "External link icon")](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11841). | - |
423 / 329 | 13 May 2019 | Improves performance for the integration with {{site.data.keyword.appid_full}}. | - |
411 / 315 | 15 Apr 2019 | Updates the value of the {{site.data.keyword.appid_full_notm}} cookie expiration so that it matches the value of the access token expiration. | - |
411 / 306 | 22 Mar 2019 | Updates the Go version to 1.12.1. | - |
410 / 305 | 18 Mar 2019 |
|
- |
408 / 304 | 05 Mar 2019 | - | Fixes bugs in the authorization integration that is related to log out functionality, token expiration, and the `OAuth` authorization callback. These fixes are implemented only if you enabled {{site.data.keyword.appid_full_notm}} authorization by using the [`appid-auth`](/docs/containers?topic=containers-ingress_annotation#appid-auth) annotation. To implement these fixes, additional headers are added, which increases the total header size. Depending on the size of your own headers and the total size of responses, you might need to adjust any [proxy buffer annotations](/docs/containers?topic=containers-ingress_annotation#proxy-buffer) that you use. |
406 / 301 | 19 Feb 2019 |
|
- |
404 / 300 | 31 Jan 2019 | Updates the Go version to 1.11.4. | - |
403 / 295 | 23 Jan 2019 |
|
Disables TLS 1.0 and 1.1 by default. If the clients that connect to your apps support TLS 1.2, no action is required. If you still have legacy clients that require TLS 1.0 or 1.1 support, manually enable the required TLS versions by following [these steps](/docs/containers?topic=containers-ingress#ssl_protocols_ciphers). For more information about how to see the TLS versions that your clients use to access your apps, see this [{{site.data.keyword.cloud_notm}} Blog post](https://www.ibm.com/blogs/bluemix/2018/11/ibm-cloud-kubernetes-service-alb-update-tls-1-0-and-1-1-disabled-by-default/). |
393 / 291 | 09 Jan 2019 | Adds support for integration with multiple {{site.data.keyword.appid_full_notm}} instances. | - |
393 / 282 | 29 Nov 2018 | Improves performance for the integration with {{site.data.keyword.appid_full_notm}}. | - |
384 / 246 | 14 Nov 2018 | Improves logging and logout features for the integration with {{site.data.keyword.appid_full_notm}}. | Replaces the self-signed certificate for `*.containers.mybluemix.net` with the LetsEncrypt signed certificate that is automatically generated for and used by the cluster. The `*.containers.mybluemix.net` self-signed certificate is removed. |
350 / 192 | 05 Nov 2018 | Adds support for enabling and disabling automatic updates of the Ingress ALB component. | - |
{: #fluentd_changelog}
View build version changes for the Fluentd component for logging in your {{site.data.keyword.containerlong_notm}} clusters. {:shortdesc}
By default, automatic updates to the component are enabled, but you can disable automatic updates and manually update the component. For more information, see Managing automatic updates for Fluentd.
Refer to the following table for a summary of changes for each build of the Fluentd component.
Fluentd build | Release date | Non-disruptive changes | Disruptive changes |
---|---|---|---|
e7c10d74350dc64d4d92ba7f72bb4ff9219315d2 | 30 May 2019 | Updates the Fluent config map to always ignore pod logs from IBM namespaces, even when the Kubernetes master is unavailable. | - |
c16fe1602ab65db4af0a6ac008f99ca2a526e6f6 | 21 May 2019 | Fixes a bug where worker node metrics did not display. | - |
60fc11f7bd39d9c6cfed923c598bf6457b3f2037 | 10 May 2019 | Updates Ruby packages for [CVE-2019-8320 ![External link icon](../icons/launch-glyph.svg "External link icon")](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-8320), [CVE-2019-8321 ![External link icon](../icons/launch-glyph.svg "External link icon")](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-8321), [CVE-2019-8322 ![External link icon](../icons/launch-glyph.svg "External link icon")](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-8322), [CVE-2019-8323 ![External link icon](../icons/launch-glyph.svg "External link icon")](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-8323), [CVE-2019-8324 ![External link icon](../icons/launch-glyph.svg "External link icon")](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-8324), and [CVE-2019-8325 ![External link icon](../icons/launch-glyph.svg "External link icon")](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-8325). | - |
91a737f68f7d9e81b5d2223c910aaa7d7f91b76d | 08 May 2019 | Updates Ruby packages for [CVE-2019-8320 ![External link icon](../icons/launch-glyph.svg "External link icon")](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-8320), [CVE-2019-8321 ![External link icon](../icons/launch-glyph.svg "External link icon")](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-8321), [CVE-2019-8322 ![External link icon](../icons/launch-glyph.svg "External link icon")](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-8322), [CVE-2019-8323 ![External link icon](../icons/launch-glyph.svg "External link icon")](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-8323), [CVE-2019-8324 ![External link icon](../icons/launch-glyph.svg "External link icon")](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-8324), and [CVE-2019-8325 ![External link icon](../icons/launch-glyph.svg "External link icon")](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-8325). | - |
d9af69e286986a05ed4a50469585b1cf978ddb1d | 11 Apr 2019 | Updates the cAdvisor plug-in to use TLS 1.2. | - |
3100ddb62580a9f46ffdff7bab2ebec40b164de6 | 01 Apr 2019 | Updates the Fluentd service account. | - |
c85567b75bd7ad1c9428794cd63a8e239c3fd8f5 | 18 Mar 2019 | Removes the dependency on cURL for [CVE-2019-8323 ![External link icon](../icons/launch-glyph.svg "External link icon")](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-8323). | - |
320ffdf87de068ee2f7f34c0e7a47a111e8d457b | 18 Feb 2019 |
|
- |
972865196aefd3324105087878de12c518ed579f | 01 Jan 2019 |
|
- |