Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

etcd version for 1.19 is 3.4.13 for cve fixes #97244

Merged
merged 1 commit into from Dec 14, 2020
Merged

etcd version for 1.19 is 3.4.13 for cve fixes #97244

merged 1 commit into from Dec 14, 2020

Conversation

pacoxu
Copy link
Member

@pacoxu pacoxu commented Dec 11, 2020
edited

What type of PR is this?
/kind bug

What this PR does / why we need it:

Etcd version check in kubeadm upgrade still references etcd 3.4.9 for clusters of version 19 even though 3.4.13 is the correct version to be used.

https://github.com/kubernetes/kubernetes/blob/release-1.19/cmd/kubeadm/app/constants/constants.go#L436
19: "3.4.13-0",
https://github.com/kubernetes/kubernetes/blob/release-1.20/cmd/kubeadm/app/constants/constants.go#L472
19: "3.4.9-1",

Which issue(s) this PR fixes:
Fixes #97234

Special notes for your reviewer:

Does this PR introduce a user-facing change?:

kubeadm now installs version 3.4.13 of etcd when creating a cluster with v1.19

Additional documentation e.g., KEPs (Kubernetes Enhancement Proposals), usage docs, etc.:

None

@pacoxu
etcd version for 1.19 is 3.4.13 for cve fixes
920dc25 
Signed-off-by: pacoxu <paco.xu@daocloud.io>
@k8s-ci-robot k8s-ci-robot added release-note-none Denotes a PR that doesn't merit a release note. kind/bug Categorizes issue or PR as related to a bug. size/XS Denotes a PR that changes 0-9 lines, ignoring generated files. cncf-cla: yes Indicates the PR's author has signed the CNCF CLA. do-not-merge/needs-sig Indicates an issue or PR lacks a `sig/foo` label and requires one. needs-triage Indicates an issue or PR lacks a `triage/foo` label and requires one. needs-priority Indicates a PR lacks a `priority/foo` label and requires one. area/kubeadm sig/cluster-lifecycle Categorizes an issue or PR as relevant to SIG Cluster Lifecycle. and removed do-not-merge/needs-sig Indicates an issue or PR lacks a `sig/foo` label and requires one. labels Dec 11, 2020
@detiber
Copy link
Member

detiber commented Dec 11, 2020

/lgtm

@k8s-ci-robot k8s-ci-robot added the lgtm "Looks good to me", indicates that a PR is ready to be merged. label Dec 11, 2020
@pacoxu
Copy link
Member Author

pacoxu commented Dec 12, 2020

/assign @fabriziopandini

SataQiu
SataQiu reviewed Dec 13, 2020
View reviewed changes
Copy link
Member

@SataQiu SataQiu left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

/lgtm
/triage accepted

@k8s-ci-robot k8s-ci-robot added triage/accepted Indicates an issue or PR is ready to be actively worked on. and removed needs-triage Indicates an issue or PR lacks a `triage/foo` label and requires one. labels Dec 13, 2020
@fabriziopandini
Copy link
Member

/approve
This was an oversight in #94287 😓
This change should be backported in the 1.20 branch

@k8s-ci-robot
Copy link
Contributor

[APPROVALNOTIFIER] This PR is APPROVED

This pull-request has been approved by: fabriziopandini, pacoxu

The full list of commands accepted by this bot can be found here.

The pull request process is described here

Needs approval from an approver in each of these files:

Approvers can indicate their approval by writing /approve in a comment
Approvers can cancel approval by writing /approve cancel in a comment

@k8s-ci-robot k8s-ci-robot added the approved Indicates a PR has been approved by an approver from all required OWNERS files. label Dec 14, 2020
@fabriziopandini
Copy link
Member

/hold
@pacoxu please add a release note:
kubeadm now installs version xx of etcd when creating a cluster with v1.19

@k8s-ci-robot k8s-ci-robot added the do-not-merge/hold Indicates that a PR should not merge because someone has issued a /hold command. label Dec 14, 2020
@fabriziopandini
Copy link
Member

/priority critical-urgent

@k8s-ci-robot k8s-ci-robot added priority/critical-urgent Highest priority. Must be actively worked on as someone's top priority right now. and removed needs-priority Indicates a PR lacks a `priority/foo` label and requires one. labels Dec 14, 2020
@k8s-ci-robot k8s-ci-robot added release-note Denotes a PR that will be considered when it comes time to generate release notes. and removed release-note-none Denotes a PR that doesn't merit a release note. labels Dec 14, 2020
@pacoxu
Copy link
Member Author

pacoxu commented Dec 14, 2020

@fabriziopandini release note is edited.

@fabriziopandini
Copy link
Member

/hold cancel

@k8s-ci-robot k8s-ci-robot removed the do-not-merge/hold Indicates that a PR should not merge because someone has issued a /hold command. label Dec 14, 2020
@k8s-ci-robot k8s-ci-robot merged commit 6fc51bc into kubernetes:master Dec 14, 2020
@k8s-ci-robot k8s-ci-robot added this to the v1.21 milestone Dec 14, 2020
@fabriziopandini
Copy link
Member

@pacoxu do you mind cherry-picking this in the 1-20 branch?

@pacoxu pacoxu mentioned this pull request Dec 14, 2020
Merged
@pacoxu
Copy link
Member Author

pacoxu commented Dec 14, 2020

ok
Cherry pick pr is #97284

@mrajashree mrajashree mentioned this pull request May 17, 2021
Closed
@pacoxu pacoxu deleted the fix/97234 branch June 23, 2021 05:36
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@SataQiu SataQiu SataQiu left review comments

@detiber detiber Awaiting requested review from detiber

@fabriziopandini fabriziopandini Awaiting requested review from fabriziopandini

Assignees

@detiber detiber

@fabriziopandini fabriziopandini

@SataQiu SataQiu

Labels
approved Indicates a PR has been approved by an approver from all required OWNERS files. area/kubeadm cncf-cla: yes Indicates the PR's author has signed the CNCF CLA. kind/bug Categorizes issue or PR as related to a bug. lgtm "Looks good to me", indicates that a PR is ready to be merged. priority/critical-urgent Highest priority. Must be actively worked on as someone's top priority right now. release-note Denotes a PR that will be considered when it comes time to generate release notes. sig/cluster-lifecycle Categorizes an issue or PR as relevant to SIG Cluster Lifecycle. size/XS Denotes a PR that changes 0-9 lines, ignoring generated files. triage/accepted Indicates an issue or PR is ready to be actively worked on.
Projects
None yet
Milestone
v1.21
Development

Successfully merging this pull request may close these issues.

kubeadm v1.20.0 incorrectly tries to use etcd 3.4.9 for v1.19.4 clusters
5 participants
@pacoxu @detiber @fabriziopandini @k8s-ci-robot @SataQiu