Shulou(Shulou.com)06/03 Report--

June 20, Beijing, the [2019 Enterprise Container Innovation Conference] sponsored by Rancher Labs has opened the application for limited exemption! In 18 speeches throughout the day, IT leaders of China Life Insurance, China Unicom, Ping an Technology, New Oriental, Aliyun, Baidu Cloud and other famous enterprises were invited to share the enterprise-level landing experience of container technology. At the conference, the Rancher Labs R & D manager will also present the functions and use of Istio and Windows containers in Rancher 2.3, which will be released by Demo. There are also on-site exchanges of K3s, Rio and so on. Click: http://hdxu.cn/hMsQ8 for details and online registration ~

On June 6, 2019, Rancher Labs released Rancher version 2.2.4, which fixes two recently discovered security vulnerabilities CVE-2019-12303 and CVE-2019-12274, project-level monitoring functions are also returned in this version, as well as a series of features and optimizations.

CVE repair

Version 2.2.4 contains two security vulnerabilities fixes CVE-2019-12303 and CVE-2019-12274

The first vulnerability affects versions v2.0.0 to v2.2.3, and project administrators can read files in the Fluentd container or execute arbitrary commands, such as ElasticSearch configured by other project administrators, by injecting additional Fluentd configuration parameters when interfacing with the log system.

Specific links:

Https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12274

The second vulnerability affects v1.6.0 to v1.6.27 (users using Cattle and Kubernetes) and v2.0.0 to v2.2.3. Some embedded host drivers can configure parameters for a file path. When creating a host through the host driver, the creator can use this vulnerability to obtain the contents of any container in the Rancher Server, such as `/ root/.kube/ config`. In this way, the host creator can gain access to the Rancher management plane.

Specific links:

Https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12303

Function and optimization

Project-level monitoring regression

Support for multiple regions added to AKS cluster

Support for multiple regions has been added to RKE AWS cluster

Enhanced global DNS support for CloudFlare

Built-in monitoring new version, which enhances performance and stability.

It solves the problem of high Rancher UI loading delay when loading clusters with large-scale Kubernetes resources.

Https://github.com/rancher/rancher/issues/18522

Performance is optimized by compressing the previous communication between the Rancher server and Rancher Agent.

Https://github.com/rancher/rancher/issues/19493

Other optimizations and enhancements

Here are some of the major issues fixed in 2.2.4. More details can be found in the link below.

Https://github.com/rancher/rancher/milestone/160

Enhanced the stability and performance of the app store

Https://github.com/rancher/rancher/issues/19881

Https://github.com/rancher/rancher/issues/19880

Optimized Rancher performance

Https://github.com/rancher/rancher/issues/18522

Https://github.com/rancher/rancher/issues/16605

Https://github.com/rancher/rancher/issues/19934

Support for activating OTC host drivers

Ordinary users can create a global DNS

OpenStack integration enhancement

Https://github.com/rancher/rancher/issues/20456

Https://github.com/rancher/rancher/issues/20562

Enhanced etcd Snapshot

Https://github.com/rancher/rancher/issues/18807

Https://github.com/rancher/rancher/issues/18793

Https://github.com/rancher/rancher/issues/19639

Fixed a problem that could not be displayed after the deletion of multi-cluster application templates

Https://github.com/rancher/rancher/issues/20432

Fixed an issue where Rancher could not update application templates from nodes in HA mode

Https://github.com/rancher/rancher/issues/20299

Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.