v1.33.X
Before upgrading from earlier releases, be sure to read the Kubernetes Urgent Upgrade Notes.
| Version | Release date | Kubernetes | Etcd | Containerd | Runc | Metrics-server | CoreDNS | Ingress-Nginx | Helm-controller | Canal (Default) | Calico | Cilium | Multus |
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| v1.33.1+rke2r1 | May 21 2025 | v1.33.1 | v3.5.21-k3s1 | v2.0.5-k3s1 | v1.2.6 | v0.7.2 | v1.12.1 | v1.12.1-hardened6 | v0.16.10 | Flannel v0.26.7 Calico v3.30.0 | v3.30.0 | v1.17.3 | v4.2.0 |
| v1.33.0+rke2r1 | May 07 2025 | v1.33.0 | v3.5.21-k3s1 | v2.0.4-k3s2 | v1.2.5 | v0.7.2 | v1.12.1 | v1.12.1-hardened3 | v0.16.10 | Flannel v0.26.6 Calico v3.29.3 | v3.29.3 | v1.17.3 | v4.2.0 |
Release v1.33.1+rke2r1
This release updates Kubernetes to v1.33.1.
Important Note
If your server (control-plane) nodes were not started with the --token CLI flag or config file key, a randomized token was generated during initial cluster startup. This key is used both for joining new nodes to the cluster, and for encrypting cluster bootstrap data within the datastore. Ensure that you retain a copy of this token, as is required when restoring from backup.
You may retrieve the token value from any server already joined to the cluster:
cat /var/lib/rancher/rke2/server/token
Changes since v1.33.0+rke2r1:
- Upload prime ribs assets (#8172)
- Feat: bump harvester-cloud-provider to v0.2.10 (#8183)
- Backports for 2025-05 (#8195)
- Udpate calico chart to v3.30.0 and Canal image (#8201)
- Bump nginx version (#8178)
- Update to Kubernetes Metrics Server 3.12.201 (#8210)
- Update to flannel v0.26.700 (#8218)
- Update cilium and multus to cni-plugins v1.7.1 (#8226)
- Upgrade nginx chart (#8231)
- Update to flannel v0.26.701 and canal v3.30.0-build2025051500 (#8257)
- Update to CoreDNS 1.42.000 (#8265)
- Update k8s to v1.33.1 (#8241)
- Fix race conditions in startup readiness checks (#8275)
- Fix secrets syntax (#8283)
Charts Versions
| Component | Version |
|---|---|
| rke2-cilium | 1.17.301 |
| rke2-canal | v3.30.0-build2025051500 |
| rke2-calico | v3.30.001 |
| rke2-calico-crd | v3.30.001 |
| rke2-coredns | 1.42.000 |
| rke2-ingress-nginx | 4.12.103 |
| rke2-metrics-server | 3.12.201 |
| rancher-vsphere-csi | 3.3.1-rancher1000 |
| rancher-vsphere-cpi | 1.11.000 |
| harvester-cloud-provider | 0.2.1000 |
| harvester-csi-driver | 0.1.2300 |
| rke2-snapshot-controller | 4.0.002 |
| rke2-snapshot-controller-crd | 4.0.002 |
| rke2-snapshot-validation-webhook | 0.0.0 |
Release v1.33.0+rke2r1
This release updates Kubernetes to v1.33.0.
Important Note
If your server (control-plane) nodes were not started with the --token CLI flag or config file key, a randomized token was generated during initial cluster startup. This key is used both for joining new nodes to the cluster, and for encrypting cluster bootstrap data within the datastore. Ensure that you retain a copy of this token, as is required when restoring from backup.
You may retrieve the token value from any server already joined to the cluster:
cat /var/lib/rancher/rke2/server/token
Changes since v1.32.4+rke2r1:
- Bump to K8s to v1.33.0 and golang v1.24.2 (#8126)
- Remove kube-apiserver flags removed by upstream (#8136)
Charts Versions
| Component | Version |
|---|---|
| rke2-cilium | 1.17.300 |
| rke2-canal | v3.29.3-build2025040801 |
| rke2-calico | v3.29.300 |
| rke2-calico-crd | v3.29.101 |
| rke2-coredns | 1.39.201 |
| rke2-ingress-nginx | 4.12.101 |
| rke2-metrics-server | 3.12.200 |
| rancher-vsphere-csi | 3.3.1-rancher1000 |
| rancher-vsphere-cpi | 1.11.000 |
| harvester-cloud-provider | 0.2.900 |
| harvester-csi-driver | 0.1.2300 |
| rke2-snapshot-controller | 4.0.002 |
| rke2-snapshot-controller-crd | 4.0.002 |
| rke2-snapshot-validation-webhook | 0.0.0 |