Skip to content

fix: backport 1.29 update dqlite version #5305

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Closed
wants to merge 13 commits into from
Closed

fix: backport 1.29 update dqlite version #5305

wants to merge 13 commits into from

Conversation

@ethandcosta
Copy link

@ethandcosta ethandcosta commented Nov 20, 2025

Updates dqlite to use 1.1.13 to patch CVE.

bschimke95 and others added 13 commits April 3, 2024 16:56
@bschimke95
Initialise 1.29 branch (#4468)
52aefe5
@berkayoz
Add systemd delegate config if cpuset is missing (#4505)
d23555f 
* Add delegate config if cpuset is missing
@berkayoz
[1.29] Backport Add optional skip to community addons, bump upgrade p…
6896849 
…ath (#4529) (#4531)
@ktsakalozos
Stop testing on the host as this causes problems on our CI (#4625)
c5aa75c
@louiseschmidtgen
[Backport 1.29] watch query timeout backport k8s-dqlite (#4653)
7e53d77
@berkayoz
Prioritize SNAP_CURRENT in containerd paths (#4710) (#4718)
bd6f0a4
@aznashwan
fix: ensure nf_conntrack module loaded for kubelite. (#4726)
99b29b2 
This patch ensures that the `nf_conntrack` kernel module is loaded
before `kubelite` is started as the ProxyServer needs to read some
conntrack module-related params from procfs.

Previously, although the it would always crashed if the module wasn't
loaded, this wasn't that common of an occurrence in practice as there
are quite a few ways `nf_conntrack` gets loaded transparently:
* Cilium [automatically loads `iptable_nat`](https://github.com/cilium/cilium/blob/63cd391f93b4e2c865268241d384504348672042/pkg/datapath/iptables/iptables.go#L367-L368)
after a small startup delay, whose dependency tree includes `nf_conntrack`
* starting firewalld/ufw/most other firewall services
* setting iptables/nftables rules which imply session tracking

By explicitly loading `nf_conntrack` before starting `kubelite`,
it should ensure the procfs values ther ProxyServer reads are
always present on startup.

Signed-off-by: Nashwan Azhari <[email protected]>
@HomayoonAlimohammadi
scripts: Fix kill-host-pods (#4838)
05a313a
@louiseschmidtgen
backport: [1.30] memory leak k8s-dqlite v1.1.12 (#4869) (#4872)
a26a7c9 
* backport: [1.30] memory leak k8s-dqlite v1.1.12
* update gh actions artifact
* Trivy job fix
@louiseschmidtgen
[Backport 1.29] CI: Fix addons CI (#4913) (#4923) (#4606) (#4928)
7ba6e94 
* CI: Distro from env variable in test (#4913)

* CI: Pins pytest to 8.3.4 for Test core addons (#4923)

* use pytest 8.3.4 in lxc install-deps

* Disable testing on debian and centos. Images missing. (#4606)
@louiseschmidtgen
fix: Microk8s release CI by pre-install xdelta3 (#4983)
21c9cc4
@github-actions @neoaggelos
update list of images used by 1.29 (#5001)
7a0ebfc 
Co-authored-by: neoaggelos <[email protected]>
@ethandcosta
update dqlite to 1.1.13
226bfa0
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

8 participants

@ethandcosta @bschimke95 @berkayoz @ktsakalozos @louiseschmidtgen @aznashwan @HomayoonAlimohammadi