IBM Cloud Object Storage plug-in
View information for updates to the IBM Cloud Object Storage plug-in in your IBM Cloud® Kubernetes Service clusters.
IBM Cloud Object Storage plug-in version | Supported? |
---|---|
2.2.32 | Yes |
2.2.31 | Yes |
2.2.30 | Yes |
Change log for version 2.2.32, released 26 September 2024
- Fixes a mounting issue in clusters with RHCOS worker nodes.
Change log for version 2.2.31, released 24 September 2024
- Updates
s3fs-fuse
tov1.94
. - Updates golang to
1.22.7
. - Resolves CVE-2024-34158, CVE-2024-34155, and CVE-2024-34156.
Change log for version 2.2.30, released 29 August 2024
- Updates golang to
1.21.13
. - Resolves the following CVEs: CVE-2024-6104, CVE-2024-24791, CVE-2023-45288, CVE-2024-2398, CVE-2024-37370, and CVE-2024-37371.
Change log for version 2.2.29, released 31 July 2024
- Adds support for Ubuntu 24 worker nodes.
Change log for version 2.2.28, released 17 July 2024
- Resolves CVE-2023-2953 and CVE-2024-28182
Change log for version 2.2.27, released 17 July 2024
- Resolves CVE-2024-24789 and CVE-2024-24790
Change log for version 2.2.26, released 5 June 2024
- Adds HPCS support.
- Updates golang base image to fix vulnerabilities CVE-2023-7008, CVE-2024-2961, CVE-2024-33599, CVE-2024-33600, CVE-2024-33601, CVE-2024-33602.
Change log for version 2.2.25, released 24 April 2024
- Resolves CVE-2023-45288, CVE-2024-24785, CVE-2023-44487, and CVE-2023-45288
Change log for version 2.2.24, released 22 February 2024
- Fixes an installation issue on Satellite clusters with CoreOS worker nodes.
Change log for version 2.2.23, released 29 January 2024
- Replaces UBI image with scratch image.
- Resolves CVE-2023-3446, CVE-2023-3817, and CVE-2023-5678.
Change log for version 2.2.22, released 20 November 2023
- Updates Golang to
1.21.4
- Updates UBI image to
8.9-1029
- Resolves the following CVEs: CVE-2023-22745, CVE-2007-4559, CVE-2023-40217, CVE-2023-4641, CVE-2023-45283, and CVE-2023-45284.
Change log for version 2.2.21, released 13 November 2023
- Updates Golang to
1.21.3
- Updates the
ibmc
plug-in to create the deployment namespace with privileged labels to enforce Pod Security Standards. - Updates s3fs fuse to
v1.93
Change log for version 2.2.20, released 30 October 2023
- Updates UBI to
8.8-1072.1697626218
to fix CVE-2023-44487. - Updates to fix CVE-2023-39325.
Change log for version 2.2.19, released 12 October 2023
- Updates UBI image to
8.8-1072
- Resolves the following CVEs: CVE-2023-29491, CVE-2023-4911, CVE-2023-4527, CVE-2023-4806, and CVE-2023-4813.
Change log for version 2.2.18, released 7 September 2023
- Adds support for RHCOS
4.13
. - Updates Golang to
1.19.12
. - Updates UBI image to
8.8-1037
. - Resolves the following CVEs: CVE-2023-29409, CVE-2023-27536, CVE-2023-2602, CVE-2023-2603, CVE-2023-34969, CVE-2023-28321, CVE-2023-28484, and CVE-2023-29469.
Change log for version 2.2.17, released 3 July 2023
- Updates Golang to
1.19.11
. - Updates UBI image to
8.8-1014
. - Resolves the following CVEs: CVE-2023-29406, CVE-2020-24736, [CVE-2023-1667], CVE-2023-2283, and CVE-2023-26604.
Change log for version 2.2.16, released 3 July 2023
- Adds support for auto creation and deletion of user defined bucket names.
Change log for version 2.2.15, released 19 June 2023
- Updates UBI image to
8.8-860
. - Updates Golang to
1.19.10
. - Resolves the following CVEs: CVE-2023-29401, CVE-2023-26125, CVE-2022-3172,CVE-2023-29403, CVE-2023-29404, CVE-2023-29405, CVE-2023-29402, CVE-2023-29400, CVE-2023-24540, CVE-2023-24539, CVE-2022-43552, CVE-2022-3204, CVE-2023-27535, CVE-2022-36227, and CVE-2022-35252.
Change log for version 2.2.14, released 02 May 2023
- Updates the UBI image to
8.7-1107
. - Updates Golang to
1.19.8
. - Resolves the following CVEs: CVE-2023-0361, CVE-2023-24536, CVE-2023-24537, CVE-2023-24538.
Change log for version 2.2.13, released 03 April 2023
- Updates the UBI image to
8.7-1085.1679482090
. - Resolves the following CVEs: CVE-2022-4304, CVE-2022-4450, CVE-2023-0215, CVE-2023-0286.
Because this update affects regional storage classes, you must uninstall and reinstall the 2.2.13
chart so the new storage classes are created in your cluster. This change primarily impacts single site clusters because the regional
storage classes, such as ibmc-s3fs-standard-regional
, now point to the single site COS endpoint instead of the regional endpoints. This change is not applied automatically to existing PVCs and pods. You must create new PVCs with
the new storage classes for the changes to take effect. For more information on how to update your PVCs, refer to the Adding object storage to apps documentation.
Change log for version 2.2.12, released 20 March 2023
- Updates Golang to
1.19.7
. - Resolves the following CVEs: CVE-2023-24532, CVE-2022-41722, CVE-2022-41725, CVE-2023-23916.
Change log for version 2.2.11, released 03 March 2023
- Updates Golang to
1.19.6
. - Updates the UBI Image to
8.7-1085
. - Updates s3fs fuse to
d1388ff
. - Resolves the following CVEs: CVE-2022-41723, CVE-2022-41724, CVE-2022-4415, CVE-2020-10735, CVE-2021-28861, CVE-2022-45061, CVE-2022-40897.
Change log for version 2.2.10, released 21 February 2023
- Updates the UBI Image to
8.7-1049.1675784874
. - Updates the default values for
CPU request
andCPU limit
to100m
and500m
respectively. - Updates the default values for
Memory request
andMemory limit1
to128Mi
and500Mi
respectively. - Resolves CVE-2022-47629.
Change log for version 2.2.9, released 13 February 2023
- Adds support for the
--set allowCrossNsSecret=true/false
option when you install the IBM Cloud Object Storage plug-in. For more information, see Installing the IBM Cloud Object Storage plug-in. - Adds support for
Wasabi
andAWS
s3 providers on Satellite clusters. - On Satellite clusters, the
object store endpoint
is now auto populated based on thecos.storageClass
ands3provider
options.
Change log for version 2.2.8, released 23 January 2023
- Updates the UBI Image to
8:8.7-1049
- Adds
PriorityClasses
for driver and plug-in pods - Updates tolerations for plug-in pod
- Adds support for encrypting buckets with IBM Key Protect by using your root key CRN when creating buckets.
- Resolves the following CVEs: CVE-2022-43680, CVE-2022-42010, CVE-2022-42011, CVE-2022-42012, CVE-2022-3821, CVE-2022-35737, CVE-2021-46848.
Change log for version 2.2.7, released 5 January 2023
- Renames
flex
StorageClasses toSmart
StorageClasses - Updates GoLang to
1.18.9
- Resolves CVE-2022-41717 and CVE-2022-41720
Because this change affects storage classes, you must uninstall and reinstall the 2.2.7 chart so the new storage classes are created in your cluster. This change is not automatically applied to existing PVCs and pods. You must create new PVCs with the new storage classes for the changes to take effect.
Change log for version 2.2.6, released 15 December 2022
- Updates the
tls-cipher-suite
value todefault
in all the s3fs storage classes for all Red Hat OpenShift clusters. - Updates the
tls-cipher-suite
value toAESGCM
for all Kubernetes clusters. - If you want to overwrite the value from
default
to any other specifictls-cipher-suite
, annotate your PVC withibm.io/tls-cipher-suite: "<cipher-suite-value>"
.
Because this change affects storage classes, you must uninstall and reinstall the 2.2.6 chart so the new storage classes are created in your cluster. This change is not automatically applied to existing PVCs and pods. You must create new PVCs with the new storage classes for the changes to take effect.
Change log for version 2.2.5, released 9 December 2022
- Updates the UBI image to
8.7-923.1669829893
Change log for version 2.2.4, released 5 December 2022
- Updates Golang to
1.18.8
- Resolves CVE-2022-41715, CVE-2022-2879, CVE-2022-2880
Change log for version 2.2.3, released 15 November 2022
- Updates the UBI image to
8.7-923
- Resolves CVE-2016-3709, CVE-2022-30698, CVE-2022-30699, CVE-2022-1304.
Change log for version 2.2.2, released 8 November 2022
- Updates the UBI image to
8.6-994
. - Resolves CVE-2022-37434, CVE-2020-35525, CVE-2020-35527, CVE-2022-3515, CVE-2022-2509, CVE-2022-40674.
Change log for version 2.2.1, released 20 September 2022
- Updates the UBI image to
8.6-941
- Updates Golang
1.18.6
- Resolves CVE-2022-27664
Change log for version 2.2.0, released 12 September 2022
- Updates the UBI image to
8.6-902.1661794353
- Resolves CVE-2022-32206, CVE-2022-32208, CVE-2022-2526.
- Cloud Pak certification renewed for the plug-in
Change log for version 2.1.21, released 24 August 2022
- Updates Golang to
1.18.5
- Updates the UBI image to
8.6-902
- Resolves CVE-2022-1962, CVE-2022-1586, CVE-2022-2068, CVE-2022-1292, CVE-2022-2097.
Change log for version 2.1.20, released 17 August 2022
Adds support for RHEL 8.
Change log for version 2.1.19, released 27 July 2022
Updates the following mount paths for the driver pods. - Mounts /etc/os-release
or /etc/lsb-release
as read only. - Mounts /etc/kubernetes
instead of /etc
or /usr/libexec/kubernetes
to install the FlexVolume
binary. - Mounts /usr/local/bin
instead of /usr/local
to install the s3fs
binary.
Change log for version 2.1.18, released 14 July 2022
- Updates the UBI Image to
8.6-854
- Resolves CVE-2022-29824, CVE-2021-40528, CVE-2022-22576, CVE-2022-27774, CVE-2022-27776, CVE-2022-27782, CVE-2022-25313, [CVE-2022-25314] (https://nvd.nist.gov/vuln/detail/CVE-2022-25314)
- Updates Golang to
1.18.3
Change log for version 2.1.17, released 28 June 2022
- Updates the UBI to
8.6-751.1655117800
- Updates
s3fs-fuse
fix asegfault
issue. - Adds support to configure ephemeral storage of plug-in and driver pods.
Change log for version 2.1.16, released 25 May 2022
- Updates the UBI to
8.6-751
- Added support for adding
ips
by using PVC annotation forconfigBucketAccess
- Added support for
crftoken
to be fetched fromstorage-secret-store
Change log for version 2.1.15, released 6 May 2022
- Updates the UBI to
8.5-243.1651231653
- Resolves CVE-2022-1271
- Updates GoLang to
1.17.9
Change log for version 2.1.14, released 13 April 2022
- Updates the UBI to
8.5-240.1648458092
- Resolves CVE-2022-0778
- Added support for two stable versions of s3fs fuse in one chart release
- Added support for quota-limit option for COS buckets by using s3fs plug-in
- Includes the
ibmc
plug-in version2.0.8
Change log for version 2.1.13, released 24 March 2022
- Updates the UBI to
8.5-240
- Updates Golang to
v1.16.15
- Resolves CVE-2022-24921, and CVE-2022-23852.
- Updates s3fs fuse to
v1.91
. - Adds support for additional mount options
Ex: ibm.io/add-mount-param: "del_cache,retries=6"
. - Fixes a bug where
mixupload
returnsEntityTooSmall
when acopypart
is less than 5MB after split.
Change log for version 2.1.12, released 11 March 2022
- Updates the UBI to
8.5-230.1645809059
- Resolves CVE-2022-24407
Change log for version 2.1.11, released 1 March 2022
- Update Go to version 1.16.14
- Resolves CVE-2022-23772, CVE-2022-23773, CVE-2022-23806
Change log for version 2.1.10, released 17 February 2022
- Updates the universal base image (UBI) to
ubi-minimal:8.5-230
. - Resolves the following CVEs: CVE-2021-3538, CVE-2018-14632, CVE-2020-26160.
- Fixes a bug where the
kubernetes.io/secret/res-conf-apikey
was present in some logs.
Change log for version 2.1.9, released 24 January 2022
Change log for version 2.1.8, released 17 January 2022
- Updates the UBI to version
8.5-218
. - Resolves CVE-2021-3712.
- Fixes an issue that prevented masking keys in the PVC logs.
Change log for version 2.1.7, released 18 November 2021
- Updates the UBI to version 8.5-204.
- Updates Golang to version 1.16.10.
- Resolves CVE-2021-41772, CVE-2021-41771, and CVE-2021-22947.
Change log for version 2.1.6, released 22 October 2021
- Image tags:
1.8.36
- Updates s3fs fuse to version 1.90
- Updates dependencies
Change log for version 2.1.5, released 5 October 2021
- Image tags:
1.8.34
- Resolves CVE-2021-36221, CVE-2021-29923, and CVE-2021-33196.
- Updates the UBI to
8.4-210
. - Includes the
ibmc
plug-in version2.0.7
. - Pulls the Golang base image from artifactory.
- Includes endpoint updates for
jp-tok
anduk-south
. - Updates location constraints for Sao Paulo 01. New constraints are
br-sao-standard
,br-sao-vault
,br-sao-cold
, andbr-sao-smart
. For more information, see Storage classes. - Allows deployments to the
kube-system
namespace whenbucketAccessPolicy
is enabled. - Supports dynamic provisioning for non-default regions in AWS s3 instance.
Change log for version 2.1.4, released 1 September 2021
- Image tags:
1.8.33
- Fixes a
timeoutSeconds
issue in thelivenessProbe
andreadinessProbe
. - Updates the Golang version to
v1.17
. - Updates the UBI image to
8.4-208
. - Migrates the image from the
ibmcom
public registry to theicr.io/cpopen
registry. - Resolves CVE-2021-36221, CVE-2021-29923, and CVE-2021-33196.
Change log for version 2.1.3, released 25 August 2021
- Image tags:
1.8.32
- Addresses the following CVEs: CVE-2021-3520, CVE-2021-3516, CVE-2021-3517, CVE-2021-3518, CVE-2021-3537, CVE-2021-3541, CVE-2021-33195, CVE-2021-33196, CVE-2021-33198, CVE-2021-33197, and CVE-2021-34558.
- Includes a new version of the
ibmc
Helm plug-in. - Adds support for Satellite clusters.
- Adds support for static provisioning of s3fs on AWS clusters.
- Adds support for installing the
ibm-object-storage-plugin
in air-gapped environments. - Changes the default installation namespace from the
kube-system
namespace to theibm-object-s3fs
namespace. - Enables
ReadOnlyRootFilesystem
for the plug-in and driver pods. - Updates the Golang version to
v1.16.6
.
The ibm-object-s3fs
namespace is created during installation. Dynamic creation of namespaces is supported for Helm versions 3.2.0 and later. Before upgrading to version 2.1.3 of the ibm-object-storage-plugin
, upgrade
to Helm 3.2.0 or later. If you want to install the Helm chart without using the ibmc
plug-in, you must manually create the ibm-object-s3fs
namespace before installing the plug-in.
Change log for version 2.1.2, released 22 June 2021
- Image tags:
1.8.30
- Updates in this version: Version
v2.0.5
of thehelm-ibmc
plug-in is available. - Fixes
CVE-2021-31525
,CVE-2021-33194
, andCVE-2021-27219
.
Change log for version 2.1.1, released 03 June 2021
- Image tags:
1.8.29
- Fixes an upgrade issue in version
2.1.0
. - Includes a new version of the
helm ibmc
plug-in. For more information, see Updating the IBM Cloud Object Storage plug-in.. - Users can now specify
default
in PVC configurations to use the default TLS cipher suite when a connection to IBM Cloud Object Storage is established via the HTTPS endpoint. If your worker nodes run an Ubuntu operating system, your storage classes are set up to use theAESGCM
cipher suite by default. For worker nodes that run a Red Hat operating system, theecdhe_rsa_aes_128_gcm_sha_256
cipher suite is used by default. For more information, see Adding object storage to apps. - Fixes CVE-2020-28851.
Change log for version 2.1.0, released 26 May 2021
- Image tags:
1.8.28
- Updates the UBI to
8.4-200
.
Change log for version 2.0.9, 10 May 2021
- Image tags:
1.8.27
- Updates the UBI to
8.3-298.1618432845
. - Replaces the Flex storage classes with Smart Tier storage classes.
- Fixes CVE-2021-20305.
- Updates IAM Endpoints.
- Updates the
object-store-endpoint
. - Fixes a PVC mount issue in private-only VPC clusters.
- Updates the
ResourceConfiguration
endpoint.
Change log for version 2.0.8, 19 April 2021
- Image tags:
1.8.25
- Updates the Go version to
1.15.9
. - Updates the UBI from
ubi-minimal:8.3-291
toubi-minimal:8.3-298
. - Fixes CVE-2021-3449, CVE-2021-3450, CVE-2021-27919, and CVE-2021-27918.
Change log for version 2.0.7, 26 March 2021
- Image tags:
1.8.24
- Updates the Go version to
1.15.8
. - The plug-in now uses a universal base image (UBI).
- Fixes for CVE-2021-3114, CVE-2021-3115, CVE-2020-28852, and CVE-2020-28851.
Change log for version 2.0.6, 18 December 2020
- Image tags:
1.8.23
- The
1.8.23
image is signed. - Updates the Go version to
1.15.5
. - Fixes
CVE-2020-28362
,CVE-2020-28367
, andCVE-2020-28366
. - Resources that are deployed by the IBM Cloud Object Storage plug-in are now linked with the corresponding source code and build URLs.
- Updates the IBM Cloud Object Storage plug-in to pull the universal base image (UBI) from the proxy image registry.
Change log for version 2.0.5, released 25 November 2020
- Fixes a
NilPointer
error. - Resolves the following CVEs:
CVE-2018-20843
,CVE-2019-13050
,CVE-2019-13627
,CVE-2019-14889
,CVE-2019-1551
,CVE-2019-15903
,,CVE-2019-16168
,CVE-2019-16935
,CVE-2019-19221
,CVE-2019-19906
,CVE-2019-19956
,CVE-2019-20218
,CVE-2019-20386
,CVE-2019-20387
,CVE-2019-20388
,CVE-2019-20454
,CVE-2019-20907
,CVE-2019-5018
,CVE-2020-10029
,CVE-2020-13630
,CVE-2020-13631
,CVE-2020-13632
,CVE-2020-14422
,CVE-2020-1730
,CVE-2020-1751
,CVE-2020-1752
,CVE-2020-6405
,CVE-2020-7595
, andCVE-2020-8177
.