Skip to content


Significant changes

  • kube-dns has been updated with the hotfix for CVE-2017-14491. For more details, please see CVE Advisory.

Full changelist

  • Update images in CI tests (thanks @justinsb)
  • Update kube-dns to 1.14.5 for CVE-2017-14491 (thanks @mikesplain)


Significant changes

  • Manifests are rewritten by default, which includes a normalization phase. This can make it hard to understand the actual changes (as opposed to just the formatting changes). A feature flag has been added, export KOPS_FEATURE_FLAGS="-RewriteManifests" which can be used to disable manifest rewriting. A recommendation: you can run kops update twice, once without manifest formatting to show the real changes, and then immediately afterwards with manifest changes, which will be just formatting changes. Run KOPS_FEATURE_FLAGS="-RewriteManifests" kops update cluster, to show the real changes, apply them with KOPS_FEATURE_FLAGS="-RewriteManifests" kops update cluster --yes, then run kops update cluster to show the formatting changes, followed by kops update cluster --yes

  • Default disk size increased to 64GB (masters) and 128GB (nodes). This does have a higher cost, but also gives us more inodes & more iops (and more disk space, of course!)

  • Calico now configured with the correct pod CIDR: #2768. Please refer to the Required Actions section for details regarding this.

Required Actions

  • Existing Calico users on clusters that were created prior to kops 1.7 are susceptible to IP conflict between Pods and Services due to an overlap of the two IP ranges. Migration to a new Pod CIDR is recommended, and is a manual procedure due to risk of potential downtime during this operation.

Full changelist