# PMK Release 5.14 Release Notes ## Release Summary The Platform9 Managed Kubernetes (PMK) version 5.14 release is now generally available with active support for Kubernetes **v1.33** ## PMK 5.14.0 Release Highlights (Released 2025-08-25) #### New Features `Added` Added active support for Kubernetes **1.33** #### Feature Updates `Added` Improvements to **Cilium CNI** `Added` Updated libraries/ module dependencies to fix CVEs #### Deprecations, Feature Removal and EOL information {% hint style="danger" %} **Kubernetes 1.30 and lower EoL** * All clusters must be upgraded to at **least Kubernetes v1.31** before upgrading from **PMK 5.13.x to PMK 5.14** * **Kubernetes v1.30** and lower versions are marked as *End of Life* on **PMK 5.14** {% endhint %} {% hint style="warning" %} **Kubernetes 1.31 Deprecated** * **Kubernetes v1.31** is marked as deprecated. * New clusters should be created on **Kubernetes v1.32** or above. However, you can continue to create new clusters on Kubernetes v1.31 or above. {% endhint %} * There are no Operating Systems deprecations in PMK **5.14** release. Check the PMK support matrix here: [Managed Kubernetes Support Matrix](https://docs.platform9.com/managed-kubernetes/5.14/support/support/managed-kubernetes-support-matrix) #### Bug Fixes `Fixed` Removed the `-cloud-provider` flag for API server to support k8s 1.33 for AWS clusters #### Known Issues `Known Issue` All existing and new AWS clusters in PMK must be configured with an `is_update`flag and restricted security group rules. Without this cluster updates (such as AMI updated) and upgrades may fail. Please reach out to Platform9 support for this configuration. `Known Issue` During PMK cluster upgrades, `pf9-kube` package uninstallation may be incomplete if workload containers are not stopped and removed. Please reach out to Platform9 support if this occurs. `Known Issue` On Rocky Linux 9 (tested on 9.2 and 9.4), Platform9's `pf9-kube` package installs `iptables-services` as a dependency. With recent updates to the upstream repositories, installation will fail due to a missing dependency on `iptables-legacy-*` packages. `Known Issue` (On Rocky Linux 9) Users will need to install the legacy packages by running `dnf install iptables` or `dnf install iptables-utils` on workload cluster nodes. Since this is a recent upstream change, a solution will be provided in upcoming releases by packaging the required packages along with `pf9-kube` package. `Known Issue` AWS clusters using flannel CNI need to be updated to use port 2379 instead of 4001 from1.22 version onwards. Workaround is to go to the "Edit cluster" option on the UI and clicked on "Update cluster" without making any changes. This adds the 2379 ingress rule to the master ELB. `Known Issue` When a detach operation is performed on a master node in a multi master cluster, it takes approximately 30 minutes to complete all the detach operations and perform cleanup on the node. Therefore, if you want to reattach this node to any other cluster, you need to wait for the nodelet to stop all the phases and perform cleanup before attempting to reattach the node. `Known Issue` In some scenarios, after a node is removed from the qbert clusters, nodelet fails to cleanup the data. Workaround is to check and remove the `/var/opt/pf9/kube`directory if present, even after the node is deauthorized. `Known Issue` Cluster upgrade attempt is blocked on UI post a cluster upgrade failure due to nodes being in a converging/not converged state. `Known Issue` Kubelet authorization mode is marked set to AlwaysAllow instead of Webhook. `Known Issue` PMK Cloud provider created directly in Sunpike cannot be used to create qbert clusters. Qbert cloud providers will work to create both qbert and sunpike clusters. But cloud providers created directly in sunpike CANNOT be used to create qbert clusters. Please use the appropriate one based on your needs. ### Package Updates #### PMK 5.14.0 Latest Kubernetes Components List
ComponentKubernetes 1.33Kubernetes 1.32Kubernetes 1.31
KUBERNETES BUILD VERSION1.33.3-pmk.46 updated1.32.3-pmk.55 updated1.31.9-pmk.136 updated
CONTAINERD1.7.271.7.271.7.27
RUNC1.1.121.1.121.1.12
CORE-DNS1.11.11.11.11.11.1
METRICS SERVER0.6.40.6.40.6.4
METAL LB0.14.90.14.90.14.9
KUBERNETES DASHBOARD2.7.02.7.02.7.0
CLUSTER AUTO-SCALER AWS1.28.01.28.01.28.0
FLANNEL CNI0.24.20.24.20.24.2
CALICO CNI3.27.53.27.53.27.5
CILIUM CNI new1.17.21.17.21.17.2
CILIUM CLI new0.18.30.18.30.18.3
ETCD3.5.123.5.123.5.12
CNI PLUGINS1.4.01.4.01.4.0
KUBEVIRT1.0.01.0.01.0.0
KUBEVIRT CDI1.57.01.57.01.57.0
ADVANCED NETWORKING OPERATOR (LUIGI)0.5.80.5.80.5.8
MONITORING - PROMETHEUS OPERATOR0.68.20.68.20.68.2
PROFILE AGENT2.0.22.0.22.0.2
METAL31.1.11.1.11.1.1
## PMK 5.14.1 Release Highlights (Released 2025-10-16) #### Feature Updates `Added` Catapult monitoring supports namespace-scoped filtering. Configure monitored namespaces using the `ksm-namespace-allowlist` configmap to reduce alert noise. `Added` Management plane monitoring now exports certificate and token Time-To-Live (TTL) metrics, enabling proactive alerting on certificate expiration. `Added` Increased default volume size for the Terraform script for AWS instance. `Added` Increased memory and CPU limits and requests for the `socat` container under `rabbitmq` pod. #### Bug Fixes `Fixed` Fixed cert-manager installation conflicts during cluster upgrades. The luigi-addon operator now detects existing cert-manager deployments and skips installation to prevent errors. `Fixed` The master node attachment and secondary volume mounting failures on AWS Nitro-based instances by correcting Terraform boot.sh script for NVMe device compatibility and increasing default volumes to 150GB and 180GB. `Fixed` Increased memory limits and requests for PMK components to prevent out-of-memory errors and container evictions. `Fixed` Resolved Out of Memory (OOM) errors causing Sunpike pod restarts by increasing memory limits for sunpike-apiserver and sunpike-kine to 400Mi, and sunpike-conductor limit to 1000Mi with request at 500Mi. ### Package Updates #### PMK 5.14.1 Latest Kubernetes Components List | **Component** | **Kubernetes 1.33** | **Kubernetes 1.32** | **Kubernetes 1.31** | | --------------------------------------------------------------- | ----------------------------------------------------------------- | ----------------------------------------------------------------- | ------------------------------------------------------------------ | | KUBERNETES BUILD VERSION | 1.33.3-pmk.**49** **`updated`** | 1.32.3-pmk.**63** **`updated`** | 1.31.9-pmk.**144** **`updated`** | | CONTAINERD | 1.7.27 | 1.7.27 | 1.7.27 | | RUNC | 1.1.12 | 1.1.12 | 1.1.12 | | CORE-DNS | 1.11.1 | 1.11.1 | 1.11.1 | | METRICS SERVER | 0.6.4 | 0.6.4 | 0.6.4 | | METAL LB | 0.14.9 | 0.14.9 | 0.14.9 | | KUBERNETES DASHBOARD | 2.7.0 | 2.7.0 | 2.7.0 | | CLUSTER AUTO-SCALER AWS | 1.28.0 | 1.28.0 | 1.28.0 | | FLANNEL CNI | 0.24.2 | 0.24.2 | 0.24.2 | | CALICO CNI | 3.27.5 | 3.27.5 | 3.27.5 | | **CILIUM CNI ****`new`** | 1.17.2 | 1.17.2 | 1.17.2 | | **CILIUM CLI** **`new`** | 0.18.3 | 0.18.3 | 0.18.3 | | ETCD | 3.5.12 | 3.5.12 | 3.5.12 | | CNI PLUGINS | 1.4.0 | 1.4.0 | 1.4.0 | | KUBEVIRT | 1.0.0 | 1.0.0 | 1.0.0 | | KUBEVIRT CDI | 1.57.0 | 1.57.0 | 1.57.0 | | ADVANCED NETWORKING OPERATOR (LUIGI) | 0.5.8 | 0.5.8 | 0.5.8 | | MONITORING - PROMETHEUS OPERATOR | 0.68.2 | 0.68.2 | 0.68.2 | | PROFILE AGENT | 2.0.2 | 2.0.2 | 2.0.2 | | METAL3 | 1.1.1 | 1.1.1 | 1.1.1 |