# SMCP 5.12 Release Notes ## Platform9 SMCP 5.12 **2025-04-23** | Component | Version | | ---------------------- | ---------------- | | Airctl | v-5.12.1-3802903 | | **Workload Clusters** | | | Kubernetes 1.29 | 1.29.2-pmk.247 | | Kubernetes 1.30 | 1.30.4-pmk.146 | | Kubernetes 1.31 | 1.31.5-pmk.82 | | **Management cluster** | | | Kubernetes 1.30 | 1.30.4-pmk.146 | ## Features/Enhancements `Added` Added support for workload clusters with Kubernetes version 1.31 `Added` fix for critical CVE(s) in nginx-ingress-controller `Added` Added support for MetalLB v0.14.9 (with addon operator 8.0.9) `Added` Added support for RHEL 8.10 (introduced in SMCP 5.11.1 patch) `Added` Added ability to modify the verbosity level for kube-api server (ported from SMCP 5.11.1 patch) `Added` Updated libraries/ module dependencies to fix CVEs #### Deprecations, Feature Removal and EOL information * Following Operating Systems are no longer supported with SMCP 5.12 and above. * RHEL 8.6 * RHEL 8.7 * Centos 7.9 * The pods related to the legacy cluster API (pf9-capi) implementation have been removed ### Bug Fixes `Fixed` Fixed the issue causing MetalLB addon in BGP mode to report unhealthy state due to the bug [Community validation webhook denies all updates](https://github.com/metallb/metallb/issues/2597) in upstream MetalLB v0.14.2. Upgraded MetalLB addon to [v0.14.9](https://metallb.universe.tf/release-notes/#version-0-14-9) to solve the issue. `Fixed` Fixed an issue causing host onboarding to fail for new hosts on DU having dynamic kubelet configuration DKC. `Fixed` Fixed the issues that caused add-on operator to remove the custom cert manager objects on disabling Luigi and custom prometheus objects on disabling the pf9-monitoring add-on. `Fixed` Fixed an issue due to which existing default apiserver flags could not be modified (e.g. `service-account-issuer`). `Fixed` Fixed a bug that exposed `Kube-scheduler` and `kube-controller` open to all interfaces (ported from SMCP 5.11.1 patch) ### Known Issues `Known Issue` ***On Ubuntu 22***, [SMCP 5.10 to SMCP 5.11 upgrade](https://platform9.com/docs/5.10/PEC/upgrade-smcp#13-upgrade-host-components) The procedure (and upgrade to `5.12` similarly) requires the following commands to be run to update host-side components: * `airctl configure-hosts --reset-pf9-managed-docker-conf --skip-docker-install --skip-docker-img-import --verbose` * `airctl upgrade-hosts --verbose` * \*\* Impact\_:\_ \_\_For Ubuntu 22, the above procedure breaks the host connection from the management cluster, terminates the pf9-comms, leading to management cluster upgrade failure. * * * \*\* Workaround\_:\_ For Ubuntu 22, reversing the order of the two commands works; run the upgrade-host, then the configure-hosts * * `Known Issue` During the DU upgrade process (`airctl upgrade --config airctl-config.yaml --verbose`), the `sunpike-kube-apiserver` pod enters a `CrashLoopBackOff` state following the successful execution of the airctl upgrade step. While the pod eventually reconciles itself, it may take an extended duration (`30+` minutes or more). * \*\* Impact: This delay can disrupt cluster operations, leading to prolonged upgrade timelines and potential downtime for services dependent on the `sunpike-kube-apiserver`. * * * \*\* Workaround: Manually restarting the `sunpike-kube-apiserver` pod resolves the issue and significantly reduces reconciliation time. * * `Known Issue` ***On Ubuntu 22***: When rebooting a management cluster node running Ubuntu 22, the node does not automatically recover. This can lead to an unavailable management plane and disruption of cluster operations. * \*\* Impact: Post-reboot, the management cluster node remains non-functional until manual intervention is performed. * * * \*\* Workaround: To recover the node, run the following commands on the affected node: `sudo systemctl stop pf9-nodeletd`, `sudo /opt/pf9/nodelet/nodeletd phases restart` * * `Known Issue` ***: On Ubuntu 22,*** when `systemd-resolved` is disabled, the symbolic link `/etc/resolv.conf` pointing to `/run/systemd/resolve/stub-resolv.conf` does not recover after a node reboot on the management cluster. * \*\* Impact: In an environment with no DNS server available, DNS information in the `/etc/resolv.conf` doesn't recover, resulting in DNS resolution failure; hence, the cluster won't recover. * * * \*\* Workaround: To ensure DNS functionality persists after a reboot, follow these steps before a node is rebooted. * * * Remove the symbolic link /etc/resolv.conf (`sudo rm /etc/resolv.conf` ) . Manually create a new /etc/resolv.conf ( `sudo nano /etc/resolv.conf` ) with the required DNS entries. This step is critical if no DNS server is running in the cluster. * Add the following DNS entries (replace with your preferred DNS servers if needed): * nameserver \ `Known Issue` On Rocky Linux 9 (rocky-92), platform9's pf9-kube package installs `iptables-services` as a dependency. With recent updates to the upstream repositories, installation will fail due to a missing dependency on `iptables-legacy-*` packages. * \*\* Workaround: (On Rocky Linux 9) Users will need to install the legacy packages by running `dnf install iptables` or `dnf install iptables-utils` on workload cluster nodes. Since this is a recent upstream change, a solution will be provided in upcoming releases by packaging the required packages along with `pf9-kube` package. * * ### SMCP 5.12 Kubernetes Components List | Component | Kubernetes 1.31 | Kubernetes 1.30 | Kubernetes 1.29 | | ------------------------------------ | ----------------- | ------------------ | ------------------ | | KUBERNETES BUILD VERSION | 1.31.5-pmk.**82** | 1.30.4-pmk.**146** | 1.29.2-pmk.**247** | | CONTAINERD | 1.7.13 | 1.7.13 | 1.7.13 | | RUNC | 1.1.12 | 1.1.12 | 1.1.12 | | CORE-DNS | 1.11.1 | 1.11.1 | 1.11.1 | | METRICS SERVER | 0.6.4 | 0.6.4 | 0.6.4 | | METAL LB | 0.14.**9** | 0.14.**9** | 0.14.**9** | | KUBERNETES DASHBOARD | 2.7.0 | 2.7.0 | 2.7.0 | | CLUSTER AUTO-SCALER AWS | 1.28.0 | 1.28.0 | 1.28.0 | | FLANNEL | 0.24.2 | 0.24.2 | 0.24.2 | | CALICO | 3.27.2 | 3.27.2 | 3.27.2 | | ETCD | 3.5.12 | 3.5.12 | 3.5.12 | | CNI PLUGINS | 1.4.0 | 1.4.0 | 1.4.0 | | KUBEVIRT | 1.0.0 | 1.0.0 | 1.0.0 | | KUBEVIRT CDI | 1.57.0 | 1.57.0 | 1.57.0 | | ADVANCED NETWORKING OPERATOR (LUIGI) | 0.5.8 | 0.5.8 | 0.5.8 | | MONITORING - PROMETHEUS OPERATOR | 0.68.1 | 0.68.1 | 0.68.1 | | PROFILE AGENT | 2.0.2 | 2.0.2 | 2.0.2 | | METAL3 | 1.1.1 | 1.1.1 | 1.1.1 | #### Platform9 CLI The `pf9ctl` release [1.31](https://github.com/platform9/pf9ctl/releases/tag/1.31) is available for customers who use `pf9ctl` instead of equivalent airctl commands to onboard nodes. It can be installed by running the following command. {% tabs %} {% tab title="Bash" %} ```bash bash <(curl -sL https://pmkft-assets.s3-us-west-1.amazonaws.com/pf9ctl_setup) ``` {% endtab %} {% endtabs %} --- # Agent Instructions: Querying This Documentation If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question. Perform an HTTP GET request on the current page URL with the `ask` query parameter: ``` GET https://docs.platform9.com/self-managed-cloud-platform/5.13/smcp-5-12-release-notes.md?ask= ``` The question should be specific, self-contained, and written in natural language. The response will contain a direct answer to the question and relevant excerpts and sources from the documentation. Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.