# Release v2.4.12

## Important

- **Please review the [v2.4.0 release notes](https://github.com/rancher/rancher/releases/tag/v2.4.0) for important updates/ breaking changes.**

* **Kubernetes 1.18 is now the default version [[#25117](https://github.com/rancher/rancher/issues/25117)]** - Kubernetes 1.18 is now the default version. Whenever upgrading to any Kubernetes version, please review the Kubernetes release notes for any breaking changes. 

- **Users using a single Docker container install** - Etcd in the Docker container has been upgraded from 3.3 to 3.4, therefore you *must* take a backup before upgrading in order to be able to roll back to a v2.3.x release. You will not be able to rollback without this backup. 
 
- **Users using node pools with RHEL/CentOS nodes [[#18065](https://github.com/rancher/rancher/issues/18065)]**: The default storage driver for RHEL/CentOS nodes has been updated to `overlay2`. If your node template does not specify a storage driver, any new node will be provisioned using the new updated default (`overlay`) instead of the old default (`devicemapper`). If you need to keep using `devicemapper` as your storage driver option, edit your node template to explicitly set the storage driver as `devicemapper. 

- **Users running Windows clusters [[#25582](https://github.com/rancher/rancher/issues/25582)]** - Windows has launched a security patch as of Feb 11. Before upgrading, please update your nodes to include this security patch, otherwise your upgrade will fail until the patch is applied. 
 
- **Rancher launched clusters require additional 500MB space** - By default, Rancher launched clusters have enabled audit logging on the cluster. 

- **Rancher launched Kubernetes clusters behavior of upgrades have changed [[#23897](https://github.com/rancher/rancher/issues/23897)]** - Please refer to the zero downtime upgrades feature to read more about it. 

### Addressing CVEs

- Updated Rancher's SAML library to address Golang's encoding/xml package CVE's found by [Mattermost](https://mattermost.com/blog/coordinated-disclosure-go-xml-vulnerabilities/)

## Versions

The following versions are now latest and stable:

 |Type | Rancher Version | Docker Tag |Helm Repo| Helm Chart Version |
 |---|---|---|---|---|
 | Latest | v2.5.4 | `rancher/rancher:latest` | server-charts/latest |v2.5.4 |
 | Stable | v2.5.4 | `rancher/rancher:stable` | server-charts/stable | v2.5.4 | 

Please review our [version documentation](https://rancher.com/docs/rancher/v2.x/en/installation/server-tags/) for more details on versioning and tagging conventions.

## Enhancements 

**Updated Kubernetes Versions**
- Updated to use `v1.18.14-rancher1-1` and `v1.17.16-rancher1-1`

### Air Gap Installations and Upgrades

In v2.4.0, an air gap installation no longer requires mirroring the systems chart git repo. Please follow the directions on how to [install Rancher to use the packaged systems chart](https://rancher.com/docs/rancher/v2.x/en/installation/air-gap/install-rancher).

### Known Major Issues

- When using monitoring with persistent storage for Grafana enabled, upgrading monitoring causes the pod to fail to start. Workaround steps are provided in the issue. [[#27450](https://github.com/rancher/rancher/issues/27450)]
- When using monitoring, upgrading Kubernetes versions removes the _\API Server Request Rate\_ metric [[#27267](https://github.com/rancher/rancher/issues/27267)]
- When a new chart version is added to a helm 3 catalog, the upgrade process can default to helm 2, causing an api error. Workaround in issue. [[27252](https://github.com/rancher/rancher/issues/27252)]

## Versions

### Images
- rancher/rancher:v2.4.12
- rancher/rancher-agent:v2.4.12

### Tools

- cli - [v2.4.9](https://github.com/rancher/cli/releases/tag/v2.4.9)
- rke - [v1.1.13](https://github.com/rancher/rke/releases/tag/v1.1.13)

### Kubernetes

- [1.18.14](https://github.com/rancher/hyperkube/releases/tag/v1.18.14-rancher1) (default)
- [1.17.16](https://github.com/rancher/hyperkube/releases/tag/v1.17.16-rancher1)

## Upgrades and Rollbacks

Rancher supports both upgrade and rollback. Please note the version you would like to [upgrade](https://rancher.com/docs/rancher/v2.x/en/upgrades/) or [rollback](https://rancher.com/docs/rancher/v2.x/en/backups/rollbacks/) to change the Rancher version.

Please be aware that upon an upgrade to v2.3.0+, any edits to a Rancher launched Kubernetes cluster will cause all system components to restart due to added tolerations to Kubernetes system components. Plan accordingly.

Recent changes to cert-manager require an upgrade if you have an HA install of Rancher using self-signed certificates. If you are using cert-manager older than v0.9.1, please see [the documentation](https://rancher.com/docs/rancher/v2.x/en/installation/options/upgrading-cert-manager/) on how to upgrade cert-manager.

**Important:** When rolling back, we are expecting you to rollback to the state at the time of your upgrade. Any changes post upgrade would not be reflected.