ack-kruise is a standard extension for Kubernetes and can be used with Kubernetes. It offers enhanced and efficient capabilities for managing containers, sidecars, and image distribution. ack-kruise 1.0.0 to 1.3.1 are granted excessive role-based access control (RBAC) permissions. This may raise security risks. To ensure component security, we recommend that you update ack-kruise to 1.4.1 or later. This topic describes how to update ack-kruise.
Affected versions
Container Service for Kubernetes (ACK) clusters that use an ack-kruise version from 1.0.0 to 1.3.1 are affected. For more information about how to update the component, see Solution. This issue is fixed in ack-kruise 1.4.1 and later versions.
Solution
Step 1: Query the version of ack-kruise
Log on to the ACK console and click Clusters in the left-side navigation pane.
On the Clusters page, click the name of the cluster that you want to manage and choose in the left-side navigation pane.
Click Manage Applications on the Add-ons page. Find the ack-kruise component and check the Version of the component.
Step 2: Update ack-kruise
You can use the following method to update ack-kruise. This method does not require additional configuration.
Click Manage Applications on the Add-ons page. Find the ack-kruise component and click Update.
You can find the Update button if your ack-kruise is not updated to the latest version. If the Update button is not displayed, the latest version of ack-kruise is installed.
In the Note message, confirm the component information and click OK.