This page documents the list of known issues in Kubermatic KubeOne along with
possible workarounds and recommendations.
This list applies to KubeOne 1.6 releases. For KubeOne 1.5, please consider
the v1.5 version of this document. For earlier releases,
please consult the appropriate changelog.
node-role.kubernetes.io/master taint not removed on upgrade when using KubeOne 1.6.0-rc.1
- used KubeOne 1.6.0-rc.1 or built KubeOne manually on
commit up to
- provisioned clusters running Kubernetes 1.25 OR upgraded clusters running
Kubernetes 1.24 to Kubernetes 1.25
are affected by this issue.
Kubernetes removed the
node-role.kubernetes.io/master taint in 1.25.
However, we had a bug in KubeOne that enforced this taint up until Kubernetes
1.26. Even if we don’t put that taint for 1.26 clusters, Kubeadm is not going
to remove it upon upgrading to 1.26. That’s because the migration logic that
was removing that taint has been already removed in 1.26.
If you’re affected by this issue, you have to manually untaint affected
control plane nodes. You can do that by using the following command:
kubectl taint nodes node-role.kubernetes.io/master- --all
Not doing so might cause a major outage as we (both KubeOne and Kubeadm) stop
Cilium CNI is not working on clusters running CentOS 7
Cilium CNI is not supported on CentOS 7 because it’s using too older kernel
version which is not supported by Cilium itself. For more details, consider
the official Cilium documentation.
Please consider using an operating system with a newer kernel version, such
as Ubuntu, Rocky Linux, and Flatcar. See
the official Cilium documentation for a list of
operating systems and versions supported by Cilium.
Pod connectivity is broken for Calico VXLAN clusters
Clusters running Calico VXLAN might not be able to reach ClusterIP Services
from a node where the pod is running.
We do NOT recommend upgrading to KubeOne 1.6 and 1.5 at this time if you’re
using Calico VXLAN. Follow the linked GitHub issue and this page for updates.
KubeOne is failing to provision a cluster on upgraded Flatcar VMs
KubeOne is failing to provision a cluster on Flatcar VMs that are upgraded from
a version prior to 2969.0.0 to a newer version. This only affects VMs that were
never used with KubeOne; existing KubeOne clusters are not affected by this
If you’re affected by this issue, we recommend creating VMs with a newer Flatcar
version or following the cgroups v2 migration instructions.