If you are rolling back to versions in either of these scenarios, you must follow some extra instructions in order to get your clusters working.

    • Rolling back from v2.0.11+ to any version between v2.0.0 - v2.0.10.

    Because of the changes necessary to address , special steps are necessary if the user wants to roll back to a previous version of Rancher where this vulnerability exists. The steps are as follows:

    1. Record the for each cluster. To do this, save the following script on a machine with kubectl access to the Rancher management plane and execute it. You will need to run these commands on the machine where the rancher container is running. Ensure JQ is installed before running the command. The commands will vary depending on how you installed Rancher.

      Rancher Installed with Docker

      Rancher Installed on a Kubernetes Cluster

      2. Rollback Rancher following the normal instructions.

      3. Apply the backed up tokens based on how you installed Rancher.

        Rancher Installed with Docker

        Save the following script as to the machine where the Rancher docker container is running. Also copy the tokens.json file created previously to the same directory as the script.

        1. ./apply_tokens.sh <DOCKER CONTAINER NAME>

        After a few moments the clusters will go from Unavailable back to Available.

        Rancher Installed on a Kubernetes Cluster

        Save the following script as apply_tokens.sh to a machine with kubectl access to the Rancher management plane. Also copy the file created previously to the same directory as the script.

        Set the script to allow execution (chmod +x apply_tokens.sh) and execute the script as follows:

          After a few moments the clusters will go from Unavailable back to Available.