analytics-api
application, part of the old analytics implementation, has been officially deprecated and removed.
install-lilt.sh
script and no longer a separate deployment. If upgrading LILT from a previous version and flannel
is already installed, comment out the flannel section of the install script:
flannel
for the first time via the helm chart, ensure that the podCidr
is consistent with K8S cluster settings:
maxmemory
must be slightly below pod mem limits
. Memory can be increased if required:
kernel
parameters are required to prevent ztunnel
pod restarts:
Istio
, api
, Clickhouse
, and Flannel
. Please ensure that the following are enabled:
GPU
node in parallel with the Worker
node. If NOT using a centralized repository for all images, ensure that the following are loaded via containerd
on the GPU
node:
g4dn.2xlarge (8 vCPUs, 32 GB RAM)
to g4dn.8xlarge (32 vCPUs, 128 GB RAM)
, in order to be able to run the V2 and V3 services.
15000,15001,15006,15008,15009,15010,15012,15014,15017,15020,15021,15090,15443,20001}/tcp
for Istio.
Vulnerability Reference | Application | Mitigation / Notes |
---|---|---|
CVE-2024-31580 | neural | To be fixed in next release, requires upgrade of package that is used by internal dependencies. |
CVE-2024-31583 | neural | To be fixed in next release, requires upgrade of package that is used by internal dependencies. |
CVE-2023-6378 | core-api | To be fixed in next release, requires upgrade of package that is used by internal dependencies. |
CVE-2023-6481 | core-api | To be fixed in next release, requires upgrade of package that is used by internal dependencies. |
CVE-2024-22257 | core-api | To be fixed in next release, requires upgrade of package that is used by internal dependencies. |
CVE-2016-1000027 | core-api | To be fixed in next release, requires upgrade of package that is used by internal dependencies. |
CVE-2024-22243 | core-api | To be fixed in next release, requires upgrade of package that is used by internal dependencies. |
CVE-2024-22259 | core-api | To be fixed in next release, requires upgrade of package that is used by internal dependencies. |
CVE-2024-22262 | core-api | To be fixed in next release, requires upgrade of package that is used by internal dependencies. |
CVE-2023-32697 | core-api | To be fixed in next release, requires upgrade of package that is used by internal dependencies. |
CVE-2022-1471 | core-api | To be fixed in next release, requires upgrade of package that is used by internal dependencies. |
CVE-2022-25857 | core-api | To be fixed in next release, requires upgrade of package that is used by internal dependencies. |
CVE-2024-21634 | core-api | To be fixed in next release, requires upgrade of package that is used by internal dependencies. |
GHSA-m425-mq94-257g | localpv-provisioner | Vulnerability exists in latest version of this application. Waiting on a newer release to fix. |
CVE-2024-24790 | localpv-provisioner | Vulnerability exists in latest version of this application. Waiting on a newer release to fix. |
CVE-2023-39325 | localpv-provisioner | Vulnerability exists in latest version of this application. Waiting on a newer release to fix. |
CVE-2023-45283 | localpv-provisioner | Vulnerability exists in latest version of this application. Waiting on a newer release to fix. |
CVE-2023-45287 | localpv-provisioner | Vulnerability exists in latest version of this application. Waiting on a newer release to fix. |
CVE-2023-45288 | localpv-provisioner | Vulnerability exists in latest version of this application. Waiting on a newer release to fix. |
CVE-2023-1370 | elasticsearch | Vulnerability exists in latest version of this application. Waiting on a newer release to fix. |
CVE-2021-40690 | elasticsearch | Vulnerability exists in latest version of this application. Waiting on a newer release to fix. |
CVE-2022-1471 | elasticsearch | Vulnerability exists in latest version of this application. Waiting on a newer release to fix. |
CVE-2024-41110 | istiod | Vulnerability exists in latest version of this application. Waiting on a newer release to fix. |