Skip to content

Antrea v1.15.0
Compare
Choose a tag to compare
@tnqn tnqn released this 27 Jan 01:53
· 43 commits to release-1.15 since this release
v1.15.0
6507578

Added

  • Support Egress using IPs from a subnet that is different from the default Node subnet
    . (#5799, @tnqn)
    • Refer to this document for more information about this feature.
  • Add a migration tool to support migrating from other CNIs to Antrea. (#5677, @hjiajing)
  • Add L7 network flow export support in Antrea that enables exporting network flows with L7 protocol information. (#5218, @tushartathgur)
    • Refer to this document for more information about this feature.
  • Add a new feature NodeNetworkPolicy that allows users to apply ClusterNetworkPolicy to Kubernetes Nodes. (#5658 #5716, @hongliangl @Atish-iaf)
    • Refer to this document for more information about this feature.
  • Add Antrea flexible IPAM support for the Multicast feature. (#4922, @ceclinux)
  • Support Talos clusters to run Antrea as the CNI, and add Talos to the K8s installers document. (#5718 #5766, @antoninbas)
  • Support secondary network when the network configuration in NetworkAttachmentDefinition does not include IPAM configuration. (#5762, @jianjuns)
  • Add instructions to install Antrea in encap mode in AKS. (#5901, @antoninbas)

Changed

  • Change secondary network Pod controller to subscribe to CNIServer events to support bridging and VLAN network. (#5767, @jianjuns)
  • Use Antrea IPAM for secondary network support. (#5427, @jianjuns)
  • Create different images for antrea-agent and antrea-controller to minimize the overall image size, speeding up the startup of both antrea-agent and antrea-controller. (#5856 #5902 #5903, @jainpulkit22)
  • Don't create tunnel interface (antrea-tun0) when using Wireguard encryption mode. (#5885 #5909, @antoninbas)
  • Record an event when Egress IP assignment changes for better troubleshooting. (#5765, @jainpulkit22)
  • Update Windows documentation with clearer installation guide and instructions. (#5789, @antoninbas)
  • Enable IPv4/IPv6 forwarding on demand automatically to eliminate the need for user intervention or dependencies on other components. (#5833, @tnqn)
  • Add ability to skip loading kernel modules in antrea-agent to support some specialized distributions (e.g.: Talos). (#5754, @antoninbas)
  • Add NetworkPolicy rule name in Traceflow observation. (#5667, @Atish-iaf)
  • Use Traceflow API v1beta1 instead of the deprecated API version in antctl traceflow. (#5689, @Atish-iaf)
  • Replace net.IP with netip.Addr in FlowExporter which optimizes the memory usage and improves the performance of the FlowExporter. (#5532, @antoninbas)
  • Update kubemark from v1.18.4 to v1.29.0 for antrea-agent-simulator. (#5820, @luolanzone)
  • Upgrade CNI plugins to v1.4.0. (#5747 #5813, @antoninbas @luolanzone)
  • Update the document for Egress feature's options and usage on AWS cloud. (#5436, @tnqn)
  • Add Flexible IPAM design details in antrea-ipam.md. (#5339, @gran-vmv)

Fixed

  • Fix incorrect MTU configurations for the WireGuard encryption mode and GRE tunnel mode. (#5880 #5926, @hjiajing @tnqn)
  • Prioritize L7 NetworkPolicy flows over TrafficControl to avoid a potential issue that a TrafficControl CR with a redirect action to the same Pod could bypass the L7 engine. (#5768, @hongliangl)
  • Delete OVS port and flows before releasing Pod IP. (#5788, @tnqn)
  • Store NetworkPolicy in filesystem as fallback data source to let antre-agent fallback to use the files if it can't connect to antrea-controller on startup. (#5739, @tnqn)
  • Enable Pod network after realizing initial NetworkPolicies to avoid traffic from/to Pods bypassing NetworkPolicy when antrea-agent restarts. (#5777, @tnqn)
  • Fix Clean-AntreaNetwork.ps1 invocation in Prepare-AntreaAgent.ps1 for containerized OVS on Windows. (#5859, @antoninbas)
  • Add missing space to kubelet args in Prepare-Node.ps1 so that kubelet can start successfully on Windows. (#5858, @antoninbas)
  • Fix antctl trace-packet command failure which is caused by missing arguments. (#5838, @luolanzone)
  • Support Local ExternalTrafficPolicy for Services with ExternalIPs when Antrea proxyAll mode is enabled. (#5795, @tnqn)
  • Set net.ipv4.conf.antrea-gw0.arp_announce to 1 to fix an ARP request leak when a Node or hostNetwork Pod accesses a local Pod and AntreaIPAM is enabled. (#5657, @gran-vmv)
  • Skip enforcement of ingress NetworkPolicies rules for hairpinned Service traffic (Pod accessing itself via a Service). (#5687 #5705, @GraysonWu)
  • Add host-local IPAM GC on startup to avoid potential IP leak issue after antrea-agent restart. (#5660, @antoninbas)
  • Fix the CrashLookBackOff issue when using the UBI-based image. (#5723, @antoninbas)
  • Remove redundant log in fillPodInfo/fillServiceInfo to fix log flood issue, and update DestinationServiceAddress for deny connections. (#5592 #5704, @yuntanghsu)
  • Enhance HNS network initialization on Windows to avoid some corner cases. (#5841, @XinShuYang)
  • Fix endpoint querier rule index in response to improve troubleshooting. (#5783, @qiyueyao)
  • Avoid unnecessary rule reconciliations in FQDN controller. (#5893, @Dyanngg)
  • Update Windows OVS download link to remove the invalid certificate preventing unsigned OVS driver installation. (#5839, @XinShuYang)
  • Fix IP annotation not working on StatefulSets for Antrea FlexibleIPAM. (#5715, @gran-vmv)
  • Add DHCP IP retries in PrepareHNSNetwork to fix potential IP retrieving failure. (#5819, @XinShuYang)
  • Revise antctl mc deploy to support Antrea Multi-cluster deployment update when the manifests are changed. (#5257, @luolanzone)

Contributors

antoninbas, ceclinux, and 14 other contributors
Assets 31