v1.3.0-rc3

Changelog

e79f024 .github: Fix Tag/Push workflow

v1.3.0-rc2

.github/workflows: Small fix

v1.3.0-rc1

Changelog

91a1b37 .github: Add Go Releaser Step (#1100)

v1.2.3

Changelog

fdfa27d fix: add locking around ipset invocations
cb3a91a fact(NPC): refactor isPodUpdateNetPolRelevant
f586d52 fix(NPC): check if new pod is actionable
8520865 fix(NPC): remove HostNetwork check from OnPodUpdate
81d52c2 fix(NPC): check if pod is actionable
476c07c feat(iptables): add upstream wrapper script
6baff81 fix(NPC): parse NodePorts as unsigned ints
c139c04 Oops, i guess my unit test was flaky in #1068
e49c255 skip host network pods when selecting pods to apply ingress/egress netpol
a042e0e skip hostnetwok pod's from enforcing network policies
9f79001 fix(nsc): Overly eager IPVS updating
6aa3fa9 Replace github.com/golang/glog with k8s.io/klog/v2
162e64d Drop vendor, update dependencies, upgrade docker images (#1052)

v1.2.2

Changelog

1943023 Swap temporary IPSets during ipset restore (#1068)

v1.2.1

Changelog

6bc6110 dont return error if there are no CIDR details configured in cni conflist
c309b27 skip logging Error when there is no Service object for an Endpoint

v1.2.0

This release addresses performance issues related to network policy enforcement. Network policy enforcement is significanly faster. Also support for DSR(Direct server return) functionality has been expanded to any CRI's in additions to Docker.

Thanks to all the contributors who submitted the PR's and helped with testing.

Changelog

f4b7d61 support egress to namedport without dst address (#1037)
43c3c9d Handle headless services (#1047)
1fb0820 fix(npc): sync npc on pod label changes (#1046)
40512f1 serialize the iptables changes by NRC and NPC while starting
99cb40b while doing ipset restore, ensure sets are flushed before adding entries
187a3f2 fix(ipset): add type option to RefreshSet
d1e1923 prevent iptable command calls when necessary rules already exists
fe515d1 fix(pod.go): ensure traffic at end of chain is only dropped once
22b031b feat(metrics): add more iptables sync metrics
95299a4 fix(pod.go): comment quoting issues
afd866c use ipset save and restore to modify ipset to reduce exec calls
888cac9 use iptables-save and iptables-restore commands to consolidate individual iptables command that are run during full network policies sync
8f2e26a Update deps for k8s, cni and golang (#1030)
8105734 metrics: Add metric for build_info (#1031)
49b9add Making IPIP/tunnel and override-nexthop independent (#1025)
53d66eb adding missing vendor files
ca2008e feat: simple CRI implementation in addition to Docker, required for DSR functionality. CRI compliant runtimes support (e.g. containerd, cri-o, etc.) (#1027)
2ba6f40 It appears as though this line is no longer relevant (#1029)
ee9f6d8 Update dependencies (go-iptables, cni) (#996)
c4eba17 Makefile: Drop outdated glide command (#1018)
c145885 resolving merge conflicts of PR-964
54b921f Merge remote-tracking branch 'iamakulov/master'
4e13a1d Update RBAC apiVersion from v1beta1 to v1 (#1016)
e16f207 npc code restructuring (#1007)
4c05ef2 Return an error if BatchAdd errors
1a487d2 Remove options passed to .Refresh()
a79eded Improve ipset performance with large sets

v1.1.1

Changelog

f8aed0c fix(nrc): multiple services with the same VIP
46e903a remove deprecated netpol beta API support (#1001)
7769a0c Update golang.org/x/net dependency
def8f54 Update to golang 1.15 and alpine-3.12
2b3f39c Update bgp.md (#1000)
fd5af18 Cleanup non-DSR externalIPs

v1.1.0

• This release updates critcal vendored dependencies
  - gobgp is updated latest version 2.19
  - k8s.io/client-go, k8s.io/apimachinery, k8s.io/api are updated to v0.18.8
• Also dep is no longer used, we will be using go modules going forward for dependency management
• Go 1.13 is version used for building kube-router and gobgp binaries

breaking changes

• starting from this release kube-router by default tries to auto-configure MTU for both pod interfaces and kube-bridge bridge interface. If you do not wish to change the MTU please set --auto-mtu to false. Please see https://github.com/cloudnativelabs/kube-router/blob/master/docs/user-guide.md#mtu if you would like to manually configure the MTU value.

Changelog

400e496 update go.sum
d1a2316 .gitignore: Drop vendor folder (#993)
8e3f36c Add LoadBalancer to getExternalIPs (#995)
92b914e review comments
7904b7c addressing review comments
947bb24 fix lint error
db1bd56 set mtu in cni spec to auto configure MTU's of the pod's veth's and kube-bridge interfaces
d32d651 go.mod: Vendor newer prometheus and k8s (#990)
5a5e835 fix(network_policy): mask mark reset on FW marks (#992)
824614d Add Support for Reading Peer Passwords via a File (#986)

v1.1.0-rc1

• This release brings in to much needed updates to critcal vendored dependencies
  - gobgp is updated latest version 2.19
  - k8s.io/client-go, k8s.io/apimachinery, k8s.io/api are updated to v0.18.6
• Also dep is no longer used, we will be using go modules going forward for dependency management
• Go 1.13 is version used for building kube-router and gobgp binaries

and couple of bug fixes.

Changelog

ac556ab pin goreleaser to v0.142.0, latest is causing errors
3c734fb merge gobgp-update into master (#982)
cebe8b7 Merge pull request #981 from cloudnativelabs/lint-errors
3b992e4 fix build break due to go linter errros
7cd5235 fix(network_policy): missed gofmt on #970
827ce55 Permit ExternalIP on input (#970)
c6ef3b8 Merge pull request #975 from mrueg/conv-fix
4d1fc8d Fix unnecessary conversions
b7610a0 Merge pull request #974 from aauren/add_kube-router_options_to_issue_template
b4203cb feat(bug_report.md): add parameters section to bug report
7613a73 add IfaceHasNoAddr check for external ip delete error (#971)
0cca5f1 Merge pull request #969 from aauren/fact/sort_options
f6210da fact(options): alphabetize imports
797ee0a fact(options): alphabetize options by parameter name
202f92b fact(options): alphabetize struct fields
4307bdd ISSUE_TEMPLATE: Add missing headers (#966)
36daba8 Setup Issue Templates (#963)
e35dc9d Merge pull request #958 from coufalja/random-all
68dba40 Clean original iptables rule if --random-fully is supported
d5af1a9 Merge pull request #961 from cloudnativelabs/remove_deprecated_cluster-cidr_option
5ef989c fix(options): remove deprecated cluster-cidr option
19a5b1a Merge pull request #959 from cloudnativelabs/goreleaser-ldflags
ece8987 .goreleaser.yml: Add LDFLAGS
a33089d [testing] run go linters (#943)
8d424ea Fix pod egress rule cleanup
3e33a9c Merge pull request #957 from qingkunl/add_nsswitch_conf
d66a3bb Activate --random-fully where supported
23b2b99 Bump go-iptables
17f2786 add /etc/nsswitch.conf in Dockerfile
3ab31ab Merge pull request #955 from cloudnativelabs/fix-build-break
bb35b9a fix lint error: minor fix to catch the error from .bgpServer.Stop()
031a992 Merge pull request #786 from jdrahos/rr_ipv4_785
aec73b8 fix(nsc): update IPVS svc when timeout changes (#952)
1c18462 The bgp-holdtime function parameter of setting holdtime is added to adjust the holdtime of BGP negotiation with the connected network devices. (#921)
3fd8dc5 Merge pull request #953 from aauren/bgp_graceful_restart_time
b07f53f fix(graceful_restart): gofmt and doc fixes so unit tests pass
1c594b2 Allow setting BGP Graceful restart time from CLI
27857d3 Merge pull request #822 from kvaps/fix-821
c61dc8f fix tolerations
8023f6a Allow to configure cluster id using IPv4 strings