Release v1.9.3
Changes in this Release:
- Many improvements to the generated graphviz-based graph:
- Endpoints sharing the same connectivity and the same namespace are grouped together to reduce the total number of edges.
- If the graph contains a large-enough set of endpoints, in which each pair of endpoints is connected in exactly the same way, a Clique node will be created, and all endpoints in the set will connect to this (meta-)node. This also reduces the total number of edges
- If the graph contains two large-enough sets of endpoints A and B, where the allowed connectivity from any endpoint in A to any endpoint in B is the same, a Bi-Clique node will be created, and every endpoint in A will connect to this (meta-)node, and the Bi-Clique will connect to every node in B.
- Labels on edges are shortened, and a legend explains what each shortening means.
- Explainability: A new flag,
--explain
, appends to connectivity reports the exact set of resources that take part in setting the allowed connectivity between endpoints. Such explanation can be provided for the connectivity between a given set of endpoint, e.g.,--explain default/Pod1[Pod],ns2/deployment-D[Deployment]
or between every pair of endpoints by specifying--explain ALL
. - Istio traffic management: Supporting ServiceEntries as hosts in the spec of Sidecar egress.
- Improved performance via a new data-structure. This is currently under a feature flag:
-opt=true
. - Graphviz added to docker images
- Various bug fixes