Releases: cloudnativelabs/kube-router
v0.2.4
Apart from bug fixes some nice enhancements went in to the release
thanks to @asteven for adding support for
- #575 annotation that let your selectively advertise service VIP's
- #618 prevent access to the nodes through service IP, permit traffic to the only required ports
thanks to @uablrek @Arvinderpal for continued IPv6 incremental updates
thanks @bazuchan @eric @zerkms @mk01 for your contributions
Changelog
10ddc09 Fixed typo in Global External BGP Peers example (#627)
d7a7a6d Add missing ip6tables package to docker container (#631)
4da8ee7 [RFC] prevent host services from being accessible through service IPs (#618)
4efc6cc Add documentation on dependency management using dep. (#621)
34270e4 Periodicaly sync iptables MASQUERADE rules (#619)
c63e71a Enable net.bridge.bridge-nf-call-ip6tables for IPv6. (#608)
48e2c7b Add iptables input rules for ipvs services (#604)
c38e8f6 Change append to insert for iptables rules (#596)
853b75b Periodicaly sync default forward rules (#603)
6cdc237 Make ipv6 routing to pods (CNI routing) work for ipv6 (#578)
7b9291a fix docs
1a30f9e implement per-service annotations to control IP advertisment (#575)
e5d599b Roffe/metrics polish (#595)
0cdaa43 docs/bgp.md: change example to use printf (#594)
46f8265 docs: how to configure explicit proxy (#582)
v0.2.3
v0.2.2
Apart from support IPVS maglev hashing rest are bug fixes. No breaking changes.
Changelog
4d6b7fa Fixes regression in BGP route reflector functionality. (#573)
cf9bf47 Integrate ip_vs_mh scheduler into kube-router (#564)
3723d82 fix typo on docs/bgp.md (#568)
535fcc5 Added "--router-id=" parameter. (#563)
2a82035 Add mount of /lib/modules to kube-router kubeadm setup doc (#565)
f95cded Improved detect in ipv6IsEnabled() (#555)
827bbbc infer endpoint is local from endpoints "subset.addresses.nodeName" (#560)
d9570c5 all toleration for nodes with taint node.kubernetes.io/not-ready (#558)
bf636c0 Added ipv6 documentation (#551)
0416e07 Change IMAGE_TAG -> IMG_TAG in developing guide (#550)
v0.2.1
We are excited to bring a new release with great enhancements. Finally kube-router is starting to add support for
IPv6. Its still WIP progress but pretty close to full working functionality. Also kube-router now fully support network policy semantics with addition of support for ipblock and except.
Shout-out to @uablrek for leading the IPv6 effort in kube-router and @jimmy-zh for filling the last remaining gaps to network policies.
Changelog
077ff86 Ipv6; BGP peering (#545)
a47e0f4 Add support for 'except' feature of network policy rule (#543)
05907d8 Ipv6; Support ipset with "family inet6" (#538)
77459dd Add CLI option to toggle disabling of source-dest-check in EC2 (#541)
cadba6c Use ipset to manage multiple CIDRs in a network policy rule (#529)
cd4ad6f update docker build image to go1.10.3 (#535)
c10a615 update vendored gobgp to latest release (#533)
b479f25 Added support for ARCH=s390x (#532)
1b7ae13 make the comments of the iptables rules more accurate and reasonable (#527)
v0.2.0
We are excited to bring the new release version of kube-router. There were 10 pre-releases from v0.1.0
Here is the quick highlight of enhancements in v0.2.0 from version v0.1.0
- kube-router is refactored to be usable to advertise just service VIP's. Kube-router can used with other CNI's like cillium (for e.g https://docs.cilium.io/en/stable/kubernetes/install/kube-router/), Weave etc
- support for advertising service load-balancer IPs with flag
--advertise-loadbalancer-ip - various fixes/enhancements to intelligently advertise/withdraw service VIP's (cluster IP, external IP and load balancer IP's) in case of service with
service.Spec.ExternalTrafficPolicy=Local - support to control on which local IP of the node GoBGP will listen
- ability to enable/disable advertising its pod CIDR to external BGP peers
- bug fixes to BGP graceful restart functionality integrated in kube-router. data-path is not impacted when performing rolling upgrade of kube-router
- better support for the nodes with multiple physical interfaces. Kube-router configures GoBGP such that next hop advertised for a router is an appropriate local IP
Changelog
7496b00 dont shutdown gobgp server if graceful restart is enabled (#526)
02eb11b Sponsorship update (#524)
468f16b Delete CHANGELOG.md (#520)
v0.2.0-beta.10
Enhancements
-
Support to choose a different port for BGP than default value of 179. This opens up possibility to run a different BGP implementation (like for e.g. BIRD) in conjunction with GoBGP running as part of kube-router
An e.g use-case: https://kubernetes.slack.com/archives/C8DCQGTSB/p1533650593000416 -
In case of multiple uplinks to different external peers, next-hop used should be appropriate local IP (instead of hard code node IP as earlier).
--override-nexthopbasically overrides the next hop configured in local RIB with appropriate local ip as next hop when advertising routes to the BGP peers. -
Support for user configurable list of local IP address on which BGP server should listen. This is important in case of nodes with multiple interfaces and multiple external peers.
Changelog
01ec883 prevent IPIP tunnel creation when --override-nexthop=ture (#518)
1db83ad Added support for custom BGP ports with 179 still being default (#492) (#493)
86ba784 Introduces the option --override-nexthop, to override the next hop used in advertised routes (#502)
b76d22f [jjo] ipAddrDel(): also delete VIP local rt addition (#514)
624c74f issue-385: make it optional on which ip address BGP server listens (#473)
94e163b update BGP export policies on endpoints add event (#508)
85d8df4 Improve health check for cache synchronization (#498)
e2ee6a7 Fix blackholing of traffic when using local traffic policy / annotation (#495)
8bed56f processing k8s version for NPC (#488)
f340218 fix case where 1 min unintended delay is added when checking for tunnel interface to come ip in pod (#472)
thanks @jjo @johanot @jimmy-zh @jdconti for the contributions.
v0.2.0-beta.9
v0.2.0-beta.8
This release has a critical fix to network policy implementation and an enhancement to network policy semantics also included several minor fixes.
Thanks to contributions from @johanot @andor44 @lubinsz
Changelog
57f4eea Implemented the use of both namespaceSelector and podSelector in network policy peers (#475) (#479)
9934119 Fix nwplcy re-sync issue (#477) (#478)
3a09fda enable build on Arm platform (#445)
17f92de Health 1 (#463)
58da2d4 Fix for network policy connection refused issue (#461) (#471)
7c21815 Report delay metrics as seconds, not nanos (#465)
v0.2.0-beta.7
We are excited to release a new version of kube-router. Kube-router now can be used with other CNI's like Flannel/Weave to advertise service VIP's to routers in your network fabric.
Set below flag to false
--enable-cni Enable CNI plugin. Disable if you want to use kube-router features alongside another CNI plugin. (default true)
and enable one the flags as per your requirement.
--advertise-cluster-ip Add Cluster IP of the service to the RIB so that it gets advertises to the BGP peers.
--advertise-external-ip Add External IP of service to the RIB so that it gets advertised to the BGP peers.
--advertise-loadbalancer-ip Add LoadbBalancer IP of service status as set by the LB provider to the RIB so that it gets advertised to the BGP peers.
--advertise-pod-cidr Add Node's POD cidr to the RIB so that it gets advertised to the BGP peers. (default true)
This release also fixes a regression due to which DSR functionality was not usable.
Changelog
327a46d fix race condition issues with health checks (#460)
5c6a24d Fix NPE when performing cleanup() (#458)
1c7866c Allow CNI plugin to be disabled (#443)
5e4ca29 set iBGP export policies only if its enabled (#453)
0809548 closes #413 (#457)
6887ce7 add proper message when reading pod CIDR from cni conf file (#450)
d63c23a proxy: Fix ineffassign error (#447)
v0.2.0-beta.6
This is a bug-fix release which has two critical bug fixes.
8aa4324 fixes a routing issue where a node missing route entries to talk to pods on other nodes in different subnets.
380a476 fixes an issue where nodes exchanges routes for pod CIDR's immediately as and when a new node comes up.
Changelog
abfb705 services: correct check for inactive service endpoints (#430)
380a476 update export polices onNodeUpdate so the routes are exchanged with new node immediatley (#441)
8aa4324 adds explicit check for existing tunnel to avoid partial matches (#442)
5421068 Print output of ip route command as string. (#439)
0538a2a perform clean-up of external ip from custom route table for external ip only if the table is not empty (#437)