Releases: cloudnativelabs/kube-router
v0.0.18: significant features release
We are very excited to bring the new release of Kube-router packed with features.
- Support for external IP. Service proxy in kube-router now supports external IP's configured on the service.
- Support for advertising external IP's to the configured BGP peers
- Support for DSR (Direct Server Return).
Please read the blog to understand how these building blocks can be used for highly available and scalable ingress for bare-metal clusters
- Support for egress network policies
- Support for CIDR in network policies
- Support to change IPVS scheduling method through annotations
Changelog
1a647b6 updating documentation
b180094 set priority for custom routing tables so that, FWMARK packets are delivered locally and for the rest of the traffic policy routing sets endpoints (dev kube-bridge) as next hop for external IP's
5f425eb Fixes direct server return on exteranl IP's (#210)
6a3fada Direct Server Return Fixes (#209)
77f45e3 Use service annotations to choose IPVS scheduling method (#207)
6d43268 support for direct server return (#204)
4ca0afa Support for advertising service external IP to be configured BGP peers (#203)
ba7697b Support for Services with externalIPs (#201)
84741b6 network policy: use 'addrtype' module and --src-type=LOCAL to match local traffic
665e667 Fix to avoid re-adding existing BGP export policy, and policy assignment (#200)
50173e3 Support for 32 bit ASN numbers specifically the range 4200000000 - 4294967294 as specified by RFC 6996 (#196)
9eb1848 Network policy: always permit traffic from local node to the pods irrespective of network policies (#195)
ea459a3 Merge pull request #193 from cloudnativelabs/ntwk-policy-cidr-selector
928deed Support CIDR in network policy ingress and egress rules
c3e8c11 Fix missing quotes in upgrading examples
2b910b2 Merge pull request #186 from cloudnativelabs/103-egress-network-policy
45cb087 Network policy egress support
7c489a6 Update DaemonSet manifests (#188)
aa48cf2 gofmt (#187)
492cd1b Merge pull request #184 from cloudnativelabs/178-client-go-5
0010425 bump up client-go to release-5.0 and vendor kubernetes/api
Automated with GoReleaser
Built with go version go1.8.3 linux/amd64
Critical Bug Fixes
This release brings with it a number of fixes for regressions introduced in the last release. Users are encouraged to upgrade as soon as possible, especially if you experienced issues with kube-router recently. A big thanks to @hjdr4 and @dimm0 for reporting issues and helping to test our fixes. Also a shoutout to our latest contributor @ryarnyah for ipset contributions.
BREAKING CHANGES
Please take some time to read the shiny new upgrade guide before proceeding. This release includes changes to the CLI flags and Annotations used for hairpin-mode and BGP peering.
Changelog
342ea5a Prevent masquerading pod -> NodeIP traffic (#174) critical bug
5f58cd2 Fix conditional so only matched pods are firewalled (#183) critical bug
a5a446a Use forward domain notation for annotations breaking change
3debbfa Cleanup ipset create function + restore (#177)
c125778 Fix make vagrant-image-update with rsynced folder
c714a80 CI: Make travis build PR# branches
c8902cc Add docs to cover upgrading kube-router (#179)
2ac6861 Documentation: Fix BGP peer example
fc86d2e Merge pull request #169 from ryarnyah/fix/clean-ipset
3431a18 Delete ipset dependency + delete unused ipsets
d6a15ec Fix link to developer's guide
e19f2a6 BGP peer password auth, consistent configurations (#164)
Automated with GoReleaser
Built with go version go1.8.3 linux/amd64
v0.0.16 -- The KRaken Has Awoken
We're happy to say that kube-router is picking up steam! Big thanks to all the new users who are taking it for a spin and reporting bugs and showing us how they use kube-router's unique features. This release is a real doozy, and we look forward to the imminent beta release!
Notable Bug Fixes
d433fa5 Fix IPVS persistence flag (#160)
62900c7 NodePort service listens on all ip/interfaces in case of kube-proxy. Currently kube-router listens only on node IP. This fix introduces flag nodeport-bindon-all-ip with which you can have kube-proxy like behaviour. If not specified only nodeIP will be open for connections.
Enhancements
d6ea740 Dynamic gobgpd listener config, fix leaked listener (#156)
ca97d0d Adding ability to disable IP-in-IP tunnelining for cross node pod-to-pod connectivity where nodes are in different subnet. With tunneling disabled its expected that default gateway has learned the pod CIDR's allocated for all the nodes and can route the pod-to-pod traffic across nodes in different subnets
Other Commits
6ea240f Fix image refered in kubeadm daemonsets to release/latesr versions
f6a5e23 fixing gofmt, go_vet, gocyclo, golint errors
DaemonSet Upgrade Steps
image: cloudnativelabs/kube-router[:latest] + imagePullPolicy: Always
These are the default options in our manifests. In this scenario you just need to delete the pods so they are recreated. This will not interrupt cluster services/traffic.
kubectl -n kube-system delete pods -l k8s-app=kube-router
image: cloudnativelabs/kube-router:vX.X.X
If your image option is pinned to a specific version, you can upgrade using kubectl set image.
kubectl -n kube-system set image ds/kube-router kube-router=cloudnativelabs/kube-router:v0.0.16
kubectl -n kube-system delete pods -l k8s-app=kube-router
image: cloudnativelabs/kube-router-git:master
Already running the latest version huh? We like your style.
Automated with GoReleaser
Built with go version go1.8.3 linux/amd64
v0.0.15
This patch release has critical fix that affects distros with strict reverse path filtering. When nodes span across multiple subnets, Kube-router uses ip-in-ip tunneling. Fix in this release ensures traffic originates and leaves on same tunnel interface.
DaemonSet Upgrade Steps
image: cloudnativelabs/kube-router[:latest]
imagePullPolicy: Always
These are the default options in our manifests. In this scenario you just need to delete the pods so they are recreated. This will not interrupt cluster services/traffic.
kubectl -n kube-system delete pods -l k8s-app=kube-router
image: cloudnativelabs/kube-router:vX.X.X
If your image option is pinned to a specific version, you can upgrade using kubectl set image.
kubectl -n kube-system set image ds/kube-router kube-router=cloudnativelabs/kube-router:v0.0.15
kubectl -n kube-system delete pods -l k8s-app=kube-router
Changelog
c9c6107 Merge pull request #143 from cloudnativelabs/pbr_tunnels
7b9eedc Setup policy-based routing so that traffic arriving on a tunnel interface leaves on same tunnel interface irrespective of rp_filter value
22330ab Merge pull request #146 from cloudnativelabs/goreportcard
ed935a4 fix gofmt, go_vet, misspells
b171f22 Update README.md
Automated with GoReleaser
Built with go version go1.8.3 linux/amd64
v0.0.14
Changelog
2cd54fc Merge pull request #142 from cloudnativelabs/br_netfilter
ff079d2 Enable netfilter for bridge, requirement for all CNI that use bridge https://kubernetes.io/docs/concepts/cluster-administration/network-plugins/#network-plugin-requirements
Automated with GoReleaser
Built with go version go1.8.3 linux/amd64
v0.0.13
Changelog
5951f55 Adding architecture details
89105e8 Merge pull request #134 from Thoro/mac-build-environment
bcb5622 Merge pull request #133 from Thoro/consolidate-stop-channel
cb0888b Add build-image folder, which allows to build kube-router on mac os
9bd4bb8 Consolidate multiple stop channels into one
72fd0d2 re-organize documentation
547b17d Merge pull request #131 from cloudnativelabs/112-ntwk-plcy
1af19cb NetworkPolicy: Fix e2e test failures
Automated with GoReleaser
Built with go version go1.8.3 linux/amd64
v0.0.12 - Important Bug Fixes
This release brings a number of bug fixes:
- An important update to the GoBGP library that fixes a leaking socket bug.
- If you've experienced degraded performance or failures over time with a kube-router powered cluster, this release should fix those issues.
Also included are a number of enhancements:
- Automatic Pod CIDR detection
--cluster-cidrflag is no longer needed for pod egress- Use
--enable-pod-egress=falseto disallow pod egress traffic outside the cluster
- Streamlined kubeadm integration
- ipip tunneling performance improvements between nodes in different networks.
DaemonSet Upgrade Steps
image: cloudnativelabs/kube-router[:latest]
imagePullPolicy: Always
These are the default options in our manifests. In this scenario you just need to delete the pods so they are recreated. This will not interrupt cluster services/traffic.
kubectl -n kube-system delete pods -l k8s-app=kube-router
image: cloudnativelabs/kube-router:vX.X.X
If your image option is pinned to a specific version, you can upgrade using kubectl set image.
kubectl -n kube-system set image ds/kube-router kube-router=cloudnativelabs/kube-router:v0.0.12
kubectl -n kube-system delete pods -l k8s-app=kube-router
Notable Bug Fixes
f333aac vendor: Update GoBGP to fix fd leak (#124)
42a48a9 Merge pull request #127 from cloudnativelabs/default-permit-policy
11a779f Add iptable rule in filter table FORWARD chain to allow traffic in and out to the pods
1786a5e kubeadm RBAC fixes and cluster setup with kubeadm instructions
d3f43fc Merge pull request #114 from cloudnativelabs/113-segment-voilation
801b0e9 segmentation violation when kube-router is not able to contact api server
Enhancements
82818d8 Merge pull request #122 from cloudnativelabs/118-kuber-router-kubeadm
d335651 use kube-router as kube-proxy replacement
79a176a Update kubeadm.md
c81bfbb Enable pod egress masquerading by default (#111)
0a8b7e7 Merge pull request #117 from cloudnativelabs/115-kubeadm-rbac
cbfe8e3 Merge pull request #109 from cloudnativelabs/ip-ip-tunnel-perf
898d78d reduce ipip tunnel MTU 20 to accommodate the tunnel overhead
Other Changes
8bf6281 Add logo to README (#128)
64f7700 Add logo
0cf1037 Update README.md
f333aac vendor: Update GoBGP to fix fd leak (#124)
ef8cf33 Vagrant fixes (#125)
e5f24c2 vagrant: Fix invalid shell function call
f6b33a0 Support updating kube-router in a local VM cluster (#116)
1a71a12 vagrant: Local cluster enhancements (#110)
Automated with GoReleaser
Built with go version go1.8.3 linux/amd64
v0.0.11
With this release kube-router adds support for pod-to-pod connectivity across the nodes in different subnets. In case of public clouds, you can deploy cluster with nodes spanning across mutliple availability zones. Kube-router ensures pod-to-pod connectivity across zones.
We also did scaling tests on service proxy implemented by Kube-router. As part of the effort, kube-router will now use docker libnetwork based ipvs library. Please see #101 and #106 for scaling test results.
Changelog
fcac507 Merge pull request #106 from cloudnativelabs/cross-subnet-connectiivty
b8d3914 Use IP-IP tunnelling for cross-subnet pod connectivity
5a3abf9 Add support for testing code changes in kubernetes (#105)
fbdd9e9 Merge pull request #100 from cloudnativelabs/99-randomize-service-endpoints
7934759 Randomize service endpoint addition when configuring destination on ipvs service
9e75203 Use libnetwork/ipvs instead of libipvs (#101)
f8174a6 network_route_controller: Avoid redundant policy sets (#98)
f9ae00b Use vendored gobgp to build gobgp client (#95)
Automated with GoReleaser
Built with go version go1.8.3 linux/amd64
v0.0.10
We're excited to announce the latest alpha version of kube-router! This release along with multiple bug fixes adds support for network policy v1 or GA version of network policy released as part of Kubernetes 1.7. Kube-router is also tested and verified to work well with Kubernetes latest release 1.7 release.
Upgrade Steps
You can update your DaemonSet to use the following cloudnativelabs/kube-router:v0.0.10 image to upgrade .
Please note that going forward from this release kube-router will take explicit --master/--kubeconfig argument. If not specfied will use incluster config.
Changelog
3b1257c adding explicit --kubeconfig param in example daemonset manifests
b77c28f Update README.md
f5e518e Merge pull request #91 from cloudnativelabs/90-network-policy-ga
279bc66 Netork policy GA: select all pods in namespace if pod selector is not specified in the network policy spec
562008c Merge pull request #83 from dimm0/feature/inclusterconfig
8d2ed48 Either of the --master or --kubeconfig is sufficient
909c24d Merge pull request #86 from cloudnativelabs/85-network-policy-ga
922c9f5 GA network policy does not reject if there is not a single source pod matching a policy
1d62de7 Merge branch 'master' into feature/inclusterconfig
ccbba72 Using inclusterconfig for default configuration
c85e02a Update README.md
c1a4e65 Update README.md
7d2d5b4 update readme to mention support for network policy GA
c0a14e8 Merge pull request #82 from cloudnativelabs/network-policy-ga
b4c063e support for network policy GA
8a3d6c0 Merge pull request #81 from cloudnativelabs/cleanup-config
a86bc44 fix null pointer dereference during kube-router --cleanup-config
c64b72e Merge pull request #76 from cloudnativelabs/aws-src-dst-check
449f1bf fix Source/destination check disable logic
04d0ed3 Merge pull request #74 from cloudnativelabs/prometheus
ef66b01 WIP prometheus metrics: add pps in and out per service backend
84e0357 Merge pull request #73 from cloudnativelabs/export_policy
83ca0c4 BGP export polices to advertise routes so that extra hop is avoided
Automated with GoReleaser
Built with go version go1.8.3 linux/amd64
Bug fix release
v0.0.9 0.0.9