Skip to content

Latest commit

 

History

History
131 lines (110 loc) · 12.6 KB

CHANGELOG-1.5.md

File metadata and controls

131 lines (110 loc) · 12.6 KB
Raw

Changelog 1.5

1.5.3 - 2022-05-12

Fixed

  • Fix export/import of Services with named ports when using the Antrea Multi-cluster feature. (#3561, @luolanzone)
  • Fix handling of the "reject" packets generated by the Antrea Agent to avoid infinite looping. (#3569, @GraysonWu)
  • Fix DNS resolution error of Antrea Agent on AKS by using ClusterFirst dnsPolicy. (#3701, @tnqn)
  • Fix tolerations for Pods running on control-plane for Kubernetes >= 1.24. (#3731, @xliuxu)
  • Reduce permissions of Antrea Agent ServiceAccount. (#3691, @xliuxu)

1.5.2 - 2022-03-21

Fixed

  • Fix NetworkPolicy may not be enforced correctly after restarting a Node. (#3467, @tnqn)
  • Fix antrea-agent crash caused by interface detection in AKS/EKS with NetworkPolicyOnly mode. (#3219, @wenyingd)
  • Fix locally generated packets from Node net namespace might be SNATed mistakenly when Egress is enabled. (#3430, @tnqn)

1.5.1 - 2022-03-07

Changed

  • Use iptables-wrapper in Antrea container. Now antrea-agent can work with distros that lack the iptables kernel module of "legacy" mode (ip_tables). (#3308, @antoninbas)
  • Reduce permissions of Antrea ServiceAccount for updating annotations. (#3408, @tnqn)

Fixed

  • Fix NodePort/LoadBalancer Service cannot be accessed when externalTrafficPolicy changed from Cluster to Local with proxyAll enabled. (#3330, @hongliangl)
  • Fix initial egress connections from Pods may go out with node IP rather than Egress IP. (#3378, @tnqn)
  • Fix NodePort Service access when an Egress selects the same Pod as the NodePort Service. (#3397, @hongliangl)
  • Fix ipBlock referenced in nested ClusterGroup not processed correctly. (#3405, @Dyanngg)

1.5.0 - 2022-01-21

Added

  • Add Antrea Multi-cluster feature which allows users to export and import Services and Endpoints across multiple clusters within a ClusterSet, and enables inter-cluster Service communication in the ClusterSet. (#3199, @luolanzone @aravindakidambi @bangqipropel @hjiajing @Dyanngg @suwang48404 @abhiraut) [Alpha]
  • Add support for multicast that allows forwarding multicast traffic within the cluster network (i.e., between Pods) and between the external network and the cluster network. (#2652 #3142 #2835 #3171 #2986, @wenyingd @ceclinux @XinShuYang) [Alpha - Feature Gate: Multicast]
    • In this release the feature is only supported on Linux Nodes for IPv4 traffic in noEncap mode
  • Add support for IPPool and IP annotations on Pod and PodTemplate of Deployment and StatefulSet in AntreaIPAM mode. (#3093 #3042 #3141 #3164 #3146, @gran-vmv @annakhm)
    • IPPool annotation on Pod has a higher priority than the IPPool annotation on Namespace
    • A StatefulSet Pod's IP will be kept after Pod restarts when the IP is allocated from IPPool
    • Refer to Antrea IPAM Capabilities for more information
  • Add support for SR-IOV secondary network. Antrea can now create secondary network interfaces for Pods using SR-IOV VFs on bare metal Nodes. (#2651, @arunvelayutham) [Alpha - Feature Gate: SecondaryNetwork]
  • Add support for allocating external IPs for Services of type LoadBalancer from an ExternalIPPool. (#3147 @Shengkai2000) [Alpha - Feature Gate: ServiceExternalIP]
  • Add support for antctl in the flow aggregator Pod. (#2878, @yanjunz97)
    • Support antctl log-level for changing log verbosity level
    • Support antctl get flowrecords [-o json] for dumping flow records
    • Support antctl get recordmetrics for dumping flow records metrics
  • Add support for the "Pass" action in Antrea-native policies to skip evaluation of further Antrea-native policy rules and delegate evaluation to Kubernetes NetworkPolicy. (#2964, @Dyanngg)
  • Add user documentation for using Project Antrea with Fluentd in order to collect audit logs from each Node. (#2853, @qiyueyao)
  • Add user documentation for deploying Antrea on AKS Engine. (#2963, @jianjuns)
  • Improve NodePortLocal documentation to list supported Service types and add information about existing integrations with external Load Balancers. (#3113, @antoninbas)
  • Document how to run Antrea e2e tests on an existing K8s cluster (#3045, @xiaoxiaobaba)

Changed

  • Make LoadBalancer IP proxying configurable for AntreaProxy to support scenarios in which it is desirable to send Pod-to-ExternalIP traffic to the external LoadBalancer. (#3130, @antoninbas)
  • Add startTime to the Traceflow Status to avoid issues caused by clock skew. (#2952, @antoninbas)
  • Add reason field in antctl traceflow command output. (#3175, @Jexf)
  • Validate serviceCIDR configuration only if AntreaProxy is disabled. (#2936, @wenyingd)
  • Improve configuration parameter validation for NodeIPAM. (#3009, @tnqn)
  • More comprehensive validation for Antrea-native policies. (#3104 #3109, @GraysonWu @tnqn)
  • Update Antrea Octant plugin to support Octant 0.24 and to use the Dashboard client to perform CRUD operations on Antrea CRDs. (#2951, @antoninbas)
  • Omit hostNetwork Pods when computing members of ClusterGroup and AddressGroup. (#3080, @Dyanngg)
  • Support for using an env parameter ALLOW_NO_ENCAP_WITHOUT_ANTREA_PROXY to allow running Antrea in noEncap mode without AntreaProxy. (#3116, @Jexf @WenzelZ)
  • Move throughput calculation for network flow visibility from logstash to flow-aggregator. (#2692, @heanlan)
  • Add Go version information to full version string for Antrea binaries. (#3182, @antoninbas)
  • Improve kind-setup.sh script and Kind documentation. (#2937, @antoninbas)
  • Enable Go benchmark tests in CI. (#3004, @wenqiq)
  • Upgrade Windows OVS version to 2.15.2 to pick up some recent patches. (#2996, @lzhecheng) [Windows]
  • Remove HNSEndpoint only if infra container fails to create. (#2976, @lzhecheng) [Windows]
  • Use OVS Port externalIDs instead of HNSEndpoint to cache the externalIDS when using containerd as the runtime on Windows. (#2931, @wenyingd) [Windows]
  • Reduce network downtime when starting antrea-agent on Windows Node by using Windows management virtual network adapter as OVS internal port. (#3067, @wenyingd) [Windows]

Fixed

  • Fix error handling of the "Reject" action of Antrea-native policies when determining if the packet belongs to Service traffic. (#3010, @GraysonWu)
  • Make the "Reject" action of Antrea-native policies work in AntreaIPAM mode. (#3003, @GraysonWu)
  • Set ClusterGroup with child groups to groupMembersComputed after all its child groups are created and processed. (#3030, @Dyanngg)
  • Fix status report of Antrea-native policies with multiple rules that have different AppliedTo. (#3074, @tnqn)
  • Fix typos and improve the example YAML in antrea-network-policy doc. (#3079, #3092, #3108 @antoninbas @Jexf @tnqn)
  • Fix duplicated attempts to delete unreferenced AddressGroups when deleting Antrea-native policies. (#3136, @Jexf)
  • Add retry to update NetworkPolicy status to avoid error logs. (#3134, @Jexf)
  • Fix NetworkPolicy resources dump for Agent's supportbundle. (#3083, @antoninbas)
  • Use go 1.17 to build release assets. (#3007, @antoninbas)
  • Restore the gateway route automatically configured by kernel when configuring IP address if it is missing. (#2835, @antoninbas)
  • Fix incorrect parameter used to check if a container is the infra container, which caused errors when reattaching HNS Endpoint. (#3089, @XinShuYang) [Windows]
  • Fix gateway interface MTU configuration error on Windows. (#3043, @[lzhecheng]) [Windows]
  • Fix initialization error of antrea-agent on Windows by specifying hostname explicitly in VMSwitch commands. (#3169, @XinShuYang) [Windows]