v0.4.0-rc2

Changelog

5671c3a fix .goreleaser.yml (#837)
53e0571 fix broken CI (#823)
f01a9a5 Revert "restrict externalTrafficPolicy=Local interpretation only to NodePort and LoadBalancer services (#819)" (#835)
27ec314 restrict externalTrafficPolicy=Local interpretation only to NodePort and LoadBalancer services (#819)
c160e90 [FIX] Don't ignore silently service proxy errors. (#796)
8bcd166 Fix connection resets during firewall sync (#807)
3a0da2b fix build break due to commit 05d03e7 (#817)
52e338d Add PriorityClass and docs update (#816)
05d03e7 #797 Conditionally disable "Allow All" input/chain on IPVS KUBE-ROUTER-SERVICES (#809)
ff6a024 set cniVersion in 10-kuberouter.conf (#811)
a339d8a remove stale project sponsorships (#805)

v0.4.0-rc1

Changelog

d6f9f31 Fix: Send BGP Withdrawals for Service VIPs Upon Service Deletion (#756)
3aacd48 fix clusteripprefixset import policy (#771)
803bd90 Allow setting the BGP graceful restart deferral time. See RFC4724 4.1 (#753)
b54b80c update to apps/v1 and add selector (#759)
4afd6d6 Updated the kube-proxy cleanup command to use the newer version (#762)
94fd7b6 Send heartbeats during NetworkPolicy and NetworkService sync. (#741)
6470795 Use x/sys/unix epoll (#737)
8fe9f70 Add Import Policy for Service VIPs (#721)
4be51ba First stab at pushing multiarch releases (#735)

v0.3.2

WARNING: this release has a regression where service VIPs may not be advertised properly. Please use v0.4.0-rc1 instead.

Changelog

42a046b Send heartbeats during NetworkPolicy and NetworkService sync. (#741)

v0.3.1

Bug fix release. Fixes regression introduced in 0.3 while adding support for --overlay-type=fulll/subnet

Changelog

d6a93d4 handle null *route (#732)
8bb50d5 do not setup ipip tunneling when --enable-overlay is false (#722)

v0.3.0

Changelog

New Features

54eedcd Issue 572 - Graceful termination + Update to go-1.10.8, alpine-3.9 (#706)
8f9729a Introduces the option --overlay-type={subnet,full}, to be able to always generate IPIP tunnels regardless of node subnets (#666)
736757d Support named port of network policy (#679)

Bug Fixes

7181d6f Prefer node PodCIDR from an annotation (#720)
e230176 docs,pkgs: change 'can not' to 'cannot' (#701)
c2f893f default cni config to list format (#690)
375ccc2 Minor typo fix in logs (#700)
fac0663 add Jimmy to maintainers (#687)
70969a3 Add iptables rules for accessing tunneled services from node (#682)
42997cb Delete iptables rule if --masquerade-all is false (#665)
961d8ab fix #639 (#670)
7b20ae9 document workaround for #676 (#677)
a63d386 fix typo (#673)
ffc37f7 remove gitter and add slack as community forum
00824cd Fix typo (#661)
52127e6 Fix ’make test’ when GOPATH contains multiple paths (#658)
34666a1 Run ‘go generate’ from %_moq.go target in docker when BUILD_IN_DOCKER is true (#660)

v0.2.5

This release has two security fixes (#648, #649) and other small fixes

Thanks to all the contributors.

Changelog

1876993 Removes IPv6 address insertion into BGP IPv4-only nexthop field. (#606)
e99b694 make gobgp grpc server listen only nodeip and 127.0.0.1 (#649)
62d0e86 handle network policies with named ports gracefully (#648)
a93dec2 fix: broken links in contributing guide (#650)
0599a27 Add iptables INPUT rules for tunneled services (#610)
f07ec53 avoid duplicate peer pods in npc rules variables (#634)
bdfdc12 when use multiple registries for pulling images in container runtime, we need specify which registry will use exacly (#645)
a968b2b cleanup local routes if nexthop moves outside host subnet (#629)
11ae253 Validate the presence of port definitions before attempting to access (#643)

v0.2.4

Apart from bug fixes some nice enhancements went in to the release

thanks to @asteven for adding support for

• #575 annotation that let your selectively advertise service VIP's
• #618 prevent access to the nodes through service IP, permit traffic to the only required ports

thanks to @uablrek @Arvinderpal for continued IPv6 incremental updates

• #578

thanks @bazuchan @eric @zerkms @mk01 for your contributions

Changelog

10ddc09 Fixed typo in Global External BGP Peers example (#627)
d7a7a6d Add missing ip6tables package to docker container (#631)
4da8ee7 [RFC] prevent host services from being accessible through service IPs (#618)
4efc6cc Add documentation on dependency management using dep. (#621)
34270e4 Periodicaly sync iptables MASQUERADE rules (#619)
c63e71a Enable net.bridge.bridge-nf-call-ip6tables for IPv6. (#608)
48e2c7b Add iptables input rules for ipvs services (#604)
c38e8f6 Change append to insert for iptables rules (#596)
853b75b Periodicaly sync default forward rules (#603)
6cdc237 Make ipv6 routing to pods (CNI routing) work for ipv6 (#578)
7b9291a fix docs
1a30f9e implement per-service annotations to control IP advertisment (#575)
e5d599b Roffe/metrics polish (#595)
0cdaa43 docs/bgp.md: change example to use printf (#594)
46f8265 docs: how to configure explicit proxy (#582)

v0.2.3

IPVS throughput fixes and enable arp_ignore and arp_announce

Changelog

c39c13b No reason to restrict Peer ASN's to private only. (#576)
87718c9 make NSC set net.ipv4.vs.conn_reuse_mode=0 (#577)
5bfab47 unified function to set sysctl values and enable arp_ignore and arp_announce(#580)

v0.2.2

Apart from support IPVS maglev hashing rest are bug fixes. No breaking changes.

Changelog

4d6b7fa Fixes regression in BGP route reflector functionality. (#573)
cf9bf47 Integrate ip_vs_mh scheduler into kube-router (#564)
3723d82 fix typo on docs/bgp.md (#568)
535fcc5 Added "--router-id=" parameter. (#563)
2a82035 Add mount of /lib/modules to kube-router kubeadm setup doc (#565)
f95cded Improved detect in ipv6IsEnabled() (#555)
827bbbc infer endpoint is local from endpoints "subset.addresses.nodeName" (#560)
d9570c5 all toleration for nodes with taint node.kubernetes.io/not-ready (#558)
bf636c0 Added ipv6 documentation (#551)
0416e07 Change IMAGE_TAG -> IMG_TAG in developing guide (#550)

v0.2.1

We are excited to bring a new release with great enhancements. Finally kube-router is starting to add support for
IPv6. Its still WIP progress but pretty close to full working functionality. Also kube-router now fully support network policy semantics with addition of support for ipblock and except.

Shout-out to @uablrek for leading the IPv6 effort in kube-router and @jimmy-zh for filling the last remaining gaps to network policies.

Changelog

077ff86 Ipv6; BGP peering (#545)
a47e0f4 Add support for 'except' feature of network policy rule (#543)
05907d8 Ipv6; Support ipset with "family inet6" (#538)
77459dd Add CLI option to toggle disabling of source-dest-check in EC2 (#541)
cadba6c Use ipset to manage multiple CIDRs in a network policy rule (#529)
cd4ad6f update docker build image to go1.10.3 (#535)
c10a615 update vendored gobgp to latest release (#533)
b479f25 Added support for ARCH=s390x (#532)
1b7ae13 make the comments of the iptables rules more accurate and reasonable (#527)