Releases: cloudnativelabs/kube-router
v0.2.0-beta.2
Changelog
- only sync internal peers for OnAdd or OnDelete events
- ignore update events for endpoints used for leader election
- setting annotation
kube-router.io/service.local
on a Service should result in the same behavior as settingexternalTrafficPolicy=Local
for route advertisement
Full Commit History
945a13c skip node OnUpdate events (#391)
6ba2e94 ignore update events for endpoints used for leader election (#390)
dd5d2fa Osxcompat 1 (#377)
28f10ff add local endpoints check if annotation kube-router.io/service.local is set (#388)
v0.2.0-beta.1
Changelog
- Add service/endpoints handlers so BGP routes are added/removed as soon as service/endpoints updates occur (@andrewsykim)
- Networkpolicies should account for pods that are not given a pod IP yet (@xanonid)
- Refactor to use shared informers (@andrewsykim)
- Fix bug where default ASN is used for iBGP peering when cluster ASN is set (@andrewsykim)
- Support advertising
service.Status.LoadBalancer.Ingress
IPs with flag--advertise-loadbalancer-ip
(@jjo) - Add delay for AWS EC2 operations and only make API calls if kube-router has the necessary IAM roles (@murali-reddy)
- Add unit tests
Test_addExportPolicies
(@andrewsykim) - Allow advertise pod CIDR to be set using a node annotation
kube-router.io/pod-cidr
, this will override the pod CIDR specified in node.Spec.PodCIDR(@andrewsykim) - Withdraw VIP routes if
service.Spec.ExternalTrafficPolicy=Local
and a node does not contain healthy endpoints for a service (@TvL2386)
Full Change History
1fcf5db add CHANGELOG (#387)
ab08c31 add service/endpoint event handler for routes controller (#384)
e94bf3d Fix networkpolicies if there are unscheduled pod, log errors (#378) (#379)
3763b20 refactor to use shared informers (#373)
ed0dc39 [jjo] added network_services_controller ginkgo testing (#348)
4fd5cb8 update command line options documentation (#372)
ed34187 Fixed the /var/run/docker.sock permissions in the DSR example (#368)
398ba8b Fixed a typo (#367)
2a4ffd6 fix bug where default ASN is used for iBGP peering when cluster ASN (#362)
5436a73 glide update, to get pull latest dependencies (#365)
559304f fix --advertise-loadbalancer-ips for LoadBalancer w/o IPs (#355)
696d701 clear state of global service/endpoint watcher in Test_addExportPolicies (#353)
bf5c11f [jjo] support advertising status.loadBalancer.ingress IPs via flag (#354)
35482c5 add 1s deley between ec2 API calls, and check if node has ec2 IAM (#351)
f708b14 fix UT test case (#352)
6a8e707 allow pod CIDR to be set using node annotations (#345)
25923be Test_addExportPolicies (#333)
035a9a8 withdraw ClusterIP bgp route for externalTrafficPolicy=Local when there are no local endpoints (#347)
3956ad7 Update README.md
acb3dd4 use constants for all annotations (#346)
faead6d Dockefile: use ADD instead of COPY and rearrange (#340)
v0.1.0
We are excited to bring new release with awesome new features and bug-fixes. Thanks to all users who provided valuable feedback and reported issues.
New features
- Kube-router now has support for BGP route-reflector functionality. Big shout out to @ut0mt8 for contributing route reflector feature. Read the docs how you can use route-reflector functionality.
- Kube-router now has support for
HostPort
support. Please read the docs to useHostPort
functionality. - Kube-router now complements the existing support for
externalTrafficPolicy=Local
with node advertising the service VIP's to BGP peer routers only if it has atlease one endpoint correspondng to service.
Changelog
9b6bf95 limit disableSrcDstCheck performed on OnNodeUpdate() (#327)
d72c410 close docker client after use (#343)
d7d0223 [WIP] support for Hostport (#335)
c7ce398 [jjo] add arm cross-compile support (#336)
4902a0c route advertisement should account for services using externalTrafficPolicy=Local (#334)
4e768b1 Feature Route Reflector (#325)
df6b375 AWS: perform disable src-dst check only if node has necessary IAM. Also introduce delay (#319)
31402a5 fix Pod Toolbox documentation issue (#318)
f68372e Update network_policy_controller.go (#315)
8c21111 Adding --version / -V support to print version information (#312)
2147b09 Dockerfile: Updated to alpine:3.7. (#306)
Automated with GoReleaser
Built with go version go1.8.3 linux/amd64
v0.1.0-rc2
We are happy to announce the second release candidate for kube-router 0.1.0
In this release we have focused on introducing instrumentation to monitor metrics and health in kube-router for ease of operations, some minor bug fixes, adjustments to the logging output as well as introduced the BGP graceful restart function to enable zero downtime upgrades in supported environments.
Action required
If you previously used the metrics on port 8080 and wish to keep using this port you must set it at kube-router start using --metrics-port
as the default now is 0, disabled
Logging
A lot of the output from kube-router has had logging levels added to prevent spamming the logs with normal operations and debug output. To run kube-router in verbose mode for debugging please add --v=3
to the start options.
Metrics
We have added a sample Grafana dashboard & the possibility to change what port and path the metrics are exposed at. You can read more about the functionality here
Health checks
kube-router now comes with togglable health endpoint to monitor the status of your kube-router deployment. Read more about the functionality and how to enable it here
Local services
Support for service.spec externalTrafficPolicy=Local has been added. It takes precedence over kube-router.io/service.local annotation. Read more about externalTrafficPolicy here
BGP graceful restart
Support has been added in this version for graceful BGP restarts. To enable it start kube-router with --bgp-graceful-restart
. When peering with global peers make sure they support this mode before enabling
Notable Bug Fixes
- A regression was introduced in RC1 where GoBGP would panic when adding nodes in some cases. This is fixed in this version by #296
- Conntrack cleanup would log errors when cleaning up old conntrack recods if 0 flows was present, fixed by #305
Changelog
a466ace Nsc conntrack fix (#305)
e25c174 support service.spec externalTrafficPolicy=Local. Takes precedence over kube-router.io/service.local annotation. (#303)
617c773 code cleanup (#301)
3369890 reverted rollingUpdate strategy (#300)
a480a51 Merge pull request #298 from roffe/healthcheck
daefc81 updated help text
b1f3404 fixed bool values for if http health is enabled
38f45a4 chnged max unavail to 1 according to #171
deba3fa mutex on stats
311d726 cleanup health checks daemonsets
bb49531 liveness checks
2c3510d Docs
23f4313 Updated daemonsets to include health checks
258cf2c health docs
f38dc79 Docs for healthz
f2da445 added startup delay before healthchecks starts
cf7c66e Adde flag so health controller knows if HTTP is requested or not
7066d4d change so no http listener starts if port is not in valid range
e53aef2 more work on healthchecks
77cb340 missing bracket
4f8f83d metrics controller ticker
12aec99 added heartbeats
3eb5461 adding output messages
3469cc1 fixed healthport var
e6b01d5 added health controller
f1cb675 Update MAINTAINER.md
193776c prevent calling gobgp AddNeighbour call before GoBGP server is properly started (#296)
f3e7ace Metrics + Logging update (#294)
1492f0b small update to the metrics documentation
60f67d8 Metrics updates (#292)
edda2b1 Added more metrics and small bugfix + more docs (#291)
e36759e Documentation updates (#289)
c8c19e4 Added cli config for changing prometheus port & path (#288)
42f7177 Updated generic cluster docs & daemonset (#284)
8fe0653 Small docs fixes for setting up a generic cluster (#283)
1edee93 Documentation how to install kube-router on generic clusters (#281)
e51dfbf support node local service without SNAT, so the pod can see client origin IP if the request from external IP (#277)
aeaa703 Fix typo in document (#276)
78588fc tunnel interface names cannot be longer than 15 characters (#274)
5155c8d Update README.md
862b410 Make kubeadm install docs clearer (#270)
c07df49 unit tests for syncInternalPeers() (#268)
0b739e4 project status update (#269)
Automated with GoReleaser
Built with go version go1.9.3 linux/amd64
v0.1.0-rc1
NOTE: We have found a regression in this release. We are working on fixing the issue in the next release. Please use v.0.0.20 release artifacts.
We are glad to release first release candidate for Beta release. Since first version of the project, we spent more than 8 months to stabilizing the code and fine tuning the solution as per the users feedback. Thanks to all users we are instrumental in shaping the project.
Changelog
50dcc32 Unit Tests for Node Update Events (#265)
4eca430 route controller unit tests (#264)
542680c skip build/push if user is not cloudnativelabs since it cannot access dockerhub creds (#263)
e27847f package utils unit tests and CI fixes (#261)
f822109 Prevent slice representing ipset growing forver resulting in excessive memory usage (#260)
94a2ec7 Flush conntrack entry when UDP service endpoint is deleted (#259)
8ce5e4f Fix potential issues in DSR due to Golang limitations in switching network namespaces and add verbose logging (#258)
1e1f8b4 Update README.md
d473f83 Update README.md
76ea8c0 fix TCP vs 6 string comparision in publishMetrics (#257)
22f05e9 service prometheus metrics (#255)
d876441 Update README.md
Automated with GoReleaser
Built with go version go1.8.5 linux/amd64
v0.0.20
Changelog
e5bd063 maintainers
d13339c IPVS sync services performnce improvement (#253)
38e3082 take-out kube-proxy IPVS status and add DSR k8s 1.9 has IPVS Beta, but hey Kube-router has DSR :) now
c4830aa enable Pprof with option --enable-pprof (#245)
fcd1a1a Enable support for eBGP Multihop for external peers (#244)
5323b4b Fix --hairpin-mode=true (#243)
628111c so long gitter
de3e178 Update README.md
2685367 add --enable-ibgp flag (#227)
bca4221 --bgp-graceful-restart flag should apply for global peers (#226)
7c9db2c sync with iBGP peers only after RIB is polulated first
0dabd7c Support BGP Graceful Restart (#220)
97fb342 explicilty create kube-bridge
interface. Earlier when pod is launched on the node (#225)
75bdfa2 Fix --nodeport-bind-all-ip option so that it works (#217)
cc2cad3 Update kubeadm.md (#216)
Automated with GoReleaser
Built with go version go1.8.5 linux/amd64
v0.0.19
v0.0.18: significant features release
We are very excited to bring the new release of Kube-router packed with features.
- Support for external IP. Service proxy in kube-router now supports external IP's configured on the service.
- Support for advertising external IP's to the configured BGP peers
- Support for DSR (Direct Server Return).
Please read the blog to understand how these building blocks can be used for highly available and scalable ingress for bare-metal clusters
- Support for egress network policies
- Support for CIDR in network policies
- Support to change IPVS scheduling method through annotations
Changelog
1a647b6 updating documentation
b180094 set priority for custom routing tables so that, FWMARK packets are delivered locally and for the rest of the traffic policy routing sets endpoints (dev kube-bridge) as next hop for external IP's
5f425eb Fixes direct server return on exteranl IP's (#210)
6a3fada Direct Server Return Fixes (#209)
77f45e3 Use service annotations to choose IPVS scheduling method (#207)
6d43268 support for direct server return (#204)
4ca0afa Support for advertising service external IP to be configured BGP peers (#203)
ba7697b Support for Services with externalIPs (#201)
84741b6 network policy: use 'addrtype' module and --src-type=LOCAL to match local traffic
665e667 Fix to avoid re-adding existing BGP export policy, and policy assignment (#200)
50173e3 Support for 32 bit ASN numbers specifically the range 4200000000 - 4294967294 as specified by RFC 6996 (#196)
9eb1848 Network policy: always permit traffic from local node to the pods irrespective of network policies (#195)
ea459a3 Merge pull request #193 from cloudnativelabs/ntwk-policy-cidr-selector
928deed Support CIDR in network policy ingress and egress rules
c3e8c11 Fix missing quotes in upgrading examples
2b910b2 Merge pull request #186 from cloudnativelabs/103-egress-network-policy
45cb087 Network policy egress support
7c489a6 Update DaemonSet manifests (#188)
aa48cf2 gofmt (#187)
492cd1b Merge pull request #184 from cloudnativelabs/178-client-go-5
0010425 bump up client-go to release-5.0 and vendor kubernetes/api
Automated with GoReleaser
Built with go version go1.8.3 linux/amd64
Critical Bug Fixes
This release brings with it a number of fixes for regressions introduced in the last release. Users are encouraged to upgrade as soon as possible, especially if you experienced issues with kube-router recently. A big thanks to @hjdr4 and @dimm0 for reporting issues and helping to test our fixes. Also a shoutout to our latest contributor @ryarnyah for ipset contributions.
BREAKING CHANGES
Please take some time to read the shiny new upgrade guide before proceeding. This release includes changes to the CLI flags and Annotations used for hairpin-mode and BGP peering.
Changelog
342ea5a Prevent masquerading pod -> NodeIP traffic (#174) critical bug
5f58cd2 Fix conditional so only matched pods are firewalled (#183) critical bug
a5a446a Use forward domain notation for annotations breaking change
3debbfa Cleanup ipset create function + restore (#177)
c125778 Fix make vagrant-image-update with rsynced folder
c714a80 CI: Make travis build PR# branches
c8902cc Add docs to cover upgrading kube-router (#179)
2ac6861 Documentation: Fix BGP peer example
fc86d2e Merge pull request #169 from ryarnyah/fix/clean-ipset
3431a18 Delete ipset dependency + delete unused ipsets
d6a15ec Fix link to developer's guide
e19f2a6 BGP peer password auth, consistent configurations (#164)
Automated with GoReleaser
Built with go version go1.8.3 linux/amd64
v0.0.16 -- The KRaken Has Awoken
We're happy to say that kube-router is picking up steam! Big thanks to all the new users who are taking it for a spin and reporting bugs and showing us how they use kube-router's unique features. This release is a real doozy, and we look forward to the imminent beta release!
Notable Bug Fixes
d433fa5 Fix IPVS persistence flag (#160)
62900c7 NodePort service listens on all ip/interfaces in case of kube-proxy. Currently kube-router listens only on node IP. This fix introduces flag nodeport-bindon-all-ip with which you can have kube-proxy like behaviour. If not specified only nodeIP will be open for connections.
Enhancements
d6ea740 Dynamic gobgpd listener config, fix leaked listener (#156)
ca97d0d Adding ability to disable IP-in-IP tunnelining for cross node pod-to-pod connectivity where nodes are in different subnet. With tunneling disabled its expected that default gateway has learned the pod CIDR's allocated for all the nodes and can route the pod-to-pod traffic across nodes in different subnets
Other Commits
6ea240f Fix image refered in kubeadm daemonsets to release/latesr versions
f6a5e23 fixing gofmt, go_vet, gocyclo, golint errors
DaemonSet Upgrade Steps
image: cloudnativelabs/kube-router[:latest]
+ imagePullPolicy: Always
These are the default options in our manifests. In this scenario you just need to delete the pods so they are recreated. This will not interrupt cluster services/traffic.
kubectl -n kube-system delete pods -l k8s-app=kube-router
image: cloudnativelabs/kube-router:vX.X.X
If your image option is pinned to a specific version, you can upgrade using kubectl set image
.
kubectl -n kube-system set image ds/kube-router kube-router=cloudnativelabs/kube-router:v0.0.16
kubectl -n kube-system delete pods -l k8s-app=kube-router
image: cloudnativelabs/kube-router-git:master
Already running the latest version huh? We like your style.
Automated with GoReleaser
Built with go version go1.8.3 linux/amd64