Skip to content

Latest commit

 

History

History
132 lines (117 loc) · 13.1 KB

CHANGELOG-1.6.md

File metadata and controls

132 lines (117 loc) · 13.1 KB

Changelog 1.6

1.6.1 - 2022-05-11

Added

Fixed

  • Clean up stale routes installed by AntreaProxy when ProxyAll is disabled. (#3465, @hongliangl)
  • Fix export/import of Services with named ports when using the Antrea Multi-cluster feature. (#3561, @luolanzone)
  • Fix handling of the "reject" packets generated by the Antrea Agent to avoid infinite looping. (#3569, @GraysonWu)
  • Fix DNS resolution error of Antrea Agent on AKS by using ClusterFirst dnsPolicy. (#3701, @tnqn)
  • Fix tolerations for Pods running on control-plane for Kubernetes >= 1.24. (#3731, @xliuxu)
  • Reduce permissions of Antrea Agent ServiceAccount. (#3691, @xliuxu)
  • [Windows] Ensure that Service traffic does not bypass NetworkPolicies when ProxyAll is enabled. (#3510, @hongliangl)
  • Fix Antrea wildcard FQDN NetworkPolicies not working when NodeLocal DNSCache is enabled. (#3510, @hongliangl)

1.6.0 - 2022-03-29

  • The Egress feature is graduated from Alpha to Beta and is therefore enabled by default.
  • The support for proxying all Service traffic by Antrea Proxy (enabled by antreaProxy.proxyAll) is now Beta.

Added

Changed

  • Remove all legacy (*.antrea.tanzu.vmware.com) APIs. (#3299, @antoninbas)
  • Remove Kind-specific manifest and scripts. Antrea now uses OVS kernel datapath for Kind clusters. (#3413, @antoninbas)
  • [Windows] Use uplink MAC as source MAC when transmitting packets to underlay network from Windows Nodes. Therefore, MAC address spoofing configuration like "Forged transmits" in VMware vSphere doesn't need to be enabled. (#3516, @wenyingd)
  • Add an agent config parameter "enableBridgingMode" for enabling flexible IPAM (bridging mode). (#3297 #3365, @jianjuns)
  • Use iptables-wrapper in Antrea container to support distros that runs iptables in "nft" mode. (#3276, @antoninbas)
  • Install CNI configuration files after installing CNI binaries to support container runtime cri-o. (#3154, @tnqn)
  • Upgrade packaged Whereabouts version to v0.5.1. (#3511, @antoninbas)
  • Upgrade to go-ipfix v0.5.12. (#3352, @yanjunz97)
  • Upgrade Kustomize from v3.8.8 to v4.4.1 to fix Cronjob patching bugs. (#3402, @yanjunz97)
  • Fail in Agent initialization if GRE tunnel type is used with IPv6. (#3156, @antoninbas)
  • Refactor the OpenFlow pipeline for future extensibility. (#3058, @hongliangl)
  • Validate IP ranges of IPPool for Antrea IPAM. (#2995, @ksamoray)
  • Validate protocol in the CRD schema of Antrea-native policies. (#3342, @KMAnju-2021)
  • Validate labels in the CRD schema of Antrea-native policies and ClusterGroup. (#3331, @GraysonWu)
  • Reduce permissions of Antrea ServiceAccounts. (#3393, @tnqn)
  • Remove --k8s-1.15 flag from hack/generate-manifest.sh. (#3350, @antoninbas)
  • Remove unnecessary CRDs and RBAC rules from Multi-cluster manifest. (#3491, @luolanzone)
  • Update label and image repo of antrea-mc-controller to be consistent with antrea-controller and antrea-agent. (#3266 #3466, @luolanzone)
  • Add clusterID annotation to ServiceExport/Import resources. (#3359, @luolanzone)
  • Do not log error when Service for Endpoints is not found to avoid log spam. (#3256, @tnqn)
  • Ignore Services of type ExternalName for NodePortLocal feature. (#3114, @antoninbas)
  • Add powershell command replacement in the Antrea Windows documentation. (#3264, @GraysonWu)

Fixed

  • Add userspace ARP/NDP responders to fix Egress and ServiceExternalIP support for IPv6 clusters. (#3318, @hty690)
  • Fix incorrect results by antctl get networkpolicy when both Pod and Namespace are specified. (#3499, @Dyanngg)
  • Fix IP leak issue when AntreaIPAM is enabled. (#3314, @gran-vmv)
  • Fix error when dumping OVS flows for a NetworkPolicy via antctl get ovsflows. (#3335, @jainpulkit22)
  • Fix IPsec encryption for IPv6 overlays. (#3155, @antoninbas)
  • Add ignored interfaces names when getting interface by IP to fix NetworkPolicyOnly mode in AKE. (#3219, @wenyingd)
  • Fix duplicate IP case for NetworkPolicy. (#3467, @tnqn)
  • Don't delete the routes which are added for the peer IPv6 gateways on Agent startup. (#3336 #3490, @Jexf @xliuxu)
  • Fix pkt mark conflict between HostLocalSourceMark and SNATIPMark. (#3430, @tnqn)
  • Unconditionally sync CA cert for Controller webhooks to fix Egress support when AntreaPolicy is disabled. (#3421, @antoninbas)
  • Fix inability to access NodePort in particular cases. (#3371, @hongliangl)
  • Fix ipBlocks referenced in nested ClusterGroup not processed correctly. (#3383, @Dyanngg)
  • Realize Egress for a Pod as soon as its network is created. (#3360, @tnqn)
  • Fix NodePort/LoadBalancer issue when proxyAll is enabled. (#3295, @hongliangl)
  • Do not panic when processing a PacketIn message for a denied connection. (#3447, @antoninbas)
  • Fix CT mark matching without range in flow exporter. (#3348, @hongliangl)
  • [Windows] Enable IP forwarding of the Windows bridge local interface to fix support for Service of type LoadBalancer. (#3137, @hongliangl)